Enable Automatic Route Creation

- By: Thomas Jungbauer ( Lastmod: 2021-08-14 )

Red Hat Service Mesh 1.1 allows you to enable a "Automatic Route Creation" which will take care about the routes for a specific Gateway. Instead of defining * for hosts, a list of domains can be defined. The Istio OpenShift Routing (ior) synchronizes the routes and creates them inside the Istio namespace. If a Gateway is deleted, the routes will also be removed again.

This new features makes the manual creation of the route obsolete, as it was explained here: Openshift 4 and Service Mesh 4 - Ingress with custom domain

Enable Automatic Route Creation

Before this feature can be used, it must be enabled. To do so the ServiceMeshContolPlace, typically found in the namespace istio-system must be modified. Add the line ior_enabled: true to the istio-ingressgate configuration.

...
spec:
  istio:
    gateways:
      istio-egressgateway:
        autoscaleEnabled: false
      istio-ingressgateway:
        autoscaleEnabled: false
        ior_enabled: true
...

Verify current service

Let’s check our tutorial application, if it is still working.

oc project tutorial

export GATEWAY_URL=$(oc -n istio-system get route istio-ingressgateway -o jsonpath='{.spec.host}')
curl $GATEWAY_URL/customer

customer => preference => recommendation v1 from 'f11b097f1dd0': 30

Let’s review and remove the current used Gateway. As you can see the hosts is set to '*'

oc get istio-io

oc get gateway.networking.istio.io/customer-gateway -o yaml
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"networking.istio.io/v1alpha3","kind":"Gateway","metadata":{"annotations":{},"name":"customer-gateway","namespace":"tutorial"},"spec":{"selector":{"istio":"ingressgateway"},"servers":[{"hosts":["*"],"port":{"name":"http","number":80,"protocol":"HTTP"}}]}}
  creationTimestamp: "2020-05-13T07:52:20Z"
  generation: 1
  name: customer-gateway
  namespace: tutorial
  resourceVersion: "41370056"
  selfLink: /apis/networking.istio.io/v1alpha3/namespaces/tutorial/gateways/customer-gateway
  uid: 96e82ed9-e870-493c-941f-bfa83c892b94
spec:
  selector:
    istio: ingressgateway
  servers:
  - hosts:
    - '*'
    port:
      name: http
      number: 80
      protocol: HTTP

Create a new Gateway

First let’s remove the current Gateway

oc delete gateway.networking.istio.io/customer-gateway

Now lets create a new Gateway, but this time we define some names for the hosts section:

cat <<'EOF' > Gateway-ior.yaml
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: customer-gateway
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - www.example.com
    - svc.example.com
EOF

oc apply -f Gateway-ior.yaml -n tutorial

When you now check the routes, 2 new routes have been added:

oc get routes -n istio-system
NAME                              HOST/PORT                                                           PATH   SERVICES               PORT    TERMINATION          WILDCARD
...
tutorial-customer-gateway-kmqrl   www.example.com                                                            istio-ingressgateway   http2                        None
tutorial-customer-gateway-ks7q7   svc.example.com                                                            istio-ingressgateway   http2                        None

To test the connectivity, you need to be sure that the hosts, used in the Gateway, are resolvable. If they are then you can access your service:

curl www.example.com/customer
customer => preference => recommendation v1 from 'f11b097f1dd0': 31

curl svc.example.com/customer
customer => preference => recommendation v1 from 'f11b097f1dd0': 32