Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Static ip on internal ingress #1171

Closed
mat-613 opened this issue Jun 26, 2020 · 13 comments
Closed

Static ip on internal ingress #1171

mat-613 opened this issue Jun 26, 2020 · 13 comments
Assignees
@spencerhance
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.

Comments

@mat-613
Copy link

mat-613 commented Jun 26, 2020

Hi, I've been struggling to set static ip for my internal ingress (GCP Kubernetes with a Deployment, Service NodePort and Internal Ingress).

I'm creating this issue because I can't find a way or an annotation to specify an internal static ip to the internal ingress.

Is this currently supported?
@vitomanu96
Copy link

vitomanu96 commented Jun 26, 2020
edited
Loading

Mee too. So I am not alone.

@federico-s
Copy link

I have the same problem, I tried different ways but none of those worked for me.

@spencerhance
Copy link
Contributor

Hi all,

This is not currently supported since internal ingress requires a regional static IP, but is planned for GA. I have created a PR for this here: #1174

@rramkumar1 rramkumar1 added the kind/feature Categorizes issue or PR as related to a new feature. label Jul 13, 2020
@spencerhance
Copy link
Contributor

Hello, this should be launching in Rapid + Regular channel within the next two weeks!

@MikeMichel
Copy link

From my understanding this landed in 1.9. I tried this on a shared vpc setup and I get Error during sync: error running load balancer syncing routine: loadbalancer 2lvxx6db-default-jenkins-lli16s90 does not exist: the given static IP name jenkins-internal-ip doesn't translate to an existing static IP.

I am on gke 1.17.12-gke.2502 and reserved an internal IP from a host projects subnet with
gcloud compute addresses create jenkins-internal-ip --region europe-west1 --subnet net-devops1 --project host-project
and referenced this in the ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    ingress.gcp.kubernetes.io/pre-shared-cert: jenkins-test
    kubernetes.io/ingress.allow-http: "false"
    kubernetes.io/ingress.class: gce-internal
    kubernetes.io/ingress.regional-static-ip-name: jenkins-internal-ip
...

Is this feature supposed to work with shared vpc where the internal IP is not in the same project where gke?

@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 4, 2021
@0xknon
Copy link

0xknon commented Feb 12, 2021

From my understanding this landed in 1.9. I tried this on a shared vpc setup and I get Error during sync: error running load balancer syncing routine: loadbalancer 2lvxx6db-default-jenkins-lli16s90 does not exist: the given static IP name jenkins-internal-ip doesn't translate to an existing static IP.

I am on gke 1.17.12-gke.2502 and reserved an internal IP from a host projects subnet with
gcloud compute addresses create jenkins-internal-ip --region europe-west1 --subnet net-devops1 --project host-project
and referenced this in the ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    ingress.gcp.kubernetes.io/pre-shared-cert: jenkins-test
    kubernetes.io/ingress.allow-http: "false"
    kubernetes.io/ingress.class: gce-internal
    kubernetes.io/ingress.regional-static-ip-name: jenkins-internal-ip
...

Is this feature supposed to work with shared vpc where the internal IP is not in the same project where gke?

Not sure whether it is too late but I found a potential solution for this on stackoverflow:
Can't connect static ip to Ingress on GKE

  1. Starting ingress with no static ip
  2. Going to cloud console on the web under VPC Network > External IP addresses
  3. Waiting for the Ingress ip to show up
  4. Setting is as static, and giving it a name
  5. Adding kubernetes.io/ingress.global-static-ip-name: Ingress yaml and applying it.

@sumeetoc
Copy link

From my understanding this landed in 1.9. I tried this on a shared vpc setup and I get Error during sync: error running load balancer syncing routine: loadbalancer 2lvxx6db-default-jenkins-lli16s90 does not exist: the given static IP name jenkins-internal-ip doesn't translate to an existing static IP.

I am on gke 1.17.12-gke.2502 and reserved an internal IP from a host projects subnet with
gcloud compute addresses create jenkins-internal-ip --region europe-west1 --subnet net-devops1 --project host-project
and referenced this in the ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    ingress.gcp.kubernetes.io/pre-shared-cert: jenkins-test
    kubernetes.io/ingress.allow-http: "false"
    kubernetes.io/ingress.class: gce-internal
    kubernetes.io/ingress.regional-static-ip-name: jenkins-internal-ip
...

Is this feature supposed to work with shared vpc where the internal IP is not in the same project where gke?

By anychance did you get this working? Facing similar issue

@MikeMichel
Copy link

@sumeetoc
Yes, I did. When I remember right I needed to do the IP reservation differently because I use a shared VPC.

cloud compute addresses create jenkins-internal-ip2 --region europe-west1 --subnet projects/your-host-project-2784/regions/europe-west1/subnetworks/subnetname-of-the-service-project

@sumeetoc
Copy link

sumeetoc commented Feb 20, 2021
edited
Loading

Anyone looking for solution, basically the service project is used to create the resource, and host subnetwork url is used as reference

Example:

gcloud compute addresses create internal-ip-addrs --region us-east4 --subnet projects/host-project/regions/us-east4/subnetworks/subnet-name --project=service-project

@fejta-bot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Mar 22, 2021
@fejta-bot
Copy link

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-contributor-experience at kubernetes/community.
/close

@k8s-ci-robot
Copy link
Contributor

@fejta-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-contributor-experience at kubernetes/community.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spencerhance spencerhance

Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@MikeMichel @spencerhance @sumeetoc @federico-s @vitomanu96 @mat-613 @k8s-ci-robot @rramkumar1 @fejta-bot @0xknon