Hi,
If I install Istio with the basic configuration, like istioctl install -y, sidecar can be injected and started correctly. But if I install Istio with DNS proxy, like this document, the istio-init container will fail with an iptable error.
2021-11-26T05:33:12.055213Z info Running command: iptables-restore --noflush /tmp/iptables-rules-1637904792054999130.txt2599449728
2021-11-26T05:33:12.057241Z error Command error output: xtables parameter problem: unknown option "--zone"
Error occurred at line: 31
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
2021-11-26T05:33:12.057288Z error Failed to execute: iptables-restore --noflush /tmp/iptables-rules-1637904792054999130.txt2599449728, exit status 2
My system is:
-
Windows 11 x64
-
Docker Desktop 4.2.0 (70708)
-
istioctl version
client version: 1.12.0 control plane version: 1.12.0 data plane version: 1.12.0 (1 proxies)
Update
I have Linux machine with minikube. The same Istio + DNS proxy on it works. The only difference between the two Istio installations is the number of proxies. On my Linux box, istioctl version says:
client version: 1.12.0
control plane version: 1.12.0
data plane version: 1.12.0 (2 proxies)
Note, it has 2 proxies while on my Windows machine, I only got 1 proxy.