Requesting Specific IPs for LoadBalancer ServiceType

[smangelkramer]

Title

Requesting Specific IPs for LoadBalancer ServiceType

Description

Allow a specific IP to be allocated for a load balancer service.

Actual Problem

At the moment, only one pool can be referenced. This is disadvantageous and complex to maintain when /32 pools are created.

Solution Proposed

Assign a specific IP to the LoadBalancer service object with an annotation. If this is already assigned, a warning should be issued.

Alternatives

Creating pools with 1 IP (/32) - which is hacky and actually nonsense.

Additional context

.

[trinaths]

@smangelkramer Please share RFE examples, CIS config to automation_toolchain_pm@f5.com

[dronenb]

@smangelkramer somebody can correct me if I'm wrong, but I believe this is already an (undocumented) feature as of 2.16.1:

• https://clouddocs.f5.com/containers/latest/reference/release-notes.html#id6
• https://github.com/F5Networks/k8s-bigip-ctlr/blob/0e9e3077234428f87eba36358c4a5b31791809bc/docs/cis-3.x/config_examples/customResource/serviceTypeLB/example-service-type-lb-staic-ip.yaml#L5

[mikeoleary]

@dronenb, @smangelkramer, my understanding was the same. The annotation of "cis.f5.com/ip" is supposed to give you a static IP. I'll follow this issue and test myself, and update with findings. Please update if you know the answer.

[smangelkramer]

@dronenb, @mikeoleary Yes, that is absolutely correct. I contacted the F5 product team and was made aware of the (undocumented) feature, which we have now (today) successfully tested. It is exactly the feature we needed. A Jira task was created internally for F5 to update the documentation. Many thanks for your support.

[mikeoleary]

@smangelkramer that is great to hear. According to docs, you must have ipam=true in your CIS deployment. Is that correct, still? Can we stop running the IPAM controller if we use this annotation?

[dronenb]

I am curious about the IPAM controller as well. Additionally, I would like clarification on how IP conflicts can be prevented, and whether or not it is now possible to have two separate LB's using different ports but the same IP, which I believe was not previously possible.

[mikeoleary]

@smangelkramer i can confirm now too. I tested using CIS v2.17, and I do not need to run IPAM controller if I use this annotation to set the IP address.

@dronenb i didn’t test your scenario of 2 different services of type LB, with the same IP address in the annotation, but listening in different ports. I think you should test this but it sounds like a separate issue.

[trinaths]

Its a documentation update. The feature to support static IP for svcType LB is available with annotation.