Istio Ingress for HA

How do I deploy Istio Ingress Gateway for HA? How many instances of Istio Ingress Gateway are required? Do they share the TLS termination keys or I add to each Istio Ingress gateway separately?

Hi Steven, IIRC by default the istio-ingressgateway is setup as a Deployment and configured to use the horizontal pod autoscaler as needed. You could certainly edit the Deployment to start more Pods by default. Regardless of the number of istio-ingressgateway Pods you have in your deployment, as long as you have a properly configured Gateway object, they will all share the TLS certificate information (or SDS settings, if that’s the route you’re using).