Need help to configure Ingress and other resources needed to a workload microservice HTTPS

shashinandan · February 13, 2021, 12:04pm

Hi,
I am trying to configure Istio Ingress to serve traffic from a container running tomcat (HTTPS). Below is the configuration I am trying, but not able to figure it out.
I get “503 TLSrror: Secret is not supplied by SDS” error. Any pointers to go about writing rules for a pod running HTTPS is much appreciated.

---

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: myapp-gateway
namespace: myappns
spec:
selector:
istio: myapp-ingressgateway
servers:

port:
number: 443
name: https
protocol: HTTPS
tls:
mode: SIMPLE
credentialName: myapp-certs
hosts:
- “myapp.example.com”
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: myapp
namespace: myappns
spec:
hosts:
“myapp.example.com”
gateways:
myapp-gateway
http:
match:
- uri:
  prefix: /
  route:
- destination:
  port:
  number: 8080
  host: myapp
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: myapp-destination-rule
namespace: myappns
spec:
host: myapp
trafficPolicy:
tls:
mode: SIMPLE
credentialName: myapp-certs

Thanks
Shashi

shashinandan · February 16, 2021, 7:36pm

I was able to use both Passthrough and TLS termination on gateway to access my https workload.

Above issue has details that I followed. If any needs help on this, please reply here. I can share my initial configs.

Topic		Replies	Views
Access a HTTPS service through istio ingress gateway	4	855	April 28, 2020
Ingress Gateway - Decrypt then send to a POD listening on https Security	3	1421	August 31, 2021
Istio ingress gateway with tls mode PASSTHROUGH Networking	1	2019	March 30, 2021
Trying to integrating Istio with Azure Keyvault	1	539	November 15, 2023
How To: Ingress Gateway + TLS Termination and Routing -> HTTPS Service Networking	1	1977	August 10, 2023

Need help to configure Ingress and other resources needed to a workload microservice HTTPS

Related topics