Tutorial for Authorization of TCP Traffic does not work well

[adityasamant25]

Hi, I'm following the steps mentioned in the task Authorization of TCP Traffic.

This task fails at the step to "Verify that sleep successfully communicates with tcp-echo on port 9002."

Expected Output:

$ TCP_ECHO_IP=$(kubectl get pod "$(kubectl get pod -l app=tcp-echo -n foo -o jsonpath={.items..metadata.name})" -n foo -o jsonpath="{.status.podIP}")
$ kubectl exec "$(kubectl get pod -l app=sleep -n foo -o jsonpath={.items..metadata.name})" \
    -c sleep -n foo -- sh -c \
    "echo \"port 9002\" | nc $TCP_ECHO_IP 9002" | grep "hello" && echo 'connection succeeded' || echo 'connection rejected'
hello port 9002
connection succeeded

Actual Output:

$ TCP_ECHO_IP=$(kubectl get pod "$(kubectl get pod -l app=tcp-echo -n foo -o jsonpath={.items..metadata.name})" -n foo -o jsonpath="{.status.podIP}")
$ kubectl exec "$(kubectl get pod -l app=sleep -n foo -o jsonpath={.items..metadata.name})" \
     -c sleep -n foo -- sh -c \
     "echo \"port 9002\" | nc $TCP_ECHO_IP 9002" | grep "hello" && echo 'connection succeeded' || echo 'connection rejected'
connection rejected

I've tried this on minikube as well as an Istio playground at https://kodekloud.com/topic/playground-k8s-with-istio/

I've tried to hardcode the POD_IP as well as the POD FQDN instead of using the $TCP_ECHO_IP variable, but the connection is rejected at all times.

Istio version: 1.21.0 and 1.21.1