Global DNS

Istio doesn’t have provide a global DNS service. There are many different schemes for supporting DNS with multiple clusters, the latest is to enable the DNS-proxy feature in Istio. DNS-proxy basically intercepts DNS for the services in the mesh (that is, for every service with a sidecar), and resolves the request if it targets another service in the mesh, and uses the normal pod DNS scheme otherwise.

By default, multi-cluster deployments of Service Mesh Manager don’t do anything special for DNS, and do not enable DNS-proxy. Instead, Service Mesh Manager relies on the DNS setup of the pod and the cluster.

This means that to use a service that is part of the service mesh but resides in another cluster, you have to add a Kubernetes service (with no endpoints) to the local cluster. Note that you have to use a Service, do not use a ServiceEntry (which requires global DNS).