Hi everyone.
I am currently trying to implement an Egress Gateway to access the database.
I have applied the file shown below, but I don’t know how to keep track of whether it is working or not.
Also, as I tell the code to use the EgressGateway and not the url I have to access my database directly.
In the same way is this file well configured?
Thank you so much.
Egress Gateway yaml:
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: servicios-entrada
spec:
hosts:
- url database
ports:
- number: 443
name: https
protocol: HTTPS
- number: 80
name: http
protocol: HTTP
resolution: DNS
location: MESH_EXTERNAL
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: istio-egressgateway
spec:
selector:
istio: egressgateway
servers:
- port:
number: 443
name: tls-mssql
protocol: TLS
hosts:
- url database
tls:
mode: SIMPLE
serverCertificate: /etc/istio/egressgateway-certs/cert.crt
privateKey: /etc/istio/egressgateway-certs/cert.key
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: egressgateway-for-mssql
spec:
host: istio-egressgateway.istio-system.svc.cluster.local
subsets:
- name: mssql
trafficPolicy:
loadBalancer:
simple: ROUND_ROBIN
portLevelSettings:
- port:
number: 443
tls:
mode: ISTIO_MUTUAL
sni: url database
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: direct-mssql-through-egress-gateway
spec:
hosts:
- url database
gateways:
- mesh
- istio-egressgateway
tls:
- match:
- gateways:
- mesh
port: 443
sni_hosts:
- url database
route:
- destination:
host: istio-egressgateway.istio-system.svc.cluster.local
subset: mssql
port:
number: 443
tcp:
- match:
- gateways:
- istio-egressgateway
port: 443
route:
- destination:
host: url database
port:
number: 443
weight: 100