I’ve been trying to setup my k8s service to work with this combo with no luck so far.
At a high level I’m defining a k8s service and k8s deployment components. Then, I’m defining an Istio’s Gateway and an Istio’s VirtualService with a route to my k8s service.
Ambassador annotations have been added to first the Gateway and then to the VirtualService with no luck.
The first question I want to post at this point is if this is the correct ‘topology’? As I understand it the flow should be something like this:
Ambassador ELB–> Istio Gateway–> Istio VirtualService --> k8s Service.
Any pointers will be greatly appreciated.
Thanks!
Not sure about the topology. Also not sure you need Ambassador at all if you use Istio too. You might want to try first without Ambassador and see if you can access the service. If you just want to see more of whats going on at the gateway here are some alias that might help
alias igpf=‘kubectl -n istio-system port-forward $(kubectl -n istio-system get pods -listio=ingressgateway -o=jsonpath="{.items[0].metadata.name}") 15000’
alias iroutes=‘curl --silent http://localhost:15000/config_dump | jq ‘’’.configs.routes.dynamic_route_configs.route_config.virtual_hosts|{name: .name, domains: .domains, route: .routes.match.prefix}’’’’
alias iroutes=‘curl --silent http://localhost:15000/config_dump | jq ‘’’.configs.routes.dynamic_route_configs.route_config.virtual_hosts|{name: .name, domains: .domains, route: .routes.match.prefix}’’’’
alias igl=‘kubectl -n istio-system logs $(kubectl -n istio-system get pods -listio=ingressgateway -o=jsonpath="{.items[0].metadata.name}") --tail=300’
alias ipl=‘kubectl -n istio-system logs $(kubectl -n istio-system get pods -listio=pilot -o=jsonpath="{.items[0].metadata.name}") discovery --tail=300’
You might try it first with the demo booklist app which ships with Istio and see if you can reach its services before rolling out your own.