Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Istio Gateway and Gateway API points to same Istio-ingress not working #58050

New issue
New issue
Open
Open
Istio Gateway and Gateway API points to same Istio-ingress not working#58050
Labels
area/networking
@mjohn7421

Description

@mjohn7421
mjohn7421
opened on Oct 21, 2025

Is this the right place to submit this?

  • This is not a security vulnerability or a crashing bug
  • This is not a question about how to use Istio

Bug Description

Currently We have Istio Gateway and Istio Ingress, now I want to migrate to Gateway API, so for the safer migration am manually pointing istio ingress deployment and services to Gateway API. But looks like http route is not working, I keep getting 404 error. Anything else I have to check here? Is this a proven pathway?

My Gateway API looks like this

spec:
  addresses:
    - type: Hostname
      value: >-
        istio-ingress-gateway-dev.istio-ingress.svc.cluster.local
  gatewayClassName: istio
  listeners:
    - allowedRoutes:
        namespaces:
          from: All
      hostname: '*'
      name: https-443
      port: 443
      protocol: HTTPS
      tls:
        certificateRefs:
          - group: ''
            kind: Secret
            name: dev
        mode: Terminate

Was seeing below in the Istio warning, not sure that is a problem, both Gateways hostname is wildcard * means all the traffic

MV94PX16RJ  ~  kubectl logs -n istio-system deployment/istiod | grep "duplicate host\|skipping server" | tail -5
2025-10-21T19:35:10.741271Z     warn    model   skipping server on gateway istio-ingress/apps-ep-dev-istio-autogenerated-k8s-gateway-https-443, duplicate host names: [*]
2025-10-21T19:35:10.743438Z     warn    model   skipping server on gateway istio-ingress/apps-dev-istio-autogenerated-k8s-gateway-https-443, duplicate host names: [*]
2025-10-21T19:35:10.876470Z     warn    model   skipping server on gateway istio-ingress/apps-dev-istio-autogenerated-k8s-gateway-https-443, duplicate host names: [*]
2025-10-21T19:35:10.881815Z     warn    model   skipping server on gateway istio-ingress/apps-dev-istio-autogenerated-k8s-gateway-https-443, duplicate host names: [*]
2025-10-21T19:35:10.901758Z     warn    model   skipping server on gateway istio-ingress/apps-dev-istio-autogenerated-k8s-gateway-https-443, duplicate host names: [*]

Below error saw in Istio-ingress pods

100.64.99.97:443 10.36.218.247:0 - -
[2025-10-21T19:17:57.814Z] "GET /healthz HTTP/1.1" 404 NR route_not_found - "-" 0 0 0 - "xxxxx" "ELB-HealthChecker/2.0" "d7d520f6-3b41-4369-850b-e3153cf878f3" "xxxxx" "-" - - 100.64.99.97:443 10.36.218.247:0 - -

Version

istioctl version
client version: 1.26.3
control plane version: 1.26.3
data plane version: 1.26.3 
~  kubectl version
Client Version: v1.32.5
Kustomize Version: v5.5.0
Server Version: v1.32.5-eks-5d4a308

Additional Information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/networking

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions