如何配置由 istio 运营商管理的入口网关 TLS(使用 kind:IstioOperator)。我没有看到包含的正常网关规格。
文档中的示例:
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
profile: default
hub: gcr.io/istio-testing
tag: latest
revision: 1-8-0
meshConfig:
accessLogFile: /dev/stdout
enableTracing: true
components:
egressGateways:
- name: istio-egressgateway
enabled: true
https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#GatewaySpec
要获得网关部署的 tls 设置,您需要创建自己的网关对象(不是 ingress-gateway,只是网关),您可能想要这样: https ://istio.io/latest/docs/tasks/traffic-management /ingress/secure-ingress/#configure-a-tls-ingress-gateway-for-a-single-host
要从操作员操作入口网关,您可以使用k8s入口网关下的字段
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
profile: default
hub: gcr.io/istio-testing
tag: latest
revision: 1-8-0
meshConfig:
accessLogFile: /dev/stdout
enableTracing: true
components:
egressGateways:
- name: istio-egressgateway
enabled: true
ingressGateways:
- name: istio-ingressgateway
enabled: true
namespace: istio-system
k8s:
<field: value>
https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#GatewaySpec
https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec