You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The example in the book seems overly complicated and hacky compared to what's in the istio docs
The way specified by the docs is straightforward, if involved/possibly redundant:
set up a ServiceEntry for the external hostname
set up a(n Egress) Gateway exposing that same hostname
make a simple destination rule pointing to that gateway
have a VirtualService route traffic from sidecars (the mesh Gateway) to the Egress Gateway, and from the Egress Gateway to the external hostname.
The way that you guys have outlined in the book is honestly pretty byzantine in comparison:
make a ServiceEntry mapping the external hostname to istio-egressgateway as an endpoint
make a Gateway exposing the external hostname, which - as you note in the book! - sends requests in a loop
to fix this, have a VirtualService route traffic directed at the external hostname to an intermediate ("fake") hostname...
... which is provided for by yet another ServiceEntry that maps that internal hostname back to the external one that we were trying to reach in the first place.
I'm not sure if you guys were trying to prove a point w.r.t. the power of VirtualServices and Gateways, but if that were the case you should have prefaced it with way more language (hopefully diacritic-heavy for emphasis) indicating that this is not necessarily the recommended way of doing egress.
If I'm missing something incredibly basic, please tell me - otherwise, I feel like this is dangerously misleading and discouraging for readers!
The text was updated successfully, but these errors were encountered:
The example in the book seems overly complicated and hacky compared to what's in the istio docs
The way specified by the docs is straightforward, if involved/possibly redundant:
The way that you guys have outlined in the book is honestly pretty byzantine in comparison:
I'm not sure if you guys were trying to prove a point w.r.t. the power of VirtualServices and Gateways, but if that were the case you should have prefaced it with way more language (hopefully diacritic-heavy for emphasis) indicating that this is not necessarily the recommended way of doing egress.
If I'm missing something incredibly basic, please tell me - otherwise, I feel like this is dangerously misleading and discouraging for readers!
The text was updated successfully, but these errors were encountered: