One more step: the example here now works.
I had an old destination rule that was overlapping with others I was installing…
Unfortunately, things start to do not work anymore when I try to do the TLS origination in the gateway, following the guide here.
When I curl from the sleep pod (my client) to my external service I always get a 503 UC as a reply.
Also, I’m trying to understand what each component is supposed to do in the tutorial. Can anybody please explain what this destination rule is supposed to do? I see it like something matching a subset and a host, but not really doing anything…
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: egressgateway-for-cnn
spec:
host: istio-egressgateway.istio-system.svc.cluster.local
subsets:
- name: cnn
Thanks again