Hi there,
I’m trying to deploy Istio v1.10.2 on AWS EKS 1.20 using Iistioctl operator under a default profile. The manifest was generated using “istioctl profile dump default” – Everything works as expected but for the internal ingress whereby it is failing to route internally on target port 8080, again it’s failing when I try to route both 80 and 443 traffic on target port 8080. But it works if I do on just port either 80 or 443. When I try to do both, it fails with the following errors logged in Istio operator POD logs:
✘ Ingress gateways encountered an error: failed to update resource with server-side apply for obj Deployment/istio-system/istio-internal-ingressgateway: failed to create typed patch object: .spec.template.spec.containers[name="istio-proxy"].ports: duplicate entries for key [containerPort=8080,protocol="TCP"]
Here is an excerpt from the manifest YAML file:
service:
loadBalancerSourceRanges:
- 10.0.0.0/8 # all of internal AWS Internal range
type: LoadBalancer
selector:
app: istio-internal-ingressgateway
istio: internal-ingressgateway
env: dev
ports:
- name: https
port: 443
targetPort: 8080
- name: http
port: 80
targetPort: 8080
BTW, this configuration worked just fine on Istio v1.8. Appreciate if you anyone has any thoughts or insights on this issue…Thank you folks for your time & help in advance. Have a good one!
V