Communicating with Redis server from a container behind Envoy

Getting into envoy (istio proxy):

kubectl exec -it my-pod -c proxy bash

Looking at envoy configuration:

cat /etc/envoy/envoy-rev2.json

You will see that it generates a TCP proxy filter which handles TCP only traffic. Redis example:

"address": "tcp://10.35.251.188:6379",  "filters": [    {      "type": "read",      "name": "tcp_proxy",      "config": {        "stat_prefix": "tcp",        "route_config": {          "routes": [            {              "cluster": "out.cd7acf6fcf8d36f0f3bbf6d5cccfdb5da1d1820c",              "destination_ip_list": [                "10.35.251.188/32"              ]            }          ]        }      }

In your case, adding http into Redis service port name (Kubernetes deployment file), generates http_connection_manager filter which doesn't handle row TCP.

See istio docs:

Kubernetes Services are required for properly functioning Istio service. Service ports must be named and these names must begin with http or grpc prefix to take advantage of Istio’s L7 routing features, e.g. name: http-foo or name: http is good. Services with non-named ports or with ports that do not have a http or grpc prefix will be routed as L4 traffic.

Bottom line, just remove port name form Redis service and it should solve the issue :)