xds: suspected incompatibility for server+Istio (invalid traffic direction: UNSPECIFIED) #9157
Description
I have a grpc-java (1.46.0) server in an Istio (1.13.2) mesh that works fine using Envoy proxy, but which fails if I convert it to use xds instead:
2022-05-10 13:34:54.929+0000 [main] DEBUG io.grpc.xds.XdsLogger - [logOnly] [xds-client<6>] Failed processing LDS Response version 2022-05-10T13:32:29Z/4243 nonce L+ztZYHLHCU=6de6948c-3e51-46d8-a376-50e792d5aadd. Errors: LDS response Listener 'xds.istio.io/grpc/lds/inbound/0.0.0.0:9091' validation error: Listener xds.istio.io/grpc/lds/inbound/0.0.0.0:9091 with invalid traffic direction: UNSPECIFIED The LDS response is attached below, clearly there is no trafficDirection specified but the exact same setup works fine using Envoy.
If I comment out this check then everything works fine using xds also. Should this check be changed to allow UNSPECIFIED as well?
(ping @sanjaypujare)
2022-05-10 13:34:54.821+0000 [main] TRACE io.grpc.xds.XdsLogger - [logOnly] [xds-client<9>: (unix:///etc/istio/proxy/XDS)] Received LDS response: { "versionInfo": "2022-05-10T13:32:29Z/4243", "resources": [{ "@type": "type.googleapis.com/envoy.config.listener.v3.Listener", "name": "xds.istio.io/grpc/lds/inbound/0.0.0.0:9091", "address": { "socketAddress": { "address": "0.0.0.0", "portValue": 9091 } }, "filterChains": [{ "filters": [{ "name": "inbound-hcmmtls", "typedConfig": { "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", "routeConfig": { "name": "inbound", "virtualHosts": [{ "domains": ["*"], "routes": [{ "match": { "prefix": "/" }, "nonForwardingAction": { } }] }] }, "httpFilters": [{ "name": "envoy.filters.http.router", "typedConfig": { "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" } }] } }], "transportSocket": { "name": "envoy.transport_sockets.tls", "typedConfig": { "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext", "commonTlsContext": { "combinedValidationContext": { "defaultValidationContext": { }, "validationContextCertificateProviderInstance": { "instanceName": "default", "certificateName": "ROOTCA" } }, "tlsCertificateCertificateProviderInstance": { "instanceName": "default", "certificateName": "default" } }, "requireClientCertificate": true } }, "name": "inbound-mtls" }] }], "typeUrl": "type.googleapis.com/envoy.config.listener.v3.Listener", "nonce": "L+ztZYHLHCU\u003d6de6948c-3e51-46d8-a376-50e792d5aadd", "controlPlane": { "identifier": "{\"Component\":\"istiod\",\"ID\":\"istiod-rev1-13-2-696fcc6445-77gpw\",\"Info\":{\"version\":\"1.13.2\",\"revision\":\"91533d04e894ff86b80acd6d7a4517b144f9e19a\",\"golang_version\":\"go1.17.8\",\"status\":\"Clean\",\"tag\":\"1.13.2\"}}" } } Metadata
Metadata
Assignees
Labels
No labels