search

netscaler / netscaler-k8s-ingress-controller

NetScaler Ingress Controller for Kubernetes:
https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/
308 stars 91 forks source link

Annotations not working #523

Closed gertzakis closed 1 year ago

gertzakis commented 2 years ago

Hello there,

when i use annotations like ingress.citrix.com/lbvserver: '{"citrix-svc":{"lbmethod":"LEASTCONNECTION"}' or ingress.citrix.com/monitor with value '{"citrix-svc":{"type":"http"}}' as per the official documentation it don't make the proper configuration. After reviewing the logs both on ADC & kubernetes, the API-call gets an ERROR response with message=No such resource.

To Reproduce

  1. deploy an ingress resource with annotations: ingress.citrix.com/monitor: '{"citrix-svc":{"type":"http"}}' or ingress.citrix.com/lbvserver: '{"citrix-svc":{"lbmethod":"SRCIPDESTIPHASH"}'
  2. Version of the Citrix Ingress Controller is 1.23.10
  3. Version of VPX is 13.1.17

Expected behavior I except to put the proper monitor "http" on the ServiceGroup that is creates and more importantly to configure the correct Load Balancing Method.

Logs kubectl logs 2022-03-21 13:48:23,556 - ERROR - [nitrointerface.py:_bind_nsapp_monitor_servicegroup:1618] (MainThread) Nitro Exception during binding of monitor k8s-ZZHJHP2EW7RT5KLTRQOOZ6R4K64UMZH2EKGY53D546L2MM2DFBCQ==== to servicegroup k8s-nginx-service_80_sgp_wi2a6mhwvm6vjdwwi5yhlvzknlxibsxz errorcode=258,message=No such resource [monitorName, k8s-ZZHJHP2EW7RT5KLTRQOOZ6R4K64UMZH2EKGY53D546L2MM2DFBCQ====]

Is there a simple workaround to pass that?

Thank you, Gerasimos

kumar-swamy commented 2 years ago

Key is your service name, not "citrix-svc". Every service of an ingress corresponds to an lbvserver and service group, so you need to specify the key as your service name. You can also specify multiple key values like {'key1': value1, 'key2': value2} if you have multiple services in an ingress.

gertzakis commented 2 years ago

Hello @kumar-swamy,

oo thank you. Yes you are right, as soon i put the service-name as key it works. What about "Load balancer" service types though? For example: service.citrix.com/service_type: "HTTP" service.citrix.com/lbmethod: "SRCIPDESTIPHASH" service.citrix.com/persistence: "SOURCEIP" I face a similar issue with lbmethod & persistence. Do you have any idea why this happens?

Thanks again!

apoorvak-citrix commented 2 years ago

@gertzakis can you share the complete service manifest yaml file that you are using?

gertzakis commented 2 years ago

Hello @apoorva-05, below is the manifest.

    apiVersion: v1
    kind: Service
    metadata:
      name: nginx-service
      annotations:
        service.citrix.com/service_type: "SSL"
        service.citrix.com/lbmethod: "LEASTRESPONSETIME"
        service.citrix.com/persistence: "COOKIEINSERT"
        service.citrix.com/preconfigured-certkey: "makis-cert"
      labels:
        app: nginx
    spec:
      type: LoadBalancer
      loadBalancerIP: 10.25.103.176
      ports:
      - port: 443
        targetPort: 80
        protocol: TCP
      selector:
        app: nginx

Should i put the lbmethod & persistence like that: `service.citrix.com/lbvserver: '{"443-tcp":{"lbmethod":"SRCIPDESTIPHASH","persistenceType":"COOKIEINSERT"}}', as i did with ingress manifests? But the documentation says that it should work with the annotations i have already implemented.

Thank you for your time :)

apoorvak-citrix commented 2 years ago

@gertzakis Please use the following annotation till we debug why service.citrix.com/lbmethod and service.citrix.com/persistence is no longer working.

service.citrix.com/lbvserver: '{"lbmethod": "LEASTRESPONSETIME", "persistenceType": "COOKIEINSERT"}'
bharthi-m commented 2 years ago

@gertzakis These annotations 'service.citrix.com/lbmethod: "LEASTRESPONSETIME" , service.citrix.com/persistence: "COOKIEINSERT"' are no longer supported and the same can be replaced with the smart annotation 'service.citrix.com/lbvserver' Refer here.