Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Egress + service without selector #841

Open
gulecroc opened this issue May 6, 2024 · 0 comments
Open

Egress + service without selector #841

gulecroc opened this issue May 6, 2024 · 0 comments

Comments

@gulecroc
Copy link

gulecroc commented May 6, 2024

Describe the bug
I would like to set the egress IP to connect to a service outside the k8s cluster.

For this purpose, I create an endpointslice :

apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
metadata:
  name: my-service-1
  namespace: my-namespace
  labels:
    kubernetes.io/service-name: my-service
addressType: IPv4
ports:
  - name: ldap
    port: 1234
    protocol: TCP
endpoints:
  - addresses:
      - "1.2.3.4"

And a service without selector : https://kubernetes.io/docs/concepts/services-networking/service/#services-without-selectors

With kube-vip egress requirements : https://kube-vip.io/docs/usage/egress/#using-kube-vip-egress

apiVersion: v1
kind: Service
metadata:
  annotations:
    kube-vip.io/egress: "true"
  name: my-service
  namespace: my-namespace
spec:
  externalTrafficPolicy: Local
  ports:
    - name: ldap
      port: 1234
      protocol: TCP
      targetPort: 1234
  type: LoadBalancer
  loadBalancerIP: 5.6.7.8

But the external-ip stay in pending state :

> kubectl -n my-namespace get svc my-service
NAME                                TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)            AGE
my-service                  LoadBalancer   10.43.185.136   <pending>     1234:31787/TCP      10s

If I add a selector to my service, or If I remove externalTrafficPolicy: Local, the external IP is correctly set. But I don't need a selector for egress purpose, and I need externalTrafficPolicy: Local from kube-vip documentation.

Environment (please complete the following information):

  • OS/Distro: Ubuntu 20.04
  • Kubernetes Version: 1.26.15
  • Kube-vip Version: 0.8.0

Kube-vip.yaml:

> kubectl -n kube-vip get ds kube-vip-load-balancer -o yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  annotations:
    deprecated.daemonset.template.generation: "9"
    meta.helm.sh/release-name: kube-vip-load-balancer
    meta.helm.sh/release-namespace: kube-vip
  creationTimestamp: "2024-04-24T12:41:02Z"
  generation: 9
  labels:
    app.kubernetes.io/managed-by: Helm
  name: kube-vip-load-balancer
  namespace: kube-vip
  resourceVersion: "783636164"
  uid: 395ecfca-20d2-446a-a628-c35698bbdb22
spec:
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/instance: kube-vip-load-balancer
      app.kubernetes.io/name: kube-vip-load-balancer
  template:
    metadata:
      creationTimestamp: null
      labels:
        app.kubernetes.io/instance: kube-vip-load-balancer
        app.kubernetes.io/name: kube-vip-load-balancer
    spec:
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: kube-vip-load-balancer
                operator: In
                values:
                - default
      containers:
      - args:
        - manager
        env:
        - name: cp_enable
          value: "false"
        - name: lb_enable
          value: "false"
        - name: lb_port
          value: "6443"
        - name: prometheus_server
          value: :2113
        - name: svc_election
          value: "true"
        - name: svc_enable
          value: "true"
        - name: vip_arp
          value: "true"
        - name: vip_cidr
          value: "32"
        - name: vip_interface
          value: ens160
        - name: vip_leaderelection
          value: "false"
        - name: vip_loglevel
          value: "5"
        image: ghcr.io/kube-vip/kube-vip-iptables:v0.8.0
        imagePullPolicy: IfNotPresent
        name: kube-vip
        resources: {}
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
            - NET_RAW
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      hostNetwork: true
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: kube-vip-load-balancer
      serviceAccountName: kube-vip-load-balancer
      terminationGracePeriodSeconds: 30
      tolerations:
      - effect: NoSchedule
        key: node-role.kubernetes.io/control-plane
        operator: Exists
  updateStrategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate
status:
  currentNumberScheduled: 2
  desiredNumberScheduled: 2
  numberAvailable: 2
  numberMisscheduled: 0
  numberReady: 2
  observedGeneration: 9
  updatedNumberScheduled: 2

Additional context
Add any other context about the problem here.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gulecroc