Back
Interactive Explainer

Istio Ingress & Egress Gateways

Configure Istio Gateways for north-south traffic: TLS termination, SNI routing, and external service egress control.

🎯Key Takeaways
Gateway = edge proxy config (port, protocol, TLS)
VirtualService binds to Gateway for routing rules
Egress Gateway: controlled outbound for compliance/auditing

Istio Ingress & Egress Gateways

Configure Istio Gateways for north-south traffic: TLS termination, SNI routing, and external service egress control.

~1 min read
Be the first to complete!
What you'll learn
  • Gateway = edge proxy config (port, protocol, TLS)
  • VirtualService binds to Gateway for routing rules
  • Egress Gateway: controlled outbound for compliance/auditing

Gateway Configuration

Istio Gateway configures the edge proxy. Ingress Gateway: terminates TLS (HTTPS), routes by SNI/host. Combine with VirtualService for routing rules. Egress Gateway: forward outbound traffic through a single controlled exit point. Unlike Kubernetes Ingress, routing rules are separate in VirtualServices (more flexible).

Key takeaways

  • Gateway = edge proxy config (port, protocol, TLS)
  • VirtualService binds to Gateway for routing rules
  • Egress Gateway: controlled outbound for compliance/auditing

Related concepts

Explore topics that connect to this one.

Suggested next

Often learned after this topic.

traffic splitting canary

Ready to see how this works in the cloud?

Switch to Career Paths for structured paths (e.g. Developer, DevOps) and provider-specific lessons.

View role-based paths

Sign in to track your progress and mark lessons complete.

Continue learning

traffic splitting canary

Discussion

Questions? Discuss in the community or start a thread below.

Join Discord

In-app Q&A

Sign in to start or join a thread.