apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: mygateway spec: selector: istio: ingressgateway # use istio default controller servers: - port: number: 443 name: https protocol: HTTPS hosts: - host-a.example.com tls: mode: SIMPLE credentialName: istio-ingressgateway-certs-tls
kind: VirtualService metadata: name: myapp spec: hosts: - host-a.example.com gateways: - my-istio-system/my-gateway http: - name: myapp match: - uri: prefix: /fancy route: - destination: host: myapp # must match service port: number: 80
Service Endpoints and Deployment of application is implemented accodingly and imho not relevant for this question, since the issue occurs at istio ingress gateway.
I have a second host/domain host-b.example.com with another pod which is rigjht now not part of the mesh. (see gateway definition)
Idea of the test is to make sure that requests to domain (example.com) for either applications. e.g.host-a within and host-b outside of the mesh are properly routed.
My setup is running on openshift and I tested directly against the router pods and external lb.
What I observe:
HTTP Response: 404 (from curl) when I access host-b
istio system Ingress gateway logs: 404 NR route_not_found, for some reason istio tries to route requests for host-b to host-a
What I expect: