Closed GrahamDumpleton closed 2 years ago
ExternalTrafficPolicy can only be set on NodePort and LoadBalancer service
means that if ClusterIP is going to be a valid value, there needs to be an overlay that will remove this entry. Something like:
#@overlay/match by=overlay.subset({"kind":"Service", "metadata": {"name": "envoy"}})
---
spec:
#@overlay/remove
#@overlay/match missing_ok=True
externalTrafficPolicy: Local
cc @vmware-tanzu/pkg-contour-owners
Note one question is whether it should automatically change the externalTrafficPolicy
when the service type is changed. There is actually a separate envoy.service.externalTrafficPolicy
setting and so technically a user could override it in the configuration at the same time. If one takes this stance, then the issue is really that the documentation needs to make clear that if envoy.service.type
is changed to ClusterIP
that it is the users responsibility to separately override envoy.service.externalTrafficPolicy
and set it to Cluster
, presuming that works.
Actually, that will not work, as the issue is externalTrafficPolicy
being set to any value when ClusterIP
is chosen, not its particular value:
Error: package reconciliation failed: kapp: Error: Applying create service/envoy (v1) namespace: projectcontour:
Creating resource service/envoy (v1) namespace: projectcontour:
Service "envoy-x-projectcontour-x-lab-tce-w07-s007-vcluster" is invalid: spec.externalTrafficPolicy:
Invalid value: "Cluster":
ExternalTrafficPolicy can only be set on NodePort and LoadBalancer service (reason: Invalid)
So an overlay to remove it when ClusterIP
specifically is set would be required, else envoy.service.externalTrafficPolicy
would have to allow being set to null
to have it not added.
FWIW, setting envoy.service.externalTrafficPolicy
to either null
or empty string doesn't work either as defaults back to Local
.
Yep seems like a bug, we should not set externalTrafficPolicy
when the service type is ClusterIP
. I will work on a patch.
Bug Report
Documentation for Contour package at:
says for the
envoy.service.type
option:Using a type of
ClusterIP
results in a failure when installing the Contour package as it fails some sort of validation step done bykapp
.The values file contained:
and the
tanzu package install
command failed as follows:Expected Behavior
Documentation says that
ClusterIP
is a valid value so it should work.If it isn't actually supported, then the documentation is wrong.
For use case being tested had required
ClusterIP
to work as advertised so the preferred outcome is thatClusterIP
works.Steps to Reproduce the Bug
Install Contour package using values file shown above.
Environment Details
tanzu version
):cc @jorgemoralespou