Hi,
After following instructions to Consul+Docker (setup consul Quickstart) and BookInfo App for Docker with Consul, when confirming that via browser, we should see details, reviews and ratings. Instead I get Error fetching product details|reviews|ratings.
If I curl details|ratings|reviews from productpage container, it goes to different outbounds.
Am I missing something?
If needed, I can share envoy config_dump and envoy.log of specific scenarios.
Thanks,
This example has been in need of a tune up for awhile, sorry @vinicius.artur . I am investigating a few parts of this right now, but one immediate item of concern is in samples/bookinfo/platform/consul/bookinfo.sidecars.yaml: all of the proxy_init containers are using an out of date image tag and so traffic is not getting captured by the sidecars. There are six places in the file where you need to replace proxy_init:0.7.1 with the same tag that is used for the proxy_debug image, for example: proxy_init:1.1.4
This will get default routing working, and you should start seeing the 3 different versions of reviews service as you refresh your browser.
There is an additional problem as well with VirutalService rules not producing the desired version based routing - I am working on debugging currently and will update
After changing proxy_init from 0.7.1 to 1.1.4, it was working well in my browser, but the requests were not passing through Envoy.
So after adding manually a IPtables rule to go through Envoy, I’m having again the previous issue. If I curl reviews, details or ratings it keeps going to the same outbound (this time is going to productpage), so I get 404 from productpage server and envoy.log shows the requests are going to outbound|9080||productpage.service.consul.
Is that issue you are debugging, right?
What about the manual IPtables rule I had to add to the requests pass through Envoy?
Before:
-A ISTIO_IN_REDIRECT -p tcp -j REDIRECT --to-ports 15001
-A ISTIO_OUTPUT ! -d 127.0.0.1/32 -o lo -j ISTIO_REDIRECT
-A ISTIO_OUTPUT -m owner --uid-owner 1337 -j RETURN
-A ISTIO_OUTPUT -m owner --gid-owner 1337 -j RETURN
-A ISTIO_OUTPUT -d 127.0.0.1/32 -j RETURN
-A ISTIO_REDIRECT -p tcp -j REDIRECT --to-ports 15001
Then I added:
-A ISTIO_OUTPUT -j ISTIO_REDIRECT
@vinicius.artur you were definitely on the right track and were seeing the same problems I was. In install/consul/istio.yaml the registrator container is using latest tag, but this is several years old. The image tag needs to be updated to master:
registrator:
image: gliderlabs/registrator:master
EDIT: if you are using latest version of istio release, this tag change may already be present
Next due to some changes to the consul conversion logic, need to add SERVICE_VERSION=X env var to each app in samples/bookinfo/platform/consul/bookinfo.yaml. For example:
environment: - SERVICE_NAME=details - SERVICE_TAGS=version|v1 - SERVICE_PROTOCOL=http - SERVICE_VERSION=v1
Lastly, there are additional flags that need to be added to the samples/bookinfo/platform/consul/bookinfo.sidecars.yaml for each of the *-init containers present for each bookinfo app. For example:
details-v1-init:
image: docker.io/istio/proxy_init:{PROXY_TAG}
cap_add:
- NET_ADMIN
network_mode: “container:consul_details-v1_1”
command:
- -p
- “15001”
- -u
- “1337”
- -m
- REDIRECT
- -i
- “*”
- -b
- “9080”
Thank you for being so responsive. It’s working perfectly now!
Just one thing: latest Istio release still has registrator:latest. So I had to change to registrator:master by myself.
Another feedback: To run successfully the Request Timeouts task I had to change from microservice to microservice.service.consul in fields hosts and host of the kubectl apply commands.
I have been trying to run the booklist demo on Docker Edge for Mac but cannot access the bookpage service from the outside at all. I get no response from server but I dont see a failure to connect either. I followed the path if running on Kubernetes and the URL was localhost:80/bookpage. In the documentation it say to set the host and port according to another section. Do I need to use a docker internal address somewhere? Open a port or is it necessary for me to create a virtual service in order to be able to access the bookpage service?
Has the problem be fixed in 1.1.7?
I think it’s fixed, but not release in 1.17.
Thank you for the fixing
I have verified that it is working and will be part of the 1.2 release coming soon
Hey! Just wanted to check in and see if there has been any progress on this. I tried 1.2.3 and 1.2.4 and I’m getting the same results as the OP. 