Hello,
Recently, all pods with an istio sidecard could no longer reach an external IP address with port 3306.
Before coming to think that istio was the problem, I tried without, and tcpdump.
The tcpdump of the worker shows that with the sidecard istio the destination IP address is altered, similarly all the IP addresses with port 3306 in egress redirects to another IP address always the same. ( an external database, systematically this one )
I looked if I didn’t have a resource that could do NAT, I searched the Istio documentation without any real leads.
It has worked very well so far.
I have workarounds that work, like excluding the port in annotations, the serviceEntry object also allows the work.
But that does not explain why there is this behavior only on a port, and why it worked before, and why the IP address is changed systematically.
Istio is 1.4, and I don’t use CNI.
Thank you in advance for those who will help me find ideas.