How to create private(internal) ingressgateway with AKS


Our company only uses private internal traffic and by default Istio creates external ingress gateway. How to configure this to use an internal(private) ip address for the ingress gateway with AKS


You need to add the AKS annotation for a internal load balancer to the istio-ingressgateway Service:

helm template install/kubernetes/helm/istio --name istio --namespace istio-system --set gateways.istio-ingressgateway.serviceAnnotations.'service\.beta\.kubernetes\.io/azure-load-balancer-internal'="true" > aks-istio.yaml


Thank you, I will give it a try