Hello all! I have a problem that i’m facing for about one week and i just can’t figure it out.
Here is the thing:
0. I have an AKS (Azure) cluster with 3 nodes and Istio installed simply with istioctl install --set meshConfig.accessLogFile=/dev/stdout. Everything works good
kubernetes version 1.18.10 and istio version 1.8.0
- If i deploy bookinfo just like here everything works, i find the external IP for
istio-ingressgateway(type LoadBalancer) and i cancurl <EXTERNAL_IP>/api/v1/productsor access it in my browser and everything works. - I’ve made a DNS entry in Azure for
book.example.com - <EXTERNAL_IP>and i can verify that it’s correct with dig/ping/host/etc. Also i’ve modified the gateway and the virtualservice for bookinfo like this:
diff --unified k8s-manual/istio/istio-demo-gateway.yaml k8s-manual/istio/test-gateway.yaml
--- k8s-manual/istio/istio-demo-gateway.yaml 2020-12-10 15:18:35.000000000 +0200
+++ k8s-manual/istio/test-gateway.yaml 2021-01-12 22:10:47.000000000 +0200
@@ -11,7 +11,7 @@
name: http
protocol: HTTP
hosts:
- - "*"
+ - book.example.com
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
@@ -19,7 +19,7 @@
name: bookinfo
spec:
hosts:
- - "*"
+ - book.example.com
gateways:
- bookinfo-gateway
http:
In short, everything that i’ve changed is the host info.
Now if i test with curl, everything works:
curl book.example.com/api/v1/products
[{"id": 0, "title": "The Comedy of Errors", "descriptionHtml": "<a href=\"https://en.wikipedia.org/wiki/The_Comedy_of_Errors\">Wikipedia Summary</a>: The Comedy of Errors is one of <b>William Shakespeare's</b> early plays. It is his shortest and one of his most farcical comedies, with a major part of the humour coming from slapstick and mistaken identity, in addition to puns and word play."}]
I can even see the the access logs from istio-proxy:
kubectl logs -f productpage-v1-6987489c74-6td6v -c istio-proxy
[2021-01-12T20:35:11.100Z] "GET /api/v1/products HTTP/1.1" 200 - "-" 0 395 2 1 "10.10.0.4" "curl/7.64.1" "baa2e80b-2227-4707-8a1e-98abffb06616" "book.example.com" "127.0.0.1:9080" inbound|9080|| 127.0.0.1:35354 10.10.0.127:9080 10.10.0.4:0 outbound_.9080_._.productpage.default.svc.cluster.local default
But if i enter this url in my browser i get book.example.com took too long to respond.
Istio-proxy logs are empty, the request does not even gets to it.
I’ve tried multiple browsers on my laptop, from my phone and even with online page checkers. It does not work and it’s killing me.
What can i do? What am i doing wrong?