Collisions within the cluster when redirecting traffic destined to amazon APIs
kube2iam uses iptables to redirect traffic to Amazon IP (169.254.169.254). This conflicts with Istio's iptables.
It may be better to treat this as external traffic; see here.
Apply the following yaml, which should fix the issue:
apiVersion: networking.istio.io/v1alpha3 kind: ServiceEntry metadata: name: apipa spec: hosts: 169.254.169.254 ports: number: 80 name: http protocol: HTTP resolution: DNS location: MESH_EXTERNAL
Updated almost 4 years ago