Network Policy Ingress is not working after sidecar injection

9/26/2019

Bug description

I am trying a network policy example to allow the traffic from specific namespace. Everything works good until I inject a sidecar for nginx application then all calls are blocked. This is the example I am trying to implement.

Expected behavior

Whether its sidecar is injected or not, when a call is coming from whitelisted namespace, it shouldn't block it.

Steps to reproduce the bug

Simple go through this example, just inject nginx application with the istio's side car.

Version (include the output of istioctl version --remote and kubectl version)

Kubernetes: 1.13.10

Istio: 1.1.10

Please help me understand what should I need to do to make it work or do I have to add something else in Network Policy for istio-injection?

P.S Although it works, when I allow traffic from all the namespaces even after sidecar injection

ingress:
- {}
-- Waqar Ahmed
istio
kubernetes
kubernetes-networkpolicy

0 Answers