Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Can’t set the value of externalTrafficPolicy to Cluster in the Service. #8235

Closed
shuoshadow opened this issue Sep 30, 2024 · 3 comments
Closed

[BUG] Can’t set the value of externalTrafficPolicy to Cluster in the Service. #8235

shuoshadow opened this issue Sep 30, 2024 · 3 comments
Assignees
@shanshanying
Labels
kind/bug Something isn't working
Milestone
Release 0.9.2

Comments

@shuoshadow
Copy link

shuoshadow commented Sep 30, 2024
edited
Loading 

Kubernetes: v1.28.9
KubeBlocks: 0.9.0
kbcli: 0.9.1-beta.13
WARNING: version difference between kbcli (0.9.1-beta.13) and kubeblocks (0.9.0)

When I create a Service of type LoadBalancer, the value of externalTrafficPolicy is set to Local by default and cannot be changed to Cluster.

apiVersion: apps.kubeblocks.io/v1alpha1
kind: OpsRequest
metadata:
  name: camellia-expose-enable
  namespace: kb-cloud
spec:
  # Specifies the name of the Cluster resource that this operation is targeting.
  clusterName: camellia-cluster
  # Lists Expose objects, each specifying a Component and its services to be exposed.
  expose:
    # Specifies the name of the Component.
  - componentName: proxy
    # Specifies a list of OpsService. When an OpsService is exposed, a corresponding ClusterService will be added to `cluster.spec.services`. 
    services:
    - name: internet
      roleSelector: ""
      serviceType: LoadBalancer
    # Indicates whether the services will be exposed. 'Enable' exposes the services. while 'Disable' removes the exposed Service.
    switch: Enable
  # Specifies the maximum number of seconds the OpsRequest will wait for its start conditions to be met before aborting. If set to 0 (default), the start conditions must be met immediately for the OpsRequest to proceed.
  preConditionDeadlineSeconds: 0
  type: Expose

image

In my Kubernetes cluster, I’m using the Cilium CNI component and assigning EXTERNAL-IP to LoadBalancer type services through the CiliumBGPPeeringPolicy.
When the Service has externalTrafficPolicy: Cluster, BGP Control Plane unconditionally advertises the ingress IPs of the selected Service. When the Service has externalTrafficPolicy: Local, BGP Control Plane keeps track of the endpoints for the service on the local node and stops advertisement when there’s no local endpoint.

https://docs.cilium.io/en/stable/network/bgp-control-plane/bgp-control-plane-v1/#externaltrafficpolicy

So I need to set the externalTrafficPolicy for the Service to Cluster.
@shuoshadow shuoshadow added the kind/bug Something isn't working label Sep 30, 2024
@shuoshadow shuoshadow mentioned this issue Sep 30, 2024
Closed
@shanshanying
Copy link
Contributor

Hi @shuoshadow
I'd suggest updating the services api of 'cluster.spec.services'. This api is designed to allow users to define a list of "additional" Services to be exposed by a Cluster.

@shanshanying
Copy link
Contributor

shanshanying commented Oct 8, 2024
edited
Loading

the serviceType LoadBalancer is used on Cloud , such as EKS from AWS, GKE from Google Cloud, TKE from Tencent Cloud, and AKS from Aliyun.

Instead of posing an OpsRequest, you can manipulate the services api w.r.t. your own needs, for instance:

apiVersion: apps.kubeblocks.io/v1alpha1
kind: Cluster
metadata:
  name: camellia-cluster
  namespace: default
spec:
  terminationPolicy: Delete
  services:  # patch Cluster CR with your services
  - componentSelector: proxy
    name: proxy-internet
    serviceName: proxy-internet
    annotations:  # customized annotations if necessary
      yourkey: yourvalue
    spec: # this is `corev1.ServiceSpec`
      ports:
      - name: redis-proxy
        nodePort: 30449
        port: 6380
        protocol: TCP
        targetPort: redis-proxy
      - name: console-port
        nodePort: 31347
        port: 16379
        protocol: TCP
        targetPort: console-port
      type: LoadBalancer
      externalTrafficPolicy: Cluster  # specify the externalTrafficPolicy attribute here
  componentSpecs:
  - name: proxy
    componentDef: camellia-redis-proxy
    ...

@shuoshadow
Copy link
Author

the serviceType LoadBalancer is used on Cloud , such as EKS from AWS, GKE from Google Cloud, TKE from Tencent Cloud, and AKS from Aliyun.

Instead of posing an OpsRequest, you can manipulate the services api w.r.t. your own needs, for instance:

apiVersion: apps.kubeblocks.io/v1alpha1
kind: Cluster
metadata:
  name: camellia-cluster
  namespace: default
spec:
  terminationPolicy: Delete
  services:  # patch Cluster CR with your services
  - componentSelector: proxy
    name: proxy-internet
    serviceName: proxy-internet
    annotations:  # customized annotations if necessary
      yourkey: yourvalue
    spec: # this is `corev1.ServiceSpec`
      ports:
      - name: redis-proxy
        nodePort: 30449
        port: 6380
        protocol: TCP
        targetPort: redis-proxy
      - name: console-port
        nodePort: 31347
        port: 16379
        protocol: TCP
        targetPort: console-port
      type: LoadBalancer
      externalTrafficPolicy: Cluster  # specify the externalTrafficPolicy attribute here
  componentSpecs:
  - name: proxy
    componentDef: camellia-redis-proxy
    ...

@shanshanying Thanks, I successfully implemented the modification of the externalTrafficPolicy in the service using this method.

@github-actions github-actions bot added this to the Release 0.9.2 milestone Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shanshanying shanshanying

Labels
kind/bug Something isn't working
Projects
None yet
Milestone
Release 0.9.2
Development

No branches or pull requests
2 participants
@shuoshadow @shanshanying