I have the following endpoint docker.example.com which works fine - reachable (with ssl termination / sni).
Now I want that if an internal container calls docker.example.com that it won’t resolve the external ip address but rather directly the internal service ip from the istio-ingressgateway service (for valid tls termination). I tried it with a simple Virtual Service like
apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: harbor-core-internal spec: hosts: - docker.example.com http: - route: - destination: host: istio-ingressgateway.istio-system.svc.cluster.local
but this does not work. It still resolves the external ip. Any ideas?
Thanks a lot
I did this with another service - not directly to
istio-ingressgateway and no tls/ssl this works.