Comparing different Ingress Controller to call control traffic to my AKS private cluster.
Using the Istio Ingress Controller, I am quite a difficulty to have logs on rewrite events to external service.
I do see in the documentation that I need to a sidecar on the nod in order to retrieve the Envoy Access Log, but what about External Service…
I am using the istioctl operator in order to deploy the Ingress Controller, I also did add the
spec:
meshConfig:
accesslLogFile: /dev/stdout
Even by addig the meshConfig in the operator values, I can’t see the logs of the Rewrite on an external service.
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: external-svc
namespace: istio-system
spec:
hosts:
- my.domain.com
location: MESH_EXTERNAL
ports:
- number: 443
name: https
protocol: HTTPS
resolution: DNS
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: vs-concourse
namespace: istio-system
spec:
hosts:
- my.ic.fqdn.com
gateways:
- ingressgateway
http:
- match:
- uri:
exact: /webhooks
rewrite:
uri: /api/v1/info
route:
- destination:
host: my.domain.com
I am comparing the Istio vs openSource NGINX … I would like to use Istio since the Open Source version does support JWT Authentication.
Thanks,
Ref: