How do I create a URL frontend to my keycloak instance after connecting it up to istio

As far as I can see, you should fix your Virtual Service.

I prepared small example with helm and keycloak helm chart.

Save this as keycloak.yaml, you can configure your keycloak password here.

keycloak:  service:    type: ClusterIP  password: mykeycloakadminpasswd  persistence:    deployPostgres: true    dbVendor: postgres

Install keycloak with helm and values prepared above.

helm upgrade --install keycloak stable/keycloak -f keycloak.yml

Create gateway and virtual service

apiVersion: networking.istio.io/v1alpha3kind: Gatewaymetadata:  name: keycloak-gatewayspec:  selector:    istio: ingressgateway # use istio default controller  servers:  - port:      number: 80      name: http      protocol: HTTP    hosts:    - "*"---apiVersion: networking.istio.io/v1alpha3kind: VirtualServicemetadata:  name: keycloakspec:  hosts:  - "*"  gateways:  - keycloak-gateway  http:  - match:    - uri:        prefix: /auth    - uri:        prefix: /keycloak    rewrite:      uri: /auth    route:    - destination:        host: keycloak-http        port:          number: 80

virtual service route.host is name of kubernetes keycloak pod service.

kubectl get svc

NAME                  TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGEkeycloak-http         ClusterIP   10.0.14.36    <none>        80/TCP     22m

You should be able to connect to keycloak via your ingress_gateway_ip/keycloak or ingress_gateway_ip/auth and login with keycloak credentials, in my example it's login: keycloak and password: mykeycloakadminpasswd.

Note that you need to add prefix for /auth as it's default keycloak web to do everything. Keycloak prefix just rewrite to /auth here.