From 073b1cb97da1a9495fd1e1b8b9854359a95742f5 Mon Sep 17 00:00:00 2001 From: Gaurav Ghildiyal Date: Thu, 18 May 2023 14:54:11 -0700 Subject: [PATCH] Make minimal modifications to make dual-stack-negs work with self-managed controller --- docs/deploy/gke/README.md | 14 ++++++++++++++ docs/deploy/resources/glbc.yaml | 2 +- docs/deploy/resources/rbac.yaml | 6 ++++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/docs/deploy/gke/README.md b/docs/deploy/gke/README.md index e92e5bd755..c4049f4f2f 100644 --- a/docs/deploy/gke/README.md +++ b/docs/deploy/gke/README.md @@ -122,3 +122,17 @@ issue. If you have issues with the controller after the script execution and you do not know what it causing it, invoke the script in its cleanup mode. The is a quick and simple way of going back to how everything was before. + +## Script stuck on "Waiting for old GLBC service and pod to be removed..." + +This is usually the case when turning off HTTPLoadBalancing in the cluster does +not delete the resources for the default-http-backend. This can be easily +resolved by manually deleting them: + +``` +# Delete the service for the default-http-backend. +kubectl delete svc -n kube-system default-http-backend + +# Delete the deployment for the default-http-backend. +kubectl delete deploy -n kube-system l7-default-backend +``` diff --git a/docs/deploy/resources/glbc.yaml b/docs/deploy/resources/glbc.yaml index d662f86833..23d569cfbb 100644 --- a/docs/deploy/resources/glbc.yaml +++ b/docs/deploy/resources/glbc.yaml @@ -64,7 +64,7 @@ spec: - --gce-ratelimit=ga.HealthChecks.Get,qps,1.8,1 - --gce-ratelimit=alpha.HealthChecks.Get,qps,1.8,1 - --enable-frontend-config - - --enable-endpoint-slices + - --enable-dual-stack-neg volumes: - name: google-cloud-key secret: diff --git a/docs/deploy/resources/rbac.yaml b/docs/deploy/resources/rbac.yaml index 45421aacba..9c107d1b88 100644 --- a/docs/deploy/resources/rbac.yaml +++ b/docs/deploy/resources/rbac.yaml @@ -76,6 +76,12 @@ rules: - apiGroups: ["networking.k8s.io"] resources: ["ingressclasses"] verbs: ["get", "list", "watch", "update", "create", "patch"] +- apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["*"] +- apiGroups: ["discovery.k8s.io"] + resources: ["endpointslices"] + verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding