2 years ago
#40375
RCoder
Unable to access bookinfo productpage Istio using external IP and custom domain
I have deployed Istio controlplane service on Openshift cluster, Deployed the book info application. Assigned external Ip to ingress service: oc -n testbed get svc
istio-egressgateway LoadBalancer 172.21.193.228 2471b4f9-us-east.lb.appdomain.cloud,10.40.1.8 80:31894/TCP,443:30662/TCP,15443:32043/TCP 37h
istio-ingressgateway LoadBalancer 172.21.240.99 9fa76ab7-us-east.lb.appdomain.cloud,10.40.1.9 15021:32453/TCP,80:30380/TCP,443:30519/TCP,15443:32361/TCP 37h
I deployed gateway as below :
kind: Gateway
metadata:
labels:
release: istio
name: custom-ingressgateway
namespace: testbed
resourceVersion: "36057065"
uid: f85e8a19-d433-4a42-ba37-9b5401b395e3
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- "ingress.qa.ipccpaas.com"
- "10.40.1.9"
- "*"
port:
name: http
number: 80
protocol: HTTP
Deployed the virtual service as below :
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: bookinfo
spec:
hosts:
- "10.40.1.9"
gateways:
- custom-ingressgateway
http:
- match:
- uri:
exact: /productpage
- uri:
prefix: /static
- uri:
exact: /login
- uri:
exact: /logout
- uri:
prefix: /api/v1/products
route:
- destination:
host: productpage
port:
number: 9080
The hosts in gateway and virtual service are matched , below is the route created for external ip :
oc -n testbed get routes
testbed-custom-ingressgateway-a9879f6b7f9bb51e 10.40.1.9 istio-ingressgateway http2 None
When I try to hit http://10.40.1.9/productpage from browser , its timing out. However if I ssh to any workernode and curl the http://10.40.1.9/productpage , it is working.
If I mention "hosts" as "*" in both gateway and virtual service and try to access with cloud provided LB endpoint , Im able too access applicatin from browser.
We are using VPN foor cloud, Do you thinks its VPC firewall issue or any wrong configuration on above istio ?
kubernetes
openshift
istio
svc
istio-gateway
0 Answers
Your Answer