I am using istio 1.9.0.
Only during an issue did I discover that Service Entries are applied at a cluster level even if the namespace is specified in the manifest. This becomes particularly thorny if you have multiple Service Entries in different namespaces for the same hostnames.
I later found the docs that mention the following:
exportTo:
A list of namespaces to which this service is exported. Exporting a service allows it to be used by sidecars, gateways and virtual services defined in other namespaces. This feature provides a mechanism for service owners and mesh administrators to control the visibility of services across namespace boundaries.
If no namespaces are specified then the service is exported to all namespaces by default.
The value “.” is reserved and defines an export to the same namespace that the service is declared in. Similarly the value “*” is reserved and defines an export to all namespaces.
From here.
Q1.
The docs however explicitly fails to clarify if adding the exportTo=‘.’ ensures that a Service Entry in my namespace will always take priority. Is this implied? particularly interested to find some documentation that calls out the expected behaviour.
Q2.
Also how do you go about checking which Service Entry has been applied for the same hostname if multiple exist? How does istio handle this?