Hi, reviving this topic as it never received responses - and I’m seeing the exact same behavior with a similar setup.
I can also say that this setup does allow other services in my cluster to reach my (in this example) foo-service with grpc requests. But same as above, calls from outside the cluster all return GRPC Unimplemented.
When outside the cluster, I’m hitting a Cloud DNS record that is mapped to the IP of the istio-ingressgateway Load Balancer, on port 80. (was planning on figuring out security once getting the basics working)
Here’s what I’ve got:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: foo-service
name: foo-service
namespace: foo-service
spec:
replicas: 1
selector:
matchLabels:
app: foo-service
template:
metadata:
labels:
app: foo-service
spec:
containers:
- image: {{ .Image }}
name: foo-service
envFrom:
- secretRef:
name: foo-service-env
ports:
- containerPort: 80
apiVersion: v1
kind: Service
metadata:
name: foo-service
namespace: foo-service
spec:
ports:
- port: 80
protocol: TCP
name: grpc
selector:
app: foo-service
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: foo-service-gateway
namespace: foo-service
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: grpc
protocol: GRPC
hosts:
- "*"
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: foo-service-ingress
namespace: foo-service
spec:
hosts:
- "*"
gateways:
- foo-service-gateway
http:
- route:
- destination:
host: foo-service.foo-service.svc.cluster.local
port:
number: 80
Any info or debugging help would be much appreciated!