[REQUEST] Target Cluster IP

[hufhend]

Is your feature request related to a problem? Please describe. I'm not sure I'm doing anything wrong. When I deploy onionbalancedservices together with Ghost, for example, it works. But if I redeploy Ghost, it changes its internal IP address including the service and onion (Target Cluster IP) points to a blank space.

Describe the solution you'd like Couldn't it be modified to refer to a name that will be different but the same?

Describe alternatives you've considered Deleting and re-creating the OnionService helps

Additional context

Namespace:    ghost
Labels:       app.kubernetes.io/instance=tor-apps
Annotations:  <none>
API Version:  tor.k8s.torproject.org/v1alpha2
Kind:         OnionBalancedService
[...]
Status:
  Backends:
    ghost-onion-service-tor-obb-1:
      Hostname:           ***.onion
      Target Cluster IP:  10.233.38.53
    ghost-onion-service-tor-obb-2:
      Hostname:           ***.onion
      Target Cluster IP:  10.233.1.13
  Hostname:               ***.onion

  Target Cluster IP:  10.233.37.155
Events:               <none>

[bugfest]

Hi @hufhend, does your onion service stop working when you update your backend (ghost)?

[hufhend]

Yes it is, when updating, but also when forced to move to another node. I think it is related to the change of the internal IP address.

[bugfest]

Can you share your complete onionbalancedservice manifest?

[hufhend]

Yes, I'm posting here, just starring the hostname:

apiVersion: v1
items:
- apiVersion: tor.k8s.torproject.org/v1alpha2
  kind: OnionBalancedService
  metadata:
    annotations:
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"tor.k8s.torproject.org/v1alpha2","kind":"OnionBalancedService","metadata":{"annotations":{},"labels":{"app.kubernetes.io/instance":"tor-apps"},"name":"ghost-onion-service","namespace":"tor-controller"},"spec":{"backends":2,"privateKeySecret":{"name":"my-full-onion-secret"},"template":{"spec":{"extraConfig":"HiddenServiceEnableIntroDoSDefense 1\n","rules":[{"backend":{"service":{"name":"ghost-tor","port":{"number":80}}},"port":{"number":80}}],"version":3}}}}
    creationTimestamp: "2024-04-28T20:20:06Z"
    generation: 1
    labels:
      app.kubernetes.io/instance: tor-apps
    name: ghost-onion-service
    namespace: tor-controller
    resourceVersion: "78844440"
    uid: 78a78746-971e-4830-b4f5-526f42af5bd0
  spec:
    backends: 2
    privateKeySecret:
      name: my-full-onion-secret
    serviceMonitor: false
    template:
      spec:
        extraConfig: |
          HiddenServiceEnableIntroDoSDefense 1
        rules:
        - backend:
            service:
              name: ghost-tor
              port:
                number: 80
          port:
            number: 80
        serviceMonitor: false
        version: 3
    version: 3
  status:
    backends:
      ghost-onion-service-tor-obb-1:
        hostname: *****.onion
        targetClusterIP: 10.233.18.234
      ghost-onion-service-tor-obb-2:
        hostname: *****.onion
        targetClusterIP: 10.233.7.186
    hostname: |
      *****.onion
    targetClusterIP: 10.233.57.78
kind: List
metadata:
  resourceVersion: ""

I was wondering, could the fact that I'm deploying it via ArgoCD affect the functionality?

[bugfest]

I don't think Argo does has anything to do with your issue. As per your config, the Tor instance should be resolving the service ghost-tor and then exposing that port (tcp/80) over the Tor network as hidden service. The targetClusterIPs are the Onion Balancer instance's. Do the same happen when using a simple Onion Service (not the onion balanced one)?

[hufhend]

I understand. I confess I don't know. I'll edit it and try it. I just noticed that here as targetClusterIP, the value is correct after ghost (or wordpress) starts if it starts all together. On a new deployment it stays the same and points to nothing.

[hufhend]

Tried and tested. Yes, this happens even when using the simple Onion Service