I’m deploying a redis as a headless services due to adding rate liming by IP with Redisquota handler.
The issue begins with a headless service is running, then all the proxy sidecars move the CDS from SYNC to “STALE (Never Acknowledged)” namespace.
After check the logs output we can see these interesting traces:
Blockquote
kubectl -n istio-system log -f istio-ingressgateway-765c6cbdf8-gl97w
ngressgateway-765c6cbdf8-gl97w.istio-system~istio-system.svc.cluster.local --max-obj-name-len 189 --local-address-ip-version v4 --allow-unknown-fields -l warning --component-log-level misc:error] [2019-07-09 10:16:15.711][31][warning][main] [external/envoy/source/server/server.cc:537] shutting down admin due to child startup
[2019-07-09 10:16:15.711][31][warning][main] [external/envoy/source/server/server.cc:546] terminating parent process [2019-07-09 10:16:15.734][114][warning][config] [bazel-out/k8-opt/bin/external/envoy/source/common/config/_virtual_includes/grpc_stream_lib/common/config/grpc_stream.h:86] gRPC config stream closed: 14, no healthy upstream
[2019-07-09 10:16:15.734][114][warning][config] [bazel-out/k8-opt/bin/external/envoy/source/common/config/_virtual_includes/grpc_stream_lib/common/config/grpc_stream.h:49] Unable to establish new stream
[2019-07-09 10:16:16.667][114][warning][config] [external/envoy/source/common/config/grpc_mux_subscription_impl.cc:73] gRPC config for type.googleapis.com/envoy.api.v2.Cluster rejected: Error adding/updating cluster(s) outbound|6379||my-r
elease-redis-headless.default.svc.cluster.local: cluster: cluster type ‘original_dst’ may only be used with LB type 'original_dst_lb
Blockquote
Blockquote
$ istioctl proxy-status
NAME CDS LDS EDS RDS PILOT VERSION
app-canary-784f45f8d5-hpqrg.app2 STALE (Never Acknowledged) SYNCED SYNCED (50%) SYNCED istio-pilot-86f6575d6c-d8sfv 1.2.2
app-canary-84686547dd-bhjzj.app1 STALE (Never Acknowledged) SYNCED SYNCED (50%) SYNCED istio-pilot-86f6575d6c-d8sfv 1.2.2
Blockquote
Let me desribe my environment:
gke :“v1.13.7-gke.8”
Istio 1.2.2