Internal load balancer IP

htalluri9 commented 1 year ago

Please confirm the following

[X] I agree to follow this project's code of conduct.
[X] I have checked the current issues for duplicates.
[X] I understand that the AWX Operator is open source software provided for free and that I might not receive a timely response.

Bug Summary

As documented in the below MS link, by adding annotation 'service.beta.kubernetes.io/azure-load-balancer-internal: "true"' expecting EXTERNAL-IP to be a VNET IP rather than internet routable IP. it works as expected with my other use-cases but not with AWX

https://learn.microsoft.com/en-us/azure/aks/internal-lb#create-an-internal-load-balancer

AWX Operator version

2.5.2

AWX version

23.0.0

Kubernetes platform

kubernetes

Kubernetes/Platform version

1.27.3

Modifications

no

Steps to reproduce

apiVersion: awx.ansible.com/v1beta1 kind: AWX metadata: name: awx252 annotations: service.beta.kubernetes.io/azure-load-balancer-internal: "true" spec: service_type: LoadBalancer loadbalancer_protocol: 'http' loadbalancer_port: 8001

Expected results

by adding annotation 'service.beta.kubernetes.io/azure-load-balancer-internal: "true"' expecting EXTERNAL-IP to be a VNET IP rather than internet routable IP.

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE awx-operator-controller-manager-metrics-service ClusterIP 10.0.59.86 8443/TCP 39h awx252-service LoadBalancer 10.0.250.168 10.30.xx.xx 8001:30053/TCP 7m38s

Actual results

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE awx-operator-controller-manager-metrics-service ClusterIP 10.0.59.86 8443/TCP 39h awx252-service LoadBalancer 10.0.250.168 40.118.147.119 8001:30053/TCP 7m38s

Additional information

deployed AWX on azure AKS cluster with azure CNI

Operator Logs

No response

fosterseth commented 1 year ago

@rooftopcellist do you know about the service.beta.kubernetes.io/azure-load-balancer-internal: "true" annotation?

kurokobo commented 1 year ago

@htalluri9 That annotation should be defined for Service resouce, so you should specify spec.service_annotations instead of metadata.annotations.

---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
  name: awx252
  # annotations:     👈👈👈
  #  service.beta.kubernetes.io/azure-load-balancer-internal: "true"     👈👈👈
spec:
  service_type: LoadBalancer
  service_annotations: |     👈👈👈
    service.beta.kubernetes.io/azure-load-balancer-internal: "true"     👈👈👈
  loadbalancer_protocol: 'http'
  loadbalancer_port: 8001

fosterseth commented 12 months ago

thanks @kurokobo @htalluri9 were you able to get that working?

ansible / awx-operator