How to access Istio Ingress Gateway when it has multiple replicas

Networking
1

Hi
Problem statement:
Below is a simple instance of an Istio Ingress Gateway (running on a single - node microkubernetes instance on my laptop). To access a endpoint (foo) , I have a couple of options that seem to work on my machine):

  1. http://10.152.183.157/foo

  2. http://:31380/foo (this is more “correct”, especially when accessing via an external load balancer)

    $ kubectl get svc -n istio-system
    .
    .
    .
    istio-ingressgateway LoadBalancer 10.152.183.157 80:31380/TCP,443:31390/TCP,31400:31400/TCP,15011:30239/TCP,8060:30518/TCP,853:32230/TCP,15030:31750/TCP,15031:30663/TCP 12d

Question:
In a multi-node system with multiple replicas of the Istio ingress Gateways would be spread across multiple machine nodes ,

  1. Does Istio have any mechanism to abstract all the Ingress gateways to a single endpoint ? i.e.
  2. What is the recommend access strategy for an external load balancer or even a user attempting to hit an endpoint?

Thanks

2

Multiple instances of Istio Ingress Gateway but a common service. The humble Kubernetes service is still the load balancer of choice in this situation.

2 Likes
3

Thanks, that makes sense - and works . Basically, I just increased the number of replicas in the deployment config and multiple istio ingress gateways were created across multiple pods. So that eliminates the ingress gateway as a point of failure. I have a follow up question but I’ll create a separate post for it.

Capture
Capture.PNG1263×484 197 KB