You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi all, I have a query, hope this is clear. Current Setup I have done:
I successfully installed a private cluster ROSA. And I wanted to use the custom domain and so set up custom domain with the certs in OpenShift Cluster and then setup CloudFront in AWS.
This is the flow I have setup:-> The CloudFront (forwards http to https) -> external NLB (TLS 443 enabled)
-> Service Mesh gateway (setup with customdomain host)
-> route (TLS edge enabled, with termination as redirect, & routeSelector Label in metadata.label)
-> virtual service (same cus.dom host, with destination host to my appln service)
-> destination rule -> appln service -> appln pod
Note: Though custom domain was setup, the requests were routing via both custom domain & default route thats created during ROSA installation, so I used a routeSelector for the custom domain and used updated default to use only if the environment doesnt match it shall serve request. And so defined the same key value in the route created via gateway creation for Istio.
Issue I am facing:
when using the default route for connecting via Istio, am getting response from my application.
But when I try to use the custom domain as host in gateway & vs am getting error from CloudFront stating the URL has been moved. (301 error).
Kiali graph isn't showing up the connection for some reason. But seeing a green tick for the Gw/vs & DR created.
How to debug the network error and is the setup correct? I'm expecting the Istio to work with custom domain.
If anyone knows how ServiceMesh Istio can be setup in ROSA with customdomain, let me know. Would appreciate the help.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi all, I have a query, hope this is clear. Current Setup I have done:
I successfully installed a private cluster ROSA. And I wanted to use the custom domain and so set up custom domain with the certs in OpenShift Cluster and then setup CloudFront in AWS.
This is the flow I have setup:-> The CloudFront (forwards http to https) -> external NLB (TLS 443 enabled)
-> internal NLB (TCP 443& 80 enabled) -> OpenShift ingress pods
-> Service Mesh gateway (setup with customdomain host)
-> route (TLS edge enabled, with termination as redirect, & routeSelector Label in metadata.label)
-> virtual service (same cus.dom host, with destination host to my appln service)
-> destination rule -> appln service -> appln pod
Note: Though custom domain was setup, the requests were routing via both custom domain & default route thats created during ROSA installation, so I used a routeSelector for the custom domain and used updated default to use only if the environment doesnt match it shall serve request. And so defined the same key value in the route created via gateway creation for Istio.
Issue I am facing:
when using the default route for connecting via Istio, am getting response from my application.
But when I try to use the custom domain as host in gateway & vs am getting error from CloudFront stating the URL has been moved. (301 error).
Kiali graph isn't showing up the connection for some reason. But seeing a green tick for the Gw/vs & DR created.
How to debug the network error and is the setup correct? I'm expecting the Istio to work with custom domain.
If anyone knows how ServiceMesh Istio can be setup in ROSA with customdomain, let me know. Would appreciate the help.
Beta Was this translation helpful? Give feedback.
All reactions