GatewayPortNotDefinedOnService

This message occurs when a gateway (usually istio-ingressgateway) offers a port that the Kubernetes service workload selected by the gateway does not.

For example, your Istio configuration contains these values:

# Gateway with bogus ports apiVersion: networking.istio.io/v1 kind: Gateway metadata: name: istio-ingressgateway spec: selector: istio: ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "*" - port: number: 8004 name: http2 protocol: HTTP hosts: - "*" --- # Default Gateway Service apiVersion: v1 kind: Service metadata: name: istio-ingressgateway spec: selector: istio: ingressgateway ports: - name: status-port port: 15021 protocol: TCP targetPort: 15021 - name: http2 port: 80 protocol: TCP targetPort: 8080 - name: https port: 443 protocol: TCP targetPort: 8443

In this example, the GatewayPortNotDefinedOnService message occurs because this configuration uses port 8004, but a default IngressGateway (named istio-ingressgateway) is only open on target ports 15021, 8080 and 8443.

To resolve this problem, change your gateway configuration to use a valid port on the workload and try again.

Here’s a corrected example:

# Gateway with correct ports apiVersion: networking.istio.io/v1 kind: Gateway metadata: name: istio-ingressgateway spec: selector: istio: ingressgateway servers: - port: number: 8080 name: http2 protocol: HTTP hosts: - "*" - port: number: 8443 name: https protocol: HTTP hosts: - "*"