Hi,
I was able to get the helloworld application work with my GKE Istio Cluster. As referred to this github tutorial https://github.com/apigee/istio-mixer-adapter.
However, with my existing webapp on my cluster, I am not able to use the apigee connector.
I am getting the 403 error PERMISSION_DENIED:apigee-handler.handler.istio-system:permission denied.
I have both the helloworld and microservice running at the same time, but hello world is working, but not my app. I am not sure what is the difference between the services for it to not work.
My application runs on Nodejs. It runs fine with Istio until I apply the adapter.yaml, definitions.yaml, handler.yaml, and rule.yaml. All of those files can be seen in the github link above. Do I ever need to change any of those yaml files as mentioned before for it work. I
Here is my web-service.yaml file
apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: ui-cart-vs spec: hosts: - "*" gateways: - webapp-gateway http: - match: - uri: prefix: /ui route: - destination: port: number: 3000 host: ui-cart-service
Here is my virtual-service.yaml file
################################################################################################## # UI Cart service ################################################################################################## apiVersion: v1 kind: Service metadata: name: ui-cart-service labels: app: ui-cart-service spec: ports: - name: http port: 3000 selector: app: ui-cart-service --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: ui-cart labels: version: v1 spec: replicas: 1 template: metadata: labels: app: ui-cart-service version: v1 spec: containers: - name: ui-cart-service image: ******* imagePullPolicy: IfNotPresent ports: - containerPort: 3000
Solved! Go to Solution.
I figured out my issue.
Within the API product, I should I have added "{ServiceName}.default.svc.cluster.local". So it was giving me unauthorized.
The file names between web-service.yaml and virtual-service.yaml are switched. Cannot edit original post for some reason.
I figured out my issue.
Within the API product, I should I have added "{ServiceName}.default.svc.cluster.local". So it was giving me unauthorized.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |