Open orfeas-k opened 1 year ago
ca-scribner
commented
1 year ago There are some tests that check against the different responses we might get for the LoadBalancer ip, but this case was missed. We can probably add another mock load balancer to the unit tests to prove this is happening, then add some logic to handle the issue.
rgildein
commented
3 weeks ago I hit the same issue, and I'm using metallb configured like this:
IPADDR=$(ip -4 -j route get 2.2.2.2 | jq -r '.[] | .prefsrc')
microk8s enable metallb:$IPADDR-$IPADDRMy environment:
$ microk8s version
MicroK8s v1.28.10 revision 6829
$ microk8s status
microk8s is running
high-availability: no
datastore master nodes: 127.0.0.1:19001
datastore standby nodes: none
addons:
enabled:
community # (core) The community addons repository
dashboard # (core) The Kubernetes dashboard
dns # (core) CoreDNS
ha-cluster # (core) Configure high availability on the current node
helm # (core) Helm - the package manager for Kubernetes
helm3 # (core) Helm 3 - the package manager for Kubernetes
hostpath-storage # (core) Storage class; allocates storage from host directory
metallb # (core) Loadbalancer for your Kubernetes cluster
metrics-server # (core) K8s Metrics Server for API access to service metrics
registry # (core) Private image registry exposed on localhost:32000
storage # (core) Alias to hostpath-storage add-on, deprecated
disabled:
argocd # (community) Argo CD is a declarative continuous deployment for Kubernetes.
dashboard-ingress # (community) Ingress definition for Kubernetes dashboard
easyhaproxy # (community) EasyHAProxy can configure HAProxy automatically based on ingress labels
fluentd # (community) Elasticsearch-Fluentd-Kibana logging and monitoring
gopaddle # (community) DevSecOps and Multi-Cloud Kubernetes Platform
inaccel # (community) Simplifying FPGA management in Kubernetes
istio # (community) Core Istio service mesh services
jaeger # (community) Kubernetes Jaeger operator with its simple config
keda # (community) Kubernetes-based Event Driven Autoscaling
knative # (community) Knative Serverless and Event Driven Applications
linkerd # (community) Linkerd is a service mesh for Kubernetes and other frameworks
microcks # (community) Open source Kubernetes Native tool for API Mocking and Testing
openebs # (community) OpenEBS is the open-source storage solution for Kubernetes
openfaas # (community) OpenFaaS serverless framework
osm-edge # (community) osm-edge is a lightweight SMI compatible service mesh for the edge-computing.
parking # (community) Static webserver to park a domain. Works with EasyHAProxy.
portainer # (community) Portainer UI for your Kubernetes cluster
shifu # (community) Kubernetes native IoT software development framework.
sosivio # (community) Kubernetes Predictive Troubleshooting, Observability, and Resource Optimization
traefik # (community) traefik Ingress controller
trivy # (community) Kubernetes-native security scanner
cert-manager # (core) Cloud native certificate management
cis-hardening # (core) Apply CIS K8s hardening
host-access # (core) Allow Pods connecting to Host services smoothly
ingress # (core) Ingress controller for external access
mayastor # (core) OpenEBS MayaStor
minio # (core) MinIO object storage
observability # (core) A lightweight observability stack for logs, traces and metrics
prometheus # (core) Prometheus operator for monitoring and logging
rbac # (core) Role-Based Access Control for authorisation
rook-ceph # (core) Distributed Ceph storage using Rook
syncronize-issues-to-jira[bot]
commented
3 weeks ago Thank you for reporting us your feedback!
The internal ticket has been created: https://warthogs.atlassian.net/browse/KF-5821.
This message was autogenerated
rgildein
commented
2 weeks ago Using range instead of single IP works fine, and now into-pilot is running without issue.
Context
Trying to run this test for kubeflow-tensorboards-operator (which is a simple "deploy and relate the minimum required charms" test), we noticed that istio-pilot charm would fail in different parts of its execution. The error always looked like the one below, but the hook failing could also be
install,istio-pilot-relation-changed.Reproduce
git clone git@github.com:canonical/kubeflow-tensorboards-operator.gitandcd kubeflow-tensorboards-operatorpython3 -m pip install -r requirements-integration.txttox -e integrationCause
It turns out the
Microk8scluster didn't have a LoadBalancer and Istio relies heavily on the underlying LB to configure the gateway (ingressgateway). Otherwise, the gateway will be waiting for an external IP andistio-pilotwill fail due to the following lines where it checks theingressesobject's length before verifying that it is notNone. Probably though, this is a case that theistio-pilotcharm should be able to handle.P.S. The error was gone as soon as I added a LB with
microk8s enable metallb:10.64.140.43-10.64.140.49