Istio Ingress + K8s Ingress Load Balancer Patterns


Right now I’m running istio on EKS and would like to use k8s ingress/service load balancers (A/N/ELBs) for TLS termination via AWS Certificate Manager. I don’t want to use istio for TLS termination, since I don’t want manage my own certificates and AWS can manage the certificates for me. I would like to use istio ingress gateways to control ingress to the service mesh.

Given the above I’m wondering what the best practices are around using both kubernetes and istio ingress are? Is it best for each service to have their own ingress gateway or for there to be a single ingress gateway for the service mesh? If it is to have a single ingress gateway is there a way to have multiple service load balancers point to a single ingress gateway, I couldn’t find a way since the ingress gatway itself is a service and there can only be one service load balancer pointing to it, in which case I need to have all my services exposed through that one service load balancer?

Thanks for any advice

Any help here would be appreciated.