I’m having a really strange problem on my K8s cluster running istio 1.1.0. My workload is able to access the Kubernetes server for around 90 minutes or so and then it stops being able to reach the API endpoint.
I dumped all proxy-config
options (listeners, endpoints, routes, clusters) at the beginning and once the problem started. There are no material diffs between the before and after state - the only observable difference is that access to the API server is no longer possible.
I verified basic network connectivity by curl
-ing the API server endpoint from the istio-proxy
container. This works. When I try the command under sudo
(so as to change the UID/ GID such that proxying will be in effect), it fails.
All other services are accessible, just not the API server.
This one is a real head-scratcher and I’m looking for some pointers on how to troubleshoot something like this. Thanks in advance.
Cheers.
Krishnan