This guide here https://istio.io/docs/examples/mesh-expansion/multi-network/ shows that I need to run
helm template install/kubernetes/helm/istio --name istio --namespace istio-system \
-f https://github.com/irisdingbj/meshExpansion/blob/b3f6145590e97dd0f2a3c8b0adda654b63933b02/values-istio-meshexpansion-gateways.yaml \ > $HOME/istio-mesh-expansion-gatways.yaml
(Which doesn’t work by itself/I ned to provide the raw endpoint for it)
Which references:
However, when I do this, I have no guide on how to setup a root ca/steps needed to pass this to istio so citadel doesn’t go in a crash loop because it can’t find the certs required to start.
Effors to proceed without this leave me with succes with sudo node_agent but failure in the istio proxy on the vm.
2019-11-09 22:15:42.854][1765][warning][config] [bazel-out/k8-opt/bin/external/envoy/source/common/config/_virtual_includes/grpc_stream_lib/common/config/grpc_stream.h:87] gRPC config stream closed: 14, no healthy upstream
[2019-11-09 22:15:42.854][1765][warning][config] [bazel-out/k8-opt/bin/external/envoy/source/common/config/_virtual_includes/grpc_stream_lib/common/config/grpc_stream.h:50] Unable to establish new stream