I’ve just installed istio in a staging envrionment and one of my applications isn’t able to connect to the external postgres database; I did try setting meshConfig.outboundTrafficPolicy.mode explicitly to ALLOW_ANY but this seems to not have helped.
here’s a log entry for the istio-proxy container:
{“bytes_sent”:“0”,“upstream_cluster”:“outbound|5432||staging.svc.cluster.local”,“downstream_remote_address”:“10.24.1.80:44404”,“authority”:"-",“path”:"-",“protocol”:"-",“upstream_service_time”:"-",“upstream_local_address”:"-",“duration”:“3”,“upstream_transport_failure_reason”:"-",“route_name”:"-",“downstream_local_address”:“10.7.0.57:5432”,“user_agent”:"-",“response_code”:“0”,“response_flags”:“UF,URX”,“start_time”:“2020-07-29T18:31:36.352Z”,“method”:"-",“request_id”:"-",“upstream_host”:“10.7.0.57:5432”,“x_forwarded_for”:"-",“requested_server_name”:"-",“bytes_received”:“0”,“istio_policy_status”:"-"}
I was able to use netcat from the istio-proxy container to test connecting to the postgres host succesfully.
Any ideas about what to try next?