Configure GCLB & Istio 1.6

I installed Istio 1.6 on a private GKE cluster last week and it is working fine.

But i want to be able to use the HTTP(S) L7 load balancer from GCP, with container native load balancing, so I’m able to use Cloud Armour to protect my http/https endpoint ( the request doesn’t hit the kubernetes cluster and are blocked before).

I’m able to make it work for HTTPS only, with the following configuration :

Internet -> https -> GCLB ( https only ) -> istio-ingressgateway ( http )

But i want expose http and https protocol on Internet with a redirect from http to https. I though using httpsRedirect on the gateway, so it is managed by istio ( as the GCLB doesn’t have this feature ). But I am not able to make it work ( too many redirect error ).

Is there a way to do it ? and how ?

@Raphael have you found any way to achieve this.