I think your question is sufficiently unique that it warrants a new thread on its own. I can see why you might not want to pay extra for a Load Balancer. If it can be done via NodePort safely, I don’t want to pay extra either. The LoadBalancer from the example above was created automatically at the first step, so I went with it. This issue, with Cert-Manager took me about 3 days of trial, error and investigation to resolve. In the process, I did come across some references that might help you.
From here: https://istio.io/docs/setup/getting-started/
“If your cluster is running in an environment that does not support an external load balancer (e.g., minikube), the
istio-ingressgateway will say
<pending> . To access the gateway, use the service’s
NodePort , or use port-forwarding instead.”
In the above reference to “the service” I assume the author must mean the “istio-ingressgateway”. I also assume that by “use” they mean “expose”, which you can find instructions for here:
Which lists the command:
kubectl expose deployment hello-world --type=LoadBalancer --name=my-service
Where of course you would use NodePort instead of LoadBalancer and istio-ingressgateway as required for the other two parameters, not hello-world and/or my-service, although I’m not exactly sure which here.
Good luck in your journey.