i have been on this implementation for a few days now and for the life of me i cannot solve the issue and i am running out of ideas and knowledge, without talking about the level of frustration.
i am using azure api management for my apis. and i have 2 operations as follow:
- and api that is set on this path:
https://my-api.azure-api.net/apand have 1 Operation (GET: /) in the frontend and the backend is forwarded to kubernetes internal pod on this url (my-kubernetes.example.com) - and api that is set on this path:
https://my-api.azure-api.net/apaksand have 1 Operation (GET: /template/{Id}/languages) in the frontend and the backend is forwarded to kubernetes internal pod on this url (my-kubernetes.example.com)
the above is the apim configuration. While in istio i have the following yaml files:
ap/aks ingress:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: apaks-ingress
spec:
ingressClassName: istio
rules:
- host: my-kubernetes.example.com
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: apaks
port:
number: 80
tls:
- hosts:
- my-kubernetes.example.com
secretName: api-istio-cert
apaks virtual service:
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: apaks
namespace: default
spec:
hosts:
- "*"
gateways:
- istio-system/api
http:
- match:
- uri:
prefix: /apaks
rewrite:
uri: /template/{Id}/languages
route:
- destination:
host: apaks.default.svc.cluster.local
port:
number: 80
headers:
request:
add:
x-ms-client-principal-id: "2d85462-b043-5264-adac-3b1061b19eb7"
and apaks destination rule:
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: apaks-destination
namespace: default
spec:
host: apaks.default.svc.cluster.local
trafficPolicy:
tls:
mode: ISTIO_MUTUAL
while for the second api i have a similar implamations
ap ingress:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ap-ingress
spec:
ingressClassName: istio
rules:
- host: my-kubernetes.example.com
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: ap
port:
number: 80
tls:
- hosts:
- my-kubernetes.example.com
secretName: api-istio-cert
ap virtual service
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: ap
namespace: default
spec:
hosts:
- "*"
gateways:
- istio-system/api
http:
- match:
- uri:
prefix: /ap
rewrite:
uri: /
route:
- destination:
host: ap.default.svc.cluster.local
port:
number: 80
headers:
request:
add:
x-ms-client-principal-id: "2d85462-b043-5264-adac-3b1061b19eb7"
and ap destination rule:
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: ap-destination
namespace: default
spec:
host: ap.default.svc.cluster.local
trafficPolicy:
tls:
mode: ISTIO_MUTUAL
both application (svc) respond on the root path /.
if i apply the apaks alone, i am able to hit on the url
https://my-api.azure-api.net/apaks/template/{Id}/languages
and get back a 200 OK, all good so far.
but if i try to apply the ap yaml, the apks stops working with a 404 and also the /ap respond with a 404.
So my frustration lead me here with the following question:
In a scenario where i have multiple services that respond only on / how can i configure istio to route the traffic correctly to the right destination?
Thank you so much for anyone who can help me out with this and lift this weight, i am totally lost and confused..did i said already frustrated?
If you need anymore details please do not hesitate to ask