Istio annotation not working

Elastic Stack Kibana
1

Hi All,
I am trying to deploy Elasticsearch(8.5) and Kibana using helm chart.
Elasticsearch works fine with (3 master, 2 data), but when i deploy Kibana its keep on failing, Finally found that Istio is the culprit.
So added below annotation to Exclude tls port 9300,

podAnnotations:
  "traffic.sidecar.istio.io/excludeInboundPorts": "9300"
  "traffic.sidecar.istio.io/excludeOutboundPorts": "9300"

and tried with port 9200 also, but no luck. Can someone please help.

2

Attaching some errors for reference,
getting below errors on logs


"WARN", "message":"path: /_cluster/health, params: {wait_for_status=green, timeout=1s}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-master-0][generic][T#2]","log.logger":"rest.suppressed","elasticsearch.node.name":"elasticsearch-master-0","elasticsearch.cluster.name":"elasticsearch","error.type":"org.elasticsearch.discovery.MasterNotDiscoveredException",


"error.message":"javax.net.ssl.SSLHandshakeException: No subject alternative names matching IP address 100.72.11.48 found","error.stack_trace":"io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: No subject alternative names matching IP address 100.72.11.48 found\n\tat

And getting below response for curl.

elasticsearch@elasticsearch-master-0:~$ curl -k -u elastic:Admin@123 https://localhost:9200/_cat/nodes
{"error":{"root_cause":[{"type":"master_not_discovered_exception","reason":null}],"type":"master_not_discovered_exception","reason":null},"status":503}elasticsearch@elasticsearch-master-0:~$

and pre-install-kibana pod throws this error


Creating a new Elasticsearch token for Kibana
Cleaning previous token
DELETE undefined failed:  read ECONNRESET
Error: read ECONNRESET
    at TLSWrap.onStreamRead (node:internal/stream_base_commons:217:20) {
  errno: -104,
  code: 'ECONNRESET',
  syscall: 'read'
}