We have several kubernetes clusters on AWS and we are in progress of moving to istio ingress gateway from nginx ingress controller.
But at the initial state we have to use both these gateways. Currently we are hosting nginx ingress gw on port 80 and 443 on worker nodes and network load balancer routing traffic.
But when we are using istio gateway it starts node port on 30000-32767 port range and with aws NLB we have to whitelist all host for these istio ports. So our security rule count will we double.
But since we have already reached to maximum aws security rule count for minions we can’t add any more.
Do you guys have any suggestion to use both istio ingress gateway and nginx ingress gateway with network load balancers without configuring security rules with duplicated hosts.
Due to this currently we are using classic load balancer to route istio traffic inside cluster.