I am currently trying to deploy an Istio Service Mesh in our Kubernetes cluster on GKE. When I inject the Istio sidecar using kubectl apply -f <(istioctl kube-inject -f <service-name>.yaml the downstream services are not able to connect using gRPC. The issue does not present itself when the Istio sidecar is running in an HTTP service.
The configuration file for the gRPC service is as follows:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: <service name>
namespace: default
labels:
app: <service-name>
version: v1
spec:
minReadySeconds: 30
replicas: 1
template:
metadata:
labels:
app: <service-name>
spec:
containers:
- name: <service-name>
image: gcr.io/project/service-name
ports:
- containerPort: 5011
name: grpc
resources:
requests:
memory: "10Mi"
cpu: "100m"
limits:
memory: "100Mi"
cpu: "250m"
readinessProbe:
tcpSocket:
port: 5011
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 5011
initialDelaySeconds: 15
periodSeconds: 20
---
apiVersion: v1
kind: Service
metadata:
name: <service-name>
namespace: default
spec:
selector:
app: <service-name>
ports:
- port: 5011
targetPort: 5011
name: grpc
Istio is running in the downstream service and does not show any outgoing requests to the upstream service. If I redeploy the upstream service without Istio, the gRPC call succeeds and the logs show an outgoing request.
