Stay organized with collections
Save and categorize content based on your preferences.
Resolving cleanup issues
This page explains how to resolve issues with Cloud Service Mesh managed control plane
when using the TRAFFIC_DIRECTOR implementation.
Clean up synthetic services
When using the TRAFFIC_DIRECTOR control plane implementation, Cloud Service Mesh
creates synthetic Kubernetes services to support subset. These services are
labeled with istio.io/owned-by:gsmconfig.gke.io.
When you unregister a cluster from a Google Cloud fleet, Cloud Service Mesh
might not be able to remove these synthetic Kubernetes services.
To mitigate this issue, you can manually remove synthetic Kubernetes services in
all namespaces by running the following command:
When using the TRAFFIC_DIRECTOR control plane implementation, Cloud Service Mesh
creates network endpoint groups by adding cloud.google.com/neg annotations to
services for load balancing.
When you unregister a cluster from a Google Cloud fleet, Cloud Service Mesh
might not be able to remove these annotations to clean up the network endpoint
groups.
To mitigate this issue, you can manually remove the cloud.google.com/neg
annotations from services in all namespaces.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-03 UTC."],[],[],null,["Resolving cleanup issues\n\nThis page explains how to resolve issues with Cloud Service Mesh managed control plane\nwhen using the `TRAFFIC_DIRECTOR` implementation.\n\nClean up synthetic services\n\nWhen using the `TRAFFIC_DIRECTOR` control plane implementation, Cloud Service Mesh\ncreates synthetic Kubernetes services to support subset. These services are\nlabeled with `istio.io/owned-by:gsmconfig.gke.io`.\n\nWhen you unregister a cluster from a Google Cloud fleet, Cloud Service Mesh\nmight not be able to remove these synthetic Kubernetes services.\n\nTo mitigate this issue, you can manually remove synthetic Kubernetes services in\nall namespaces by running the following command: \n\n kubectl delete service -l istio.io/owned-by=gsmconfig.gke.io -A\n\nClean up network endpoint groups annotations\n\nWhen using the `TRAFFIC_DIRECTOR` control plane implementation, Cloud Service Mesh\ncreates network endpoint groups by adding `cloud.google.com/neg` annotations to\nservices for load balancing.\n\nWhen you unregister a cluster from a Google Cloud fleet, Cloud Service Mesh\nmight not be able to remove these annotations to clean up the network endpoint\ngroups.\n\nTo mitigate this issue, you can manually remove the `cloud.google.com/neg`\nannotations from services in all namespaces. \n\n service_names=($(kubectl get service -A -o jsonpath='{.items[*].metadata.name}'))\n for service in \"${service_names[@]}\"; do\n kubectl annotate service $service -A cloud.google.com/neg-\n done"]]
