This message was deleted.
# service-mesh
a
This message was deleted.
r
I wouldn't expect service meshes to be like ingress controllers. An ingress controller is handed a list of routing rules (Ingress objects) based upon hostname, path, & occasionally port and sends all traffic from outside to the internal services (or pods) accordingly. A service mesh is usually going to be a sidecar to every pod in the scope (namespace I think usually) you apply it to and all traffic will go through the sidecar. This can allow inspection, encryption, authentication and/or authorization, logging, address translation, and probably other things that don't jump to mind. What specifically you have it do is up to you, though.
As a note, [Shift] + [Enter] will give you multiple lines in one message so replies would be to the whole conversation instead of just the one line.
Side note, I played with istio for half a day without success but didn't need it yet and left that job before I got back to it. So I know background but can't help you get it working unless your issue is conceptual.
a
Thanks bill. My issue was more that the istio ingress gateway was type node port. This is an on prem installation so I installed the first “bare metal” load balancer I could find (MetalLB). From there I changed the istio ingress controller to load balancer, it received an external ip (ip in the range of the nodes) and then was finally able to use it all. We do have actual physical load balancer a so I’m leaning to just using having the nodes be in the load balancer pool and point to the node port (high port). Just wanted to prove out the config of the gateway and virtual service in istio along with the istio ingress gateway (which is just a service).