The documentation page for a server property of istio’s Gateway
says:
port - The Port on which the proxy should listen for incoming connections.
The questions…
- Which proxy? is this the istio-proxy side container on the target service/pod?
- Is the proxy referring the the istio’s ingress gateway controller? (istio-ingressgateway)
- Is port a logical port, and the creator of the CR can choose one as they like? Or is it tied to the ingress gateway port config?
For instance:
The gateway in the product info example of istio, out of the box, has the port set to 80, like so (modified the hosts property from '*' to foo.bar.com):
servers:
- hosts:
- foo.bar.com
port:
name: http
number: 80
protocol: HTTP
And this curl command works just fine:
[mzur@mzur-dt2 ~/tmp] (colossus_dev *)$ curl -H "Host: foo.bar.com" -v -s http://mzur-dt2.archivas.com:31628/productpage 1>/dev/null
* Trying 172.18.22.117...
* TCP_NODELAY set
* Connected to mzur-dt2.archivas.com (172.18.22.117) port 31628 (#0)
> GET /productpage HTTP/1.1
> Host: foo.bar.com
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 200 OK
< content-type: text/html; charset=utf-8
< content-length: 5179
< server: istio-envoy
< date: Thu, 21 May 2020 11:02:11 GMT
< x-envoy-upstream-service-time: 71
<
{ [5179 bytes data]
But changing the port on the gateway CR to 8080 (from 80) like so:
servers:
- hosts:
- foo.bar.com
port:
name: http
number: 8080
protocol: HTTP
the following curl command does not seem to work any more (expecting 200 but getting a 404):
curl -H "Host: foo.bar.com:8080" -v -s http://mzur-dt2.archivas.com:31628/productpage
* Trying 172.18.22.117...
* TCP_NODELAY set
* Connected to mzur-dt2.archivas.com (172.18.22.117) port 31628 (#0)
> GET /productpage HTTP/1.1
> Host: foo.bar.com:8080
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 404 Not Found
< date: Thu, 21 May 2020 10:59:26 GMT
< server: istio-envoy
< content-length: 0
<
* Connection #0 to host mzur-dt2.archivas.com left intact
