Is connection between ALB and Gateway encrypted if TLS termination is done on ALB?
I am deploying Istio into AWS EKS (Istio 1.0.5, Kubernetes 1.11) and trying to follow advises in https://github.com/istio/istio/issues/6566
Confused by advise “PS: If you are doing SSL Termination with Amazon ELB, the protocol for port 443 should be HTTP, not HTTPS.”
It works and responds fine if I am using HTTP protocol in Gateway, following the advise:
- port: number: 443 name: https protocol: HTTP hosts: - test-service-*****.com
But it looks like message between ALB and Gateway is a plain http in this case. It looks confusing.
Is it a correct approach?
Certificate has been attached under my AWS load balancer
Annotations is added into istio-ingressgateway
annotations: service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:iam::****/my- company-com-crt" service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http" service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https"