Created a tcp/2347 port based gateway and this port is not reachable.
According to link (https://istio.io/latest/docs/reference/config/analysis/ist0104/), do I need to add port 2347 during istio installation only?
This tcp/2347 can not be added at run time (post istio installation) using istio resource Gateway/ VirtualService?
create a tcp-echo2 server, gateway, virtual service (tcp-echo-server.yaml is attached)
$ kubectl -n tcp create -f tcp-echo-server.yaml
ingress gateway pod is listing on port tcp/2347
$ netstat -nlt |grep 2347
tcp 0 0 0.0.0.0:2347 0.0.0.0:* LISTEN
istio analyse is giving below warning
$ istioctl analyze -n tcp
Warning [IST0104] (Gateway tcp-echo2-gateway.tcp) The gateway refers to a port that is not exposed on the workload (pod selector istio=ingressgateway; port 2347)
$
port is not reachable via ingressgateway service
$ nc istio-ingressgateway.istio-system.svc.cluster.local 2347
Ncat: Connection timed out.
$
istioctl pc listener -n istio-system (kubectl get pods -n istio-system -l app=istio-ingressgateway -o jsonpath=’{.items…metadata.name}’)
ADDRESS PORT MATCH DESTINATION
0.0.0.0 2345 ALL Cluster: outbound|2345||tcpserver.sdlnw.svc.cluster.local
0.0.0.0 2347 ALL Cluster: outbound|2347||tcpserver2.sdlnw.svc.cluster.local
0.0.0.0 15021 ALL Inline Route: /healthz/ready*
0.0.0.0 15090 ALL Inline Route: /stats/prometheus*