When istio is used in kubernetes, outbound traffic using spring boot's restemplate returns socketException.
When istio is disabled, outbound traffic to that domain is 200. But when enabled, it is 500. In the application, traffic(https) is exported using Restemplate.
namespace.yaml
labels:
istio-injection: enbaled
deployment.yaml
spec:
hostAliases:
- ip: "114.108.xxx.xx"
hostnames:
- "test.demo.com"
I was told to create a serviceEntry as a search result. I created it as below, but the result is the same.
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: entry-demo
spec:
hosts:
- "test.demo.com"
ports:
- number: 443
name: tls
protocol: TLS
resolution: DNS
location: MESH_EXTERNAL
When making outbound requests from your Spring Boot application using RestTemplate you may encounter connectivity issues or exceptions. This is because Istio, by default, enforces mTLS (mutual TLS) for service-to-service communication within the cluster. If your application is not configured to handle mTLS properly, it can result in socket exceptions.