Calico eBPF mode leads to readiness probe failures with ambient [fixed in Calico 3.29] #52765
Description
Is this the right place to submit this?
- This is not a security vulnerability or a crashing bug
- This is not a question about how to use Istio
Bug Description
We tested several applications in different namespaces, readiness/liveness probes failed everywhere after labeling ns istio.io/dataplane-mode=ambient
Type Reason Age From Message
---- ------ ---- ---- -------
Warning Unhealthy 33m (x1643 over 10h) kubelet Liveness probe failed: dial tcp 192.168.140.251:1080: i/o timeout
Warning Unhealthy 18m (x5231 over 10h) kubelet Readiness probe failed: dial tcp 192.168.140.251:1080: i/o timeout
Warning BackOff 3m45s (x2064 over 9h) kubelet Back-off restarting failed container --- in pod ---
and recover after unlabeling.
Relevant for 1.22.3 and 1.23.0
Version
istioctl version
client version: 1.23.0
control plane version: 1.23.0
data plane version: 1.23.0 (5 proxies)
kubectl version
Client Version: v1.30.0
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.29.4
calicoctl version
Client Version: v3.28.1
Git commit: 601856343
Cluster Version: v3.27.2
Cluster Type: k8s,bgp,kubeadm,kdd
Additional Information
No response