The policy manager has no problem connecting to gateway pod if only deploy one gateway pod, but when the replicas is 2 or more, the policy manager fails with error,
“Gateway Inactivity Session Timeout has been reached”
container gateway
After policy manager login the gateway, the session info is stored locally in the memory of the gateway node/pod, ie. the session info is not cluster wide.
When the kubernetes proxy route the policy manager traffic to another gateway pod, the gateway pod rejects the request as it has no matching session info.
There could be a few options, such as kubectl port-forward to a specified pod, but a better option should be expose one more service (for policy manager) with session affinity, for example, (assume that the name of the gateway deployment is gw-dc)
kubectl expose deployment gw-dc --type=NodePort --session-affinity=ClientIP --name=pm-svc
Then run command,
kubectl get svc
it will show the new service pm-svc, use that for policy manager connection.