I am following example for TCP authorization for MongoDB https://istio.io/docs/tasks/security/authz-tcp/
I carefully followed each step but even after defining Destination Rules, VS, Service Role and Service Role binding, the
productpage still shows
Rating service is currently unavailable.
The output from
istioctl authn tls-check for
ratings-v2 is as follows - which shows OK.
# istioctl authn tls-check ratings-v2-54f78f7c8c-2b22l | grep -i ratings ratings.istio-lab.svc.cluster.local:9080 OK mTLS mTLS default/istio-lab ratings/istio-lab
But when I try to see
ratings-v2 relationship with
istioctl authn tls-check ratings-v2-54f78f7c8c-2b22l | grep -i mongodb mongodb.istio-lab.svc.cluster.local:27017 CONFLICT mTLS HTTP default/istio-lab -
What is the reason that
mongodb service is at conflict with
ratings-v2 and how could I correct this? This looks like a possible case as why
Ratings does not show on the
Help is appreciated.