K
Q

Istio egress traffic is not routed through istio istio-proxy sidecar

12/10/2019

we have a minimal example of routing egress traffic to an external service outside of the service mesh.

apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
  name: nexus-test
  namespace: REDACTED
spec:
  hosts:
  - nexus.REDACTED
  ports:
  - number: 443
    name: https
    protocol: HTTPS
  resolution: DNS
  location: MESH_EXTERNAL

But we are not seeing the traffic pass the sidecar istio-proxy using the command

kubectl logs $SOURCE_POD -c istio-proxy | tail

Also we are not seeing the traffic on the mixer using the command:

kubectl -n istio-system logs -l istio-mixer-type=telemetry -c mixer | grep 'nexus'

as suggested in the documentation https://istio.io/docs/tasks/traffic-management/egress/egress-control/#access-an-external-https-service

Can anyone help us what could be wrong?

Best regards, rforberger

-- Ronny Forberger
istio
kubernetes

Similar Questions

Kubernetes - HPA replicas issue
How do you specify a custom port for the ingress controller on Minikube?
How to create TCP/IP loadbalancer/applicationgateway for Azure Kubernetes cluster
Stackdriver logging not capturing all logs in GKE
why Does the tunnel have to be 50000 ?? for kubernetes to jenkins

1 Answer

12/12/2019

It works now. It was maybe conflicting with other services in the service mesh.

-- Ronny Forberger
Source: StackOverflow