Istio 101 : Configuring an Istio Ingress Gateway

To secure traffic to our kubernetes cluster we use TLS in conjunction with the HHTP traffic.

To enable HTTPS for ingress traffic, we need to specify the correct private keys and certificates that the istio gateway should use.

The certificate is public key of the server application. This public key has to be signed by a certificate authority (CA)

We store the istio gateway's certificates in a kubernetes secret.

We can create the secret resource as follows:

The secret resides in the "istio-system" namespace, where our istio ingress gateway is.

Below is a simple diagram of our ingress gateway:

Below is the Yaml file of our ingress gateway:

We can create our gateway using the below command:

We could check if our gateway was created using the below command:

Leave as a comment:

IT hands-on