OpenShift routes for Istio Gateways are automatically managed within Maistra.
Every time an Istio Gateway is created, updated, or deleted inside the Mesh, an OpenShift route is created,
updated, or deleted accordingly. This aims to make things easier when using Maistra given that all information for hostnames
is already present in the Istio Gateways.
As an example, if the following Gateway is created:
Then the following OpenShift Routes are created automatically:
$ oc -n istio-system get routes
NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD
gateway1-lvlfn bookinfo.example.com istio-ingressgateway <all> None
gateway1-scqhv www.bookinfo.com istio-ingressgateway <all> None
If the Gateway is deleted, Maistra deletes the routes. Maistra does not modify routes that have been created manually.
Catch-all domains ("*") are not supported. If one is found in the Gateway definition, Maistra will create the route, but will rely on OpenShift to create a default hostname. This means that the newly created route will not be a catch all ("*") route, instead it will have a hostname in the form
<route-name>[-<project>].<suffix>. Refer to the OpenShift documentation for more information about how default hostnames work and how a cluster administrator can customize it.
All annotations present in the Istio gateway definition, except those starting with
kubectl.kubernetes.io will be copied over to the newly created OpenShift route. This will only occur when the route is created.
Subdomains (e.g.: "*.domain.com") are supported. However this ability doesn’t come enabled by default in OpenShift. This means that Maistra will create the route with the subdomain, but it will only be in effect if OpenShift is configured to enable it. Cluster administrators can refer to the OpenShift documentation for instructions on how to enable this feature.
TLS is supported as well. This means that, if the Gateway contains a
tls section, the OpenShift Route will be configured to support TLS.