search

inlets / inlets-operator

Get public TCP LoadBalancers for local Kubernetes clusters
https://docs.inlets.dev/reference/inlets-operator
MIT License
1.34k stars 97 forks source link

Ports in tunnel are not updated when updating the LoadBalancer service #97

Closed jsiebens closed 3 years ago

jsiebens commented 4 years ago

Expected Behaviour

When adding or removing ports of a LoadBalancer service, the ports of the tunnel should be updated as well.

Current Behaviour

Ports in the tunnel are not updated.

Steps to Reproduce (for bugs)

  1. Create a LoadBalancer service with a single port 
    apiVersion: v1
kind: Service
metadata:
name: example-service
spec:
selector:
app: example
type: LoadBalancer
ports:
- name: http
  port: 8080
  targetPort: 8080

    inlets pod is created, logs:

    2020/09/19 05:21:21 Welcome to inlets-pro! Client version 0.7.0
2020/09/19 05:21:21 Licensed to: Johan Siebens <*****>, expires: *** day(s)
2020/09/19 05:21:21 Upstream server: example-service, for ports: 8080
inlets-pro client. Copyright Alex Ellis, OpenFaaS Ltd 2020
time="2020/09/19 05:21:21" level=info msg="Connecting to proxy" url="wss://****:8123/connect"
  2. Update the service with an extra port: 
    apiVersion: v1
kind: Service
metadata:
name: example-service
spec:
selector:
app: example
type: LoadBalancer
ports:
- name: http
  port: 8080
  targetPort: 8080
- name: https
  port: 8443
  targetPort: 8443
  3. Tunnel is not updated with the extra port logs of the inlets-operator pod: 
    I0919 05:35:34.666837       1 controller.go:317] Successfully synced 'default/example-service-tunnel'
I0919 05:36:04.667099       1 controller.go:317] Successfully synced 'default/example-service-tunnel'
2020/09/19 05:36:24 Tunnel exists: example-service-tunnel
I0919 05:36:24.440714       1 controller.go:317] Successfully synced 'default/example-service'

Context

Your Environment

alexellis commented 4 years ago

Hi @jsiebens inlets PRO does have the capability to reconfigure, so this is just coming down to the controller's control-loop.

Would you be interested in contributing a fix? You'd have to change the config of the client deployment, which specifies the set of ports.

For the time being as a workaround, update your LB's ports and then delete the tunnel custom resource. The new one created by the operator will have the updated ports.

Alex

alexellis commented 4 years ago

Let me know your thoughts.

jsiebens commented 4 years ago

Hi @alexellis

Deleting the tunnel custom resource as a workaround will indeed create a new one with the updated ports. But by creating a new exit node, the load balancer will also get a new public IP address, which is a little bit of a pity of the previous address is already configured in other places like DNS records etc.

I will have a look if I can create a PR for this.

Johan

alexellis commented 3 years ago

@jsiebens only the tunnel deployment needs to be changed AFAIK, would you still like to work on this PR?

Loop Detect port change Update deployment Tunnel client reconnects, and sets new ports

There will be no change in IP.

Alex