John Howard
John Howard
We cannot just add a feature env if there is no path off if it; It adds to the problem, not lessens it. So if we do please propose a...
/hold cancel
fwiw you could manually add it to the deployment in the short term. It's just an env var and volume mount. That being said, consistency here probably makes sense
Not super familiar with how it should be set up with AWS NLBs, but the reason it is failing is probably that Istio does not actually listen on the ports...
Thanks @djc !! I added tests and a bit more in https://github.com/rustls/tokio-rustls/pull/148
`outbound|443|wildcard|egressgateway.istio-egress.svc.cluster.local ` implies its going to subset=wildcard. That is not defined anywhere in your config in the issue. I am fairly confident you have some config that is not in...
Ah sorry, got it. Do you have port 22 defined on the gateway Service?
That just configures the GW, it still needs to be in the Service object as well
The only time I have seen this is when you accidentally run the image on the wrong architecture. Usually what happens is someone incorrectly mirrors the image from `docker.io/istio/proxyv2:1.19.3` to...
Are you mirroring the image or directly pulling `istio/proxyv2:1.19.3`? Can you do `kubectl get pod -oyaml BROKEN_POD_NAME`?