Hi,
I have set outboundTrafficPolicy to ALLOW_ANY, and i’m able to access external networks from within the mesh. But when i try to access kubernetes.default.svc.cluster.local from within the mesh curl exits with error code 35.
default namespace is not a part of the mesh.
k8s version: 1.17(EKS)
istio: 1.6.6
I haven’t modified anything in the default profile, what config option am i missing?
Kind regards,
Sajeev Ramasamy
Looks like you’re running into the specific 1.6.6 error for which 1.6.7 has just been released. Please try that version.
I’m saying this, because this comment in the bug report fixed in 1.6.7 sounds exactly like your issue.
What I spotted is that if you call straight away public IP (api-master) everything works fine, but if it goes through kubernetes.default.svc.cluster.local or kubernetes.default.svc, it might or might not fail. Public IP works all the time, even a simple curl command can be run in order to check that.
thanks a lot!!! upgrading to 1.6.7 fixed the issue 