Highest Voted 'istio-sidecar' Questions

0

votes

0 answers

mTLS blocks traffic in Istio Service Mesh

I really hope you can help me with a matter I am struggling for quite some time. Istio Version client version: 1.14.1 control plane version: 1.14.1 data plane version: 1.14.1 (130 proxies) Kubectl Version Client Version: version.Info{Major:"1",…

asked Jun 06 '23 at 14:47

diDaster

1

0

votes

0 answers

Is it possible to connect to MongoDB from Istio proxy without allowing invalid certificates and direct connection?

I have a question regarding configuring the Istio proxy to connect to MongoDB without making any modifications to the client configuration. Currently, the client connects to MongoDB using the following connection…

mongodb ssl istio istio-gateway istio-sidecar

asked May 27 '23 at 17:05

Danil Trehshcev

1

0

votes

0 answers

Hashicorp Annotation to get vault secrets

I have written a annotation using istio sidecar and have captured secret stored in vault location in an environment variable redis_auth. Question : How I print this value of redis_auth variable which got exported in helm chart or inside…

deployment annotations kubernetes-helm helm3 istio-sidecar

asked May 09 '23 at 18:02

naman jain

1
1

0

votes

0 answers

Istio Proxy blocking TCP Traffic

Currently, we have a deployment file with an init container which test connectivity to the DB as per below: - name: wait-database image: 'busybox:4.3.13' command: - sh - '-c' - >- until nc -w3 -z…

kubernetes openshift istio istio-sidecar

asked Apr 21 '23 at 07:06

ashley

1,008
17
37

0

votes

1 answer

Hasura Remote schema fails with the protocol error

I am redirecting the remote schema to an intermittent proxy server. And that proxy server calls the actual remote schema. excerpt as below definition: url: http://app.metrics:8080/remote-schema timeout_seconds: 60 …

kubernetes istio hasura istio-sidecar

asked Apr 14 '23 at 09:27

chaosguru

1,933
4
30
44

0

votes

0 answers

Metrics not available when use istio-injection

I’m using metrics-server v0.6.3 in k8s v1.21.6, and istio 1.14. If istio-injection to pod, error: Metrics not available for pod. if not injection, metrics server running normally with pod. Any one had this issue ? Please, help me fix this. I think…

kubernetes istio-sidecar metrics-server

asked Apr 13 '23 at 06:24

thanhtv312

1

0

votes

0 answers

istio - sidecar initialization delay causing health checks failure

I am seeing quite a bit of a lag in sidecar startup. istio-proxy version 1.9.1 wondering if readiness.status.sidecar.istio.io/initialDelaySeconds: '25' I added as a pod annotation is contributing to this ? Notice between citadelclient and "marking…

istio istio-sidecar

asked Apr 07 '23 at 17:09

bhantol

9,368
7
44
81

0

votes

1 answer

Istio AuthorizationPolicy `to` rule matching nothing and returning 503

This auth policy should allow all routes: apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: allow-all namespace: qcust spec: action: ALLOW rules: - to: - operation: paths: -…

istio istio-gateway istio-sidecar

asked Mar 28 '23 at 16:12

bks71

1
1

0

votes

0 answers

Does EnvoyFilter support TLS local rate limit?

We are using istio for local rate limit, Our service is TLS enabled. Can we do local rate-limit this service using EnvoyFilter?

istio envoyproxy istio-gateway istio-sidecar

asked Mar 23 '23 at 14:37

ajeyprasad

41
1
3

0

votes

1 answer

How do you add reporter label to istio custom metrics with IstioOperator

I created custom metrics with IstioOperator as such (example only in inboundSidecar, but I also add it for outboundSidecar and Gateway) telemetry: v2: prometheus: configOverride: inboundSidecar: …

prometheus metrics istio envoyproxy istio-sidecar

asked Mar 20 '23 at 06:16

Isa A

1,342
13
31

0

votes

0 answers

istio-proxy not respecting app container restart and sending traffic during app terminating state

We have a pod with an app container and istio-proxy container running. Due to the failure of liveliness and readiness probes on the app container, a SIGTERM signal was sent to the app container, and the app container went to a terminating state. We…

kubernetes istio istio-sidecar kubernetes-networking

asked Feb 24 '23 at 17:54

Abhijith Swamy

1

0

votes

0 answers

some pitfalls in mtls traffic organization in frame of internal-mesh (istio)

Actually, I have two questions, but firstly I'm just started to study istio... It is possible to enable mtls authentication on egress pod? I tried to apply PeerAuthentication in mtls STRICT mode on egress service, but envoy still allows for http…

kubernetes istio envoyproxy istio-gateway istio-sidecar

asked Feb 15 '23 at 15:27

ldoctori

1
1

0

votes

1 answer

How to configure istio-sidecar envoyproxy not to include x-envoy-peer-metadata in header data?

The counterparty we connect to does not allow/handle that the x-envoy-peer-metadata is as big as what the istio-sidecar envoyproxy adds. (about 390 characters) Is it possible to disable the x-envoy-peer-metadata and possible as well…

envoyproxy istio-sidecar

asked Feb 09 '23 at 13:16

LarsMattssonNordnet

1
1

0

votes

1 answer

Istio exclude path from sidecar traffic

Using istio with requestauth and a jwt issuer, but currently need to exclude certain paths traffic to the sidecar from actually validating any incoming jwt headers, is that possible? else istio tries to validate the jwt header ( even if not in…

istio istio-sidecar

asked Jan 27 '23 at 14:11

Sergio Teixeira

11
3

0

votes

0 answers

Unable to make EJB invocation with Container's service name

I have configured EKS 1.23 and installed our product's containers and also configured the ISTIO service mesh for secure communication between containers. We are running some WEB containers and some Backend containers. Inside the backend containers,…

jboss istio ejb-3.0 istio-sidecar servicemesh

asked Jan 24 '23 at 09:35

Vivek Pandey

1

Questions tagged [istio-sidecar]