Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DaemonSet with HostPort - is not created kuma service #4747

Closed
istar2metal opened this issue Aug 3, 2022 · 2 comments
Closed

DaemonSet with HostPort - is not created kuma service #4747

istar2metal opened this issue Aug 3, 2022 · 2 comments
Labels
kind/bug A bug triage/duplicated already exists

Comments

@istar2metal
Copy link

What happened?

In k8s-cluster working ingress-nginx DaemonSet with HostPort as deligated gateway in kuma mesh:

spec:
  template:
    metadata:
      annotations:
        kuma.io/gateway: enabled
    spec:
      containers:
        name: ingress-nginx-controller
        ports:
        - containerPort: 80
          hostPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          hostPort: 443
          name: https
          protocol: TCP
        - containerPort: 10254
          hostPort: 10254
          name: metrics
          protocol: TCP
...

It has no kubernetes Service (only for ingress-metrics, no for ingress port):

kubectl -n ingress-nginx get svc
NAME                               TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)     AGE
ingress-nginx-controller-metrics   ClusterIP   10.233.53.14   <none>        10254/TCP   223d

As expected, kuma-dataplanes have been created for this minor service ingress-nginx-controller-metrics:

...
kind: Dataplane
...
spec:
  networking:
...
    gateway:
      tags:
        app.kubernetes.io/name: ingress-nginx
        app.kubernetes.io/part-of: ingress-nginx
        k8s.kuma.io/namespace: ingress-nginx
        k8s.kuma.io/service-name: ingress-nginx-controller-metrics
        k8s.kuma.io/service-port: "10254"
        kuma.io/protocol: tcp
        kuma.io/service: ingress-nginx-controller-metrics_ingress-nginx_svc_10254
        kuma.io/zone: hcloud
...

Since there is no kuma-service for general ingress http ports, mTLS (in strict mode) does not work.
@krzys
@istar2metal istar2metal added kind/bug A bug triage/pending This issue will be looked at on the next triage meeting labels Aug 3, 2022
@lahabana
Copy link
Contributor

lahabana commented Aug 4, 2022

xref #4703 and #4052

You can identify using ingress-nginx-controller-metrics_ingress-nginx_svc_10254 as a service name. It's akward, I'm opening an separate issue to fix this

@lahabana lahabana mentioned this issue Aug 4, 2022
Closed
@lahabana
Copy link
Contributor

lahabana commented Aug 4, 2022

Closing this in favour of the more complete #4768

@lahabana lahabana closed this as not planned Won't fix, can't repro, duplicate, stale Aug 4, 2022
@lahabana lahabana added triage/duplicated already exists and removed triage/pending This issue will be looked at on the next triage meeting labels Aug 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug A bug triage/duplicated already exists
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lahabana @istar2metal