-
Notifications
You must be signed in to change notification settings - Fork 500
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TiDB Operator - Cannot connect to TiDB Service for TiDB Cluster External IP #3941
Comments
@ttadeo |
@DanielZhangQD Thank you I will spin up the cluster again and check AWS NLB. I will update when I am done with my results. |
@ttadeo maybe have a look at pingcap/docs#5555 and leave a comment if anything special needs to be added there. |
#879 seems related |
The problem might be the "Scheme". This is visible in the web UI for the ELB. This seems to be "internal" while it should be "internet-facing". I think this is caused by this line:
https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/service/annotations/ suggests that this setting is a boolean. So the IP range here doesn't seem to be a correct value. |
- Remove incorrect `aws-load-balancer-internal`. - Sets `aws-load-balancer-scheme: internet-facing`. This is match what our examples expect. - Change the loadbalancer for Grafana from "CLB" (Classic) to "NLB" (Network) Related: - pingcap#3941
- Remove incorrect `aws-load-balancer-internal`. - Sets `aws-load-balancer-scheme: internet-facing`. This is match what our examples expect. - Change the loadbalancer for Grafana from "CLB" (Classic) to "NLB" (Network) - Add a LoadBalancer for PD as it hosts the dashboard on http://<pd>:2379/dashboard/ Related: - pingcap#3941
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 15 days |
Bug Report
What version of Kubernetes are you using?
AWS EKS 1.18What version of TiDB Operator are you using?
TiDB Operator Version: version.Info{GitVersion:"v1.1.12", GitCommit:"267b0d44f8c66f41a3a02685d7100c55d4697715", GitTreeState:"clean", BuildDate:"2021-04-15T12:21:20Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}PROBLEM:
Trying to connect to EXTERNAL-IP for TiDB-Cluster Service and connection times out. Using 127.0.0.1 with port 4000 forwarded works fine. I can connect to the Grafana Service using it's EXTERNAL IP just fine. Both services are of type LoadBalancer, however EXTERNAL TRAFFIC POLICY for TiDB-Cluster Service specifies "Local" and Grafana Service specifies "Cluster".
Question:
I understand the need for security(Access to TiDB Cluster SVC only accessible within Cluster) but for remote access outside the cluster having "Local" set prevents remote access using EXTERNAL IP. Is this spec correct ? If so, why ?
The text was updated successfully, but these errors were encountered: