I’m trying to launch a fresh cluster in a manner that will let me bring up it via CI, without a whole lot of patching. I’ve found that disabling the ingress gateway entirely and creating a custom one works but ends up with a lot of info level messages in the istiod logs. If I can customize the ingressgateway a little further, that would make this work. (The 1.5 release announcement mentioned something about CI but I believe it also said it wasn’t documented yet or wasn’t well documented…)
The end result of what I’m trying to do would look like this:
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: ingressgateway
namespace: istio-system
labels:
release: istio
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- '*'
port:
name: http
number: 80
protocol: HTTP
- hosts:
- '*'
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: istio-ingressgateway-certs
mode: SIMPLE
privateKey: sds
serverCertificate: sds
- hosts:
- '*'
port:
name: grpc
number: 8081
protocol: GRPC
I’ve tried mucking around with the IstioControlPlane resource but no luck. I assume I’m just missing something.