Reputation: 694
How to configure an ingress gateway TLS which is managed by istio operator (using kind:IstioOperator) . I do not see the normal gateway specs included.
Example from documentation:
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
profile: default
hub: gcr.io/istio-testing
tag: latest
revision: 1-8-0
meshConfig:
accessLogFile: /dev/stdout
enableTracing: true
components:
egressGateways:
- name: istio-egressgateway
enabled: true
https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#GatewaySpec
Upvotes: 0
Views: 399
Reputation: 1058
To get to tls settings for a gateway deployment, you need to create your own Gateway object (not ingress-gateway, just Gateway), you probably want this: https://istio.io/latest/docs/tasks/traffic-management/ingress/secure-ingress/#configure-a-tls-ingress-gateway-for-a-single-host
To manipulate the ingress-gateways from operator, you can use the k8s
field under ingress-gateways
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
profile: default
hub: gcr.io/istio-testing
tag: latest
revision: 1-8-0
meshConfig:
accessLogFile: /dev/stdout
enableTracing: true
components:
egressGateways:
- name: istio-egressgateway
enabled: true
ingressGateways:
- name: istio-ingressgateway
enabled: true
namespace: istio-system
k8s:
<field: value>
https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#GatewaySpec
https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec
Upvotes: 2