kubernetes-dashboard exposing through istio [1.0.0] ingress --istio-ingressgateway

1
votes

I have configured istio ingress with lets encrypt certificate. I am able to access different service on https which are running on different port by using gateways and virtualservice.

But kubernetes-dashboard run on 443 port in kube-system namespace and with its own certificate, How i can expose it through istio gateways and virtualservice.

I have defined sub domain for dashboard and created gateways,virtualservice and it was directing 443 trafic to kuberentes dashboard service , but its not working.

for https virtual service config i have taken reference from for istio doc

1
kubernetesistiokubernetes-dashboard

1 Answers

5
votes

It sounds like you want to configure an ingress gateway to perform SNI passthrough instead of TLS termination. You can do this by setting the tls mode in your Gateway configuration to PASSTHROUGH something like this:

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: dashboard
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 443
      name: https-dashboard
      protocol: HTTPS
    tls:
      mode: PASSTHROUGH
    hosts:
    - dashboard.example.com

A complete passthrough example can be found here.