How to create private(internal) ingressgateway with AKS


#1

Our company only uses private internal traffic and by default Istio creates external ingress gateway. How to configure this to use an internal(private) ip address for the ingress gateway with AKS


#2

You need to add the AKS annotation for a internal load balancer to the istio-ingressgateway Service:

helm template install/kubernetes/helm/istio --name istio --namespace istio-system --set gateways.istio-ingressgateway.serviceAnnotations.'service\.beta\.kubernetes\.io/azure-load-balancer-internal'="true" > aks-istio.yaml

#3

Thank you, I will give it a try