When trying to install the open source software (OSS) package Istio on a Guest Cluster that is version 1.28 or above for photon or 1.27 or above for ubuntu, the following error occurs:

error    Command error output: xtables parameter problem: iptables-restore: unable to initialize table 'nat'

VKR Photon 1.28 and above

VKR Ubuntu1.27 and above

The issue occurs because the open source software (OSS) Istio uses iptables-legacy mode which requires the old iptables kernel module. Ubuntu 22.04+ and photon5 loads only the nftable related module by default and not the iptables module. Therefore applications which uses the iptables-legacy will not work on those host machines.

There is no recommended workaround as the upstream project for istio still does not support nftables mode.

Information on the upstream istio issue for tracking nftables mode:

Consider/design nftables alternative for redirection