Document Envoy error messages when traffic is blocked via an SMI policy

[phillipgibson]

No description provided.

[draychev]

SMI policies are allow-by-default

When a route is not allowed in SMI - Envoy on the client 404 because the rotue does not exist on the client Envoy
When the traffic is allowed for some reason to reach the destination, certificates would be blocked and error then would be 503 - this could happen in some cases w/ egress.
When in allow-all mode this would be 200 ok

How do we make sure that Envoy on the client side returns appropriate message. What's an appropriate message 403?

[shashankram]

SMI policies are allow-by-default

When a route is not allowed in SMI - Envoy on the client 404 because the rotue does not exist on the client Envoy
When the traffic is allowed for some reason to reach the destination, certificates would be blocked and error then would be 503 - this could happen in some cases w/ egress.
When in allow-all mode this would be 200 ok

How do we make sure that Envoy on the client side returns appropriate message. What's an appropriate message 403?

The behavior described above was changed by PR #1182: whether egress is enabled or not the client will receive a 404 if the destination can't be reached.

[draychev]

We need to compose this document after #705 is finished - it will change these error messages.

[shashankram]

Different error codes emitted by the control plane are now well documented at https://docs.openservicemesh.io/docs/guides/troubleshooting/control_plane_error_codes/.