RHOCP 4 initContainer in CrashLoopBackOff on pod with Service Mesh sidecar injected

Solution Verified - Updated -

Issue

  • Pod with istio-proxy sidecar injected fails to initialize due to failed initContainer, when initContainer needs to communicate with some service on a different project.
  • Pod with istio-proxy sidecar injected fails to initialize due to failed initContainer, when initContainer needs to communicate with a service in or outside the 'Mesh' via its FQDN.

  • The initContainer in a Service Mesh pod is not able to resolve or connect to any service:

    Could not resolve host: kubernetes.default.svc.cluster.local
Closing connection 0

  • The initContainer starts before the sidecar so the NetworkPolicies are blocking any egress traffic from mesh.

Environment

  • Red Hat OpenShift Container Platform (RHOCP) 4
  • Red Hat OpenShift Service Mesh (OSSM) 2

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content