I've deployed the same app in k8s in two different namespaces: nsgreen
and nsblue
.
The desired outcome is to be able to access apps for both namespaces on port 80:
My gateway is created in the istio-system
namespace as follows:
### Gateway
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: mygateway
namespace: istio-system
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- myapp-blue.int.mydomain.com
port:
name: myapp-server-blue
number: 80
protocol: HTTP
- hosts:
- myapp.int.mydomain.com
port:
name: myapp-server
number: 80
protocol: HTTP
Virtual service for my-app in nsblue:
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: myapp-vs-blue
namespace: istio-system
spec:
gateways:
- mygateway
hosts:
- myapp-blue.int.mydomain.com
http:
- match:
- uri:
prefix: /
route:
- destination:
host: myapp-server-blue.nsblue.svc.cluster.local
port:
number: 8080
weight: 100
Virtual service for my app in nsgreen
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: myapp
namespace: istio-system
spec:
gateways:
- mygateway
hosts:
- myapp.int.mydomain.com
http:
- match:
- uri:
prefix: /
route:
- destination:
host: myapp-server.nsgreen.svc.cluster.local
port:
number: 8080
weight: 100
When accessing http://myapp.int.mydomain.com (nsgreen), port 80 seems to be working fine but in the case of myapp-blue (nsblue), I can only access it through port 8080 (http://myapp-blue.int.mydomain.com:8080) instead of 80.
Note: In case that matters, both namespaces have the label istio-injection=enabled
.
Can anyone shed some light on what's wrong with my yaml files to achieve the desired outcome above?