I’m relatively new to Istio, and I’m currently dealing with a scenario that I find quite challenging. I have a single AKS cluster running with the latest version of Istio with multiple applications running. Some of these applications require a static outbound IP, which I’ve been achieving using Azure LoadBalancer, defining an outbound rule with the required IP and set up a specific backend pool for it.
However, the challenge arises when I need to allocate all these apps to nodes from this backend pool, especially when dealing with multiple scenarios and different IPs.
Given various other requirements, we decided to implement Istio and test multiple scenarios, one of which includes the ability to route the outbound flow through multiple egress controllers.
I’ve spent quite some time researching online to find examples of how to achieve this, but most of the available documentation and examples are based on known external domains that can be identified using ServiceEntry.
When I attempt to make it work with a Gateway tied to the egress controller and a VirtualService, I run into issues as it seems that the VirtualService doesn’t support host=[“*”] when the mesh is defined as a gateway.
I would greatly appreciate any assistance, insights, or ideas on how to address this complex case.
Thanks in advance.
I tried already to set ServiceEntry - without defined host (not allowed)
- DestinationRule defining subsets and targeting to the egress controller
- Gateway - defining host as *
- VirtualService - when adding the mesh as gateway, it is required to specify the host
Or Gateway - defining host as *
- VirtualService - when adding the mesh as gateway, it is required to specify the host On this case nothing gets routed to the gateway