annotations:
sidecar.istio.io/inject: "true"
error shows in istio-proxy container:
2023-02-22T20:53:27.991116Z info dns Starting local udp DNS server on 127.0.0.1:15053
2023-02-22T20:53:27.991276Z info dns Starting local tcp DNS server on 127.0.0.1:15053
2023-02-22T20:53:27.991526Z info citadelclient Citadel client using custom root cert: var/run/secrets/istio/root-cert.pem
2023-02-22T20:53:28.008167Z info ads All caches have been synced up in 123.781352ms, marking server ready
2023-02-22T20:53:28.009496Z error sds Failed to set up UDS path: failed to listen on unix socket "./var/run/secrets/workload-spiffe-uds/socket": listen unix ./var/run/secrets/workload-spiffe-uds/socket: bind: permission denied
2023-02-22T20:53:28.009532Z info sds SDS server for workload certificates started, listening on "./var/run/secrets/workload-spiffe-uds/socket"
2023-02-22T20:53:28.009557Z info xdsproxy Initializing with upstream address "istiod-gateways-on-edge-pool.istio-system.svc:15012" and cluster "Kubernetes"
Error: failed to start xds proxy: failed to listen on unix socket "etc/istio/proxy/XDS": listen unix etc/istio/proxy/XDS: bind: permission denied
2023-02-22T20:53:28.009669Z error failed to start xds proxy: failed to listen on unix socket "etc/istio/proxy/XDS": listen unix etc/istio/proxy/XDS: bind: permission denied
2023-02-22T20:53:28.009646Z info sds Starting SDS grpc server