I have a 3-node cluster that I created with RKE, and imported into my Rancher 2 cluster.
I followed the Istio installation steps at https://istio.io/docs/setup/kubernetes/helm-install/ using Option 1. I installed Istio 1.0.3 and everything appeared to install correctly.
I created a namespace and added the label istio-injection=enabled as described in the Istio documentation.
When I try try to create a workload from the UI (single container running ubuntu:xenial) Rancher shows the error:
Pod "ubuntu3-ff64f7875-9gqdl" is invalid: spec.containers[1].env[7].name: Invalid value: "ISTIO_META_workload.user.cattle.io/workloadselector": a valid environment variable name must consist of alphabetic characters, digits, '_', '-', or '.', and must not start with a digit (e.g. 'my.env-name', or 'MY_ENV.NAME', or 'MyEnvName1', regex used for validation is '[-._a-zA-Z][-._a-zA-Z0-9]*'); Deployment does not have minimum availability.
If I create another namespace without the Istio label (so that Istio doesn’t try to inject sidecars) then the container can start just fine.
Has anyone seen this, or been able to get Istio running in a Rancher 2 deployment?