Trying to use --publish-service with a headless service in order to configure endpoints manually.
The goal is to manually configure the service endpoints to the public addresses of the Kubernetes nodes (unfortunately nginx ingress controller uses the private IP addresses. The public ones do not seem to be possible to be configured.). nginx ingress controller should dynamically update the ingresses when the service endpoints are changed.
However, with above, the ingress controller logs:
[ingress-nginx-controller-9wwrs] I1011 14:56:31.027017 7 status.go:300] "updating Ingress status" namespace="argocd" ingress="argocd" currentValue=[] newValue=[{IP:None Hostname: Ports:[]}]
[ingress-nginx-controller-9wwrs] I1011 14:56:31.029669 7 status.go:300] "updating Ingress status" namespace="c-1" ingress="keycloak" currentValue=[] newValue=[{IP:None Hostname: Ports:[]}]
[ingress-nginx-controller-9wwrs] I1011 14:56:31.033452 7 status.go:300] "updating Ingress status" namespace="tekton-pipelines" ingress="tekton-dashboard" currentValue=[] newValue=[{IP:None Hostname: Ports:[]}]
[ingress-nginx-controller-9wwrs] I1011 14:56:31.033848 7 status.go:300] "updating Ingress status" namespace="kubernetes-dashboard" ingress="dashboard" currentValue=[] newValue=[{IP:None Hostname: Ports:[]}]
[ingress-nginx-controller-9wwrs] W1011 14:56:31.034404 7 status.go:304] error updating ingress rule: Ingress.extensions "argocd" is invalid: status.loadBalancer.ingress[0].ip: Invalid value: "None": must be a valid IP address
[ingress-nginx-controller-9wwrs] I1011 14:56:31.035773 7 status.go:300] "updating Ingress status" namespace="tekton-pipelines" ingress="tekton-triggers" currentValue=[] newValue=[{IP:None Hostname: Ports:[]}]
[ingress-nginx-controller-9wwrs] W1011 14:56:31.035984 7 status.go:304] error updating ingress rule: Ingress.extensions "keycloak" is invalid: status.loadBalancer.ingress[0].ip: Invalid value: "None": must be a valid IP address
[ingress-nginx-controller-9wwrs] W1011 14:56:31.628760 7 status.go:304] error updating ingress rule: Ingress.extensions "tekton-dashboard" is invalid: status.loadBalancer.ingress[0].ip: Invalid value: "None": must be a valid IP address
[ingress-nginx-controller-9wwrs] W1011 14:56:31.829694 7 status.go:304] error updating ingress rule: Ingress.extensions "dashboard" is invalid: status.loadBalancer.ingress[0].ip: Invalid value: "None": must be a valid IP address
What you expected to happen:
nginx ingress controller should take the endpoints specific for the configured service and use the addresses from there to populate the loadbalancer ingress fields of the ingresses.
--public-service is documented to "When used together with update-status, the controller mirrors the address of this service's endpoints to the load-balancer status of all Ingress objects it satisfies." here: https://kubernetes.github.io/ingress-nginx/user-guide/cli-arguments/
nginx ingress controller does not seem to recognize this.
NGINX Ingress controller version (exec into the pod and run nginx-ingress-controller --version.):
Kubernetes version (use
kubectl version
):Environment:
uname -a
):kubectl version
-> see abovekubectl get nodes -o wide
``` kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME kubernetes-dev-1-etcd-1.int Ready etcd 103d v1.20.6 10.72.13.225How was the ingress-nginx-controller installed:
Current State of the controller:
kubectl -n get all -o wide
kubectl -n describe po
``` Name: ingress-nginx-admission-create-q4wbl Namespace: ingress-nginx Priority: 0 Node: kubernetes-dev-1-node-3.int/10.72.13.91 Start Time: Mon, 11 Oct 2021 16:72:26 +0200 Labels: app.kubernetes.io/component=admission-webhook app.kubernetes.io/instance=ingress-nginx app.kubernetes.io/managed-by=Helm app.kubernetes.io/name=ingress-nginx app.kubernetes.io/version=1.0.3 controller-uid=1d9d6180-b0f5-461a-8877-06dd35bc45bd helm.sh/chart=ingress-nginx-4.0.5 job-name=ingress-nginx-admission-create Annotations: cni.projectcalico.org/podIP: cni.projectcalico.org/podIPs: Status: Succeeded IP: 10.42.36.137 IPs: IP: 10.42.36.137 Controlled By: Job/ingress-nginx-admission-create Containers: create: Container ID: docker://263cbaecaa72006036be3971baed9ad62f529e90de01e3508200c568b13f9eae Image: harbor.int/ingress-nginx/kube-webhook-certgen:v1.0 Image ID: docker-pullable://harbor.int/ingress-nginx/kube-webhook-certgen@sha256:fbe44fb846ad3e7fee5b4d14c63da0bc3e884506139d5d4860d4dca763d94cc3 Port:`kubectl -n describe svc `
``` k describe svc Name: ingress-nginx-controller-admission Namespace: ingress-nginx Labels: app.kubernetes.io/component=controller app.kubernetes.io/instance=ingress-nginx app.kubernetes.io/managed-by=Helm app.kubernetes.io/name=ingress-nginx app.kubernetes.io/version=1.0.3 helm.sh/chart=ingress-nginx-4.0.5 Annotations:kubectl -n <appnnamespace> get all,ing -o wide
Headless service endpoints:
What happened:
Trying to use
--publish-service
with a headless service in order to configure endpoints manually.The goal is to manually configure the service endpoints to the public addresses of the Kubernetes nodes (unfortunately nginx ingress controller uses the private IP addresses. The public ones do not seem to be possible to be configured.). nginx ingress controller should dynamically update the ingresses when the service endpoints are changed.
However, with above, the ingress controller logs:
What you expected to happen:
nginx ingress controller should take the endpoints specific for the configured service and use the addresses from there to populate the loadbalancer ingress fields of the ingresses.
--public-service
is documented to "When used together with update-status, the controller mirrors the address of this service's endpoints to the load-balancer status of all Ingress objects it satisfies." here: https://kubernetes.github.io/ingress-nginx/user-guide/cli-arguments/nginx ingress controller does not seem to recognize this.
How to reproduce it: