Managing Egress traffic using Istio
In the Routing traffic to services outside of the cluster section, we discovered how service entries can be used to update the Istio service registry about services external to the mesh and the cluster. Service entries are a way to add additional entries into Istio’s internal service registry for virtual services to be able to route to those entries. An Egress gateway, however, is used for controlling how the traffic for external service leaves the mesh.
To get familiar with Egress gateways, we will first deploy a Pod within the mesh from which we can call an external service:
$ kubectl apply -f utilities/curl.yaml
The command creates a Pod from which you can perform curl; this mimics a workload running inside the mesh:
$ kubectl exec -it curl sh -n chapter4
From the shell, access httpbin.org using curl:
$ curl -v https://httpbin.org/get
Now, we will stop all Egress traffic from the mesh using the following command:
...
