Stack Overflow
Stack Overflow

Questions tagged [servicemesh]

129 questions
2
votes
1 answer

Kubernetes and Service Mesh load-balancing misalignments

Kubernetes has a support of Pod load-balancing, session affinity through its kube-proxy. Kubernetes’ kube-proxy is essentially an L4 load balancer so we cannot rely on it to load balance L7-transport, e.g. muliple gRPC live connections or…
Ivan Voroshilin
  • 5,233
  • 3
  • 32
  • 61
2
votes
0 answers

CNCF Kuma: TLS error during Multi-Zone setup

I am new to Kuma and am trying to set up Multi-Zone deployment mode after experimenting with standalone mode. Currently, I have managed to setup the Global Control Plane on an Azure VM and it seems to be working well. My problem lies in setting up…
dsumler
  • 21
  • 1
2
votes
1 answer

Fresh cluster and linkerd - viz doesn't startup

I've got an issue, I'm trying to install linkerd on my cluster, all is going well I went exactly with this official README https://linkerd.io/2.11/tasks/install-helm/ installed it via helm MacBook-Pro-6% helm list -n default NAME NAMESPACE …
CptDolphin
  • 404
  • 7
  • 23
2
votes
2 answers

How to implement role-based auth with SPIFFE/SPIRE?

I'm in the process of vetting a move to service mesh. While Istio and Consul Connect are certainly still in the cards, I'm leaning towards building up from a bit lower level with Linkerd and SPIFFE/SPIRE. I want to build a 'hello world' mesh to test…
lmonninger
  • 831
  • 3
  • 13
2
votes
1 answer

How to setup local development environment for Nomad+Consul Service Mesh

As per Hashicorp documentation on Nomad+Consul, consul service mesh cannot be run on MacOS/Windows, since it does not support bridge network. https://www.nomadproject.io/docs/integrations/consul-connect What is the recommended way to setup a local…
Jawahar
  • 4,775
  • 1
  • 24
  • 47
2
votes
1 answer

Install Istio using Istio Operator and Terraform on EKS

I'm new to Terraform. I need to set up Istio on the AWS EKS cluster. I thought of using Istio-Operator along with Terraform to do the same. Below is the shell script to install Istio on EKS using Istio-Operator: install-istio.sh # Download and…
Sweta Sharma
  • 2,404
  • 4
  • 21
  • 36
2
votes
0 answers

Canary Deployment Strategy using Argocd rollout and Service Mesh Interface (Traefik Mesh)

I'm working on the Canary Deployment Strategy. I use the Service Mesh Interface, after installing trafik mesh. When starting the program for the first time with the command kubectl apply -f applications.yaml It should deploy the entire application…
Harou
  • 21
  • 1
2
votes
1 answer

Istio does not forward Authorization header

kind: "RequestAuthentication" metadata: name: "jwt-api" namespace: default spec: selector: matchLabels: app: api jwtRules: - issuer: "https://login.microsoftonline.com/12312312312312312312/v2.0" jwksUri:…
Bruno Macedo
  • 121
  • 1
  • 8
2
votes
1 answer

Istio 1.4.3 to 1.5.6 upgrade using istioctl and Istio operator

Can I make an existing Istio open source installable compatible with the (Istioctl + Operator) ? I currently have Istio 1.4.3 installed via istioctl .. and need to make existing deployment Istio operator aware as well before I upgrade to Istio…
Avi
  • 1,453
  • 4
  • 18
  • 43
1
vote
0 answers

Consul connect injector cannot connect to my consul server

if i deploy a instance of a consul client using the consul helm chart into my k3s cluster. The connect-injector pod will not start properly. k3s version: k3s version v1.25.6+k3s1 (9176e03c) Helm version: version.BuildInfo{Version:"v3.12.1",…
Mathias Dollenbacher
  • 11
  • 1
1
vote
1 answer

Does all Knative traffic have to route through Master node?

My question: Is all traffic from users to Knative service/pod must traverse through Master node? For example: I, as a customer from outside of the cluster, create a curl request to a service (pod HelloWorld), then is it true that my request and the…
KenNG
  • 11
  • 1
1
vote
1 answer

validate claims inside JWT using envoy

{ "aud": "123123-1232-123123-2323-123", "iss": "https://url", "iat": 2112, "nbf": 1212, "exp": 1212, "aio": "ewq32ee23e2e=", "azp": "123123-1232-123123-2323-123", "azpacr": "1", "oid": "123123-1232-123123-2323-123", "rh":…
Rahul verma
  • 176
  • 6
1
vote
1 answer

kubectl port-forward forwards to incorrect port (hashcorp/consul)

Following Hashicorp's Deploy Consul on Kubernetes on Ubuntu 22.04 Server/amd64. Cloned the repo. Done. Created the Kubernetes cluster using Kind. Done. Deployed the datacenter using consul-k8s. Done. Set environment variables. Done. View consul…
Mike Borgholthaus
  • 11
  • 2
1
vote
2 answers

How can I rewrite the URI path on an incoming request with Istio?

I need the URI of requests that reach my myapp pods to be rewritten to remove the prefix /foo from the path. For example, a URI /foo/bar should be received as /bar. I am using a GCP load balancer that routes traffic directly to pods. I am not using…
Drago Rosson
  • 75
  • 4
1
vote
0 answers

Multi cluster mesh not working on Istio 1.16

Multi cluster mesh was working just fine with istio 1.3.4. But after the upgrade to 1.16 it stopped working. I even tried the helloworld sample given to verify the mesh config. But it is not working as expected. The example i tried :…
bbalacc3
  • 11
  • 2
1
2
3
8 9