Service in istio mesh not able to communicate to external Confluent Kafka cluster

We a Confluent Kafka VPC that is accessible inside our kubernetes cluster. We have somes microservices inside the istio mesh that need to access to the Confluent Kafka cluster.

When we deploy a service in the cluster with istio disabled (without the sidecar) the connection works just fine, but when we enable istio we are getting an error " Cant connect to right Controller"" and it seems the service is not able to connect to kafka.

I think it might have something to do with istio network. Do anyone have any idea of what might be happening?

1 Like

We have the same problem, could you solve it?

Hello, we are experiencing the same issue between a service that needs to consume an external kafka topic. Can you share with us how did you sort it out?
Thanks in advance

@Rodrigo_Valladares , are you saying that you have a separate Kubernetes cluster for your microservices and Confluent Kafka cluster but they share the same VPC? And you are trying to link them together?

One thing about Istio is they have zero-trust networking. If you are trying to communicate outside the mesh, you need to tell Istio about it (ie. having ServiceEntry or Istio Egress). In addition, to ensure secured communication, Confluent Kafka cluster must be running on Istio network too.