You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When disabling TLS for the admin listener the url for the request has a trailing dot. While this may be fine in vanilla kubernetes, it causes a failure when using a service mesh like istio:
job log:
unable to query config schema: request GET http://redpanda-0.redpanda.redpanda.svc.cluster.local.:9644/v1/cluster_config/schema failed: Service Unavailable, body: "upstream connect error or disconnect/reset before headers. reset reason: connection termination"
What happened?
When disabling TLS for the admin listener the url for the request has a trailing dot. While this may be fine in vanilla kubernetes, it causes a failure when using a service mesh like istio:
job log:
main redpanda istio sidecar log:
What did you expect to happen?
The URL should not have a trailing dot so that service meshes can resolve the endpoint correctly
How can we reproduce it (as minimally and precisely as possible)?. Please include values file.
deploy redpanda with that config on top of istio with istio-injection enabled and mtls set to strict
Anything else we need to know?
This can be worked around with istio via a set of destination rules and service entries.
If there wasn't a trailing dot this would work:
However since there is we have to add this set as well
Which are the affected charts?
Redpanda
Chart Version(s)
Cloud provider
JIRA Link: K8S-326
The text was updated successfully, but these errors were encountered: