Hello, here is what I have:
- Incoming https traffic at port 443 to my host (myhost.com),
- Incoming tcp traffic also at port 443 (some other protocol, not http/https).
I want all http/https traffic routd to service A and all other tcp to service B. Is that possible?
I tried the following config:
For Gateway:
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: my-gateway
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http-ui
protocol: HTTP
hosts:
- "dns1.mydomain.com"
tls:
httpsRedirect: true
- port:
number: 443
name: https-ui
protocol: HTTPS
tls:
mode: SIMPLE
credentialName: mytlscredential
hosts:
- "dns1.mydomain.com"
- port:
number: 443
name: tcp-other
protocol: tcp
hosts:
- "*"
Virtual service 1 for (http/https):
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: myvs1
spec:
hosts:
- "dns1.mydomain.com"
gateways:
- my-gateway
http:
- match:
- uri:
prefix: /
route:
- destination:
host: serviceA.default.svc.cluster.local
port:
number: 443
VirtualService 2 (for tcp):
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: vs2-server
spec:
hosts:
- "*"
gateways:
- my-gateway
tcp:
- match:
- port: 443
route:
- destination:
host: serviceB.default.svc.cluster.local
port:
number: 443
This is not working… any ideas? Is there a way to give priority to rules? I want to avoid another load balance and the port needs to be 443, I cant change that. Appreciate your attention