What is the appropriate way to limit requests based on the request http port?
I have an ingress gateway configured with virtual host matching on port 8080:
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: itaapp-gateway
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 8080
name: http
protocol: HTTP
hosts:
- "itaapp.example.com"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: itaapp
spec:
hosts:
- "itaapp.example.com"
gateways:
- itaapp-gateway
http:
- match:
- port: 8080
- uri:
prefix: /itaapp
route:
- destination:
host: itaapp
port:
number: 8080
results in requests being possible from (note 7070 not 8080):
curl -HHost:itaapp.example.com:7070 http://172.16.112.183:32095/itaapp/home.html
I am running:
minikube version: v1.13.0
istioctl version
client version: 1.7.2
control plane version: 1.7.2
data plane version: 1.7.2 (2 proxies)
kubectl version
Client Version: version.Info{Major:“1”, Minor:“19”, GitVersion:“v1.19.2”, GitCommit:“f5743093fd1c663cb0cbc89748f730662345d44d”, GitTreeState:“clean”, BuildDate:“2020-09-16T13:41:02Z”, GoVersion:“go1.15”, Compiler:“gc”, Platform:“darwin/amd64”}
Server Version: version.Info{Major:“1”, Minor:“19”, GitVersion:“v1.19.0”, GitCommit:“e19964183377d0ec2052d1f1fa930c4d7575bd50”, GitTreeState:“clean”, BuildDate:“2020-08-26T14:23:04Z”, GoVersion:“go1.15”, Compiler:“gc”, Platform:“linux/amd64”}
Many thanks