You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is not a security vulnerability or a crashing bug
This is not a question about how to use Istio
Bug Description
Enable ISTIO_META_DNS_CAPTURE and ISTIO_META_DNS_AUTO_ALLOCATE.
Deploy some stuff.
Run istioctl analyze.
Observe warnings:
Warning [IST0133] (ServiceEntry myapp/myapp-db) Schema validation warning: addresses are required for ports serving TCP (or unset) protocol
Warning [IST0133] (ServiceEntry myapp/myapp-smtp) Schema validation warning: addresses are required for ports serving TCP (or unset) protocol
I believe these warnings should not be there. I know this AUTO_ALLOCATE is per-pod, so it's hard to look at a ServiceEntry in a vacuum and say it's ok but something can be improved around this, hence opening the ticket.
Version
$ istioctl version
client version: 1.21.2
control plane version: 1.21.2
data plane version: 1.21.2 (6 proxies)
$ kubectl version
Client Version: v1.30.0
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.29.1-eks-b9c9ed7
The text was updated successfully, but these errors were encountered:
Yep I addressed that in the original text of the ticket - and y'all can choose to close this if you choose.
I opened the ticket because there are warnings when nothing is misconfigured. And of course I don't want warnings when there isn't an issue. It'd be nice if istio would only warn if ISTIO_META_DNS_AUTO_ALLOCATE was not set on a pod running in the namespaces that the service entries are exported into.
Istio could be smarter here, and this ticket is just pointing it out as a gap in the analyze of the "live cluster".
Is this the right place to submit this?
Bug Description
istioctl analyze
.I believe these warnings should not be there. I know this AUTO_ALLOCATE is per-pod, so it's hard to look at a ServiceEntry in a vacuum and say it's ok but something can be improved around this, hence opening the ticket.
Version
The text was updated successfully, but these errors were encountered: