New installation with istio 1.5.1 just does not work

I’ve created a fresh new AKS cluster in Azure and installed Istio 1.5.1.

We need to have our services with Ingress ressources provided, so I have to use Istio with SDS and CertManager to get everthing up and running.

I used this installation on a clean AKS: https://istio.io/docs/tasks/traffic-management/ingress/ingress-certmgr/

And it is just not working. Everthing is running in the cluster, everthing is patched with correct IP and DNS addresses but the Traffic just don’t go to Istio.

Every curl directly on the main FQDN is not coming back. When I enable debug Logging I can’t see any traffic running to the Istio Ingress Gateway. When I do this in another Pod I can access at least port 80.

I really don’t get it. Does somebody has a second maybe via Zoom to verify this installation? … I did really nothing special.

Steps:

  • istioctl manifest apply --set values.gateways.istio-ingressgateway.sds.enabled=true --set values.global.k8sIngress.enabled=true --set values.global.k8sIngress.enableHttps=true --set values.global.k8sIngress.gatewayName=ingressgateway
  • kubectl -n istio-system patch gateway istio-autogenerated-k8s-ingress --type=json -p=’[{“op”: “replace”, “path”: “/spec/servers/1/tls”, “value”: {“credentialName”: “ingress-cert”, “mode”: “SIMPLE”, “privateKey”: “sds”, “serverCertificate”: “sds”}}]’

Thats it.