Istio 1.9.1 running on AKS cluster. I have a deployment with a legacy TCP protocol. Exposed with a k8s load balancer it works fine. Then I tried to expose it using Istio and ran into issues, until I found https://stackoverflow.com/questions/64035040/unable-to-open-istio-ingress-gateway-for-grpc, and some other issues on this forum.
By manually editing the istio-ingressgateway it works. I am not “happy” about this solution as it requires manual work outside the automatic deployment, easy to forget.
The other suggested solution seems to be to include the ingressgateway configuration as a yaml to the deployment manually, or by dumping the current configuration and including it. This would be more atuomatic but I can imagine that a newer version of istio adds more features here which would then have to be added to the yaml. A fair chance it will break also.
Are these two the options that exists or are there others? Is there a best practice?