This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Add new rule in GKE Ingress won't auto-connect to the load balance backend

Posted on 03-06-2023 07:16 PM
ed-bytebase
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Hi there,

My question is adding new rules in GKE Ingress won't auto-connect to the load balance backend, but strangely, all related resources all be auto-created success. Here's the workflow:

Step 1, create a new deployment and make sure it is alive

Step 2, expose the deployment as NodePort

CleanShot 2023-03-07 at 11.02.42@2x.png

Step 3, add this Service to an existing Ingress

CleanShot 2023-03-07 at 11.04.53@2x.png

Then we can see the backend service for the load balance is successfully created

CleanShot 2023-03-07 at 11.06.32@2x.png

And the network endpoint groups are also created

CleanShot 2023-03-07 at 11.07.36@2x.png

But they're not connected to the load balancer, and I have to do this manually

CleanShot 2023-03-07 at 11.10.55@2x.png

Does anyone have any idea about this?

Sincerely,

Ed

0 2 333
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
jamesaaron
Staff
Reply posted on --/--/---- --:-- AM

Hello @ed-bytebase 

Can you include the deployment, service and ingress yaml that you are using so we can see how they are set up together? Kindly redact any sensitive information that these files have.

Sincerely,
James

0 Likes

Posted on --/--/---- --:-- AM
ed-bytebase
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM
Hi @jamesaaron  , here's the YML config

 

(BTW we're using GKE to provider our SaaS service, we will create 1 Deployment for 1 tenant, and the Deployment will have 1 NodePort Service, and multiply Services will share 1 Ingress with different rules)

 

For example, we have a tenant with ID 4u5z93wr,
 
The deployment YML for the tenant:

 

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
  creationTimestamp: "2023-03-18T07:48:03Z"
  generation: 1
  labels:
    tenant: pool
    version: 1.14.0
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: 4u5z93wr
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: 4u5z93wr
        timestamp: "1679125683"
    spec:
      containers:
        image: bytebase/bytebase:1.14.0
        imagePullPolicy: Always
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 300
          periodSeconds: 300
          successThreshold: 1
          timeoutSeconds: 60
        name: bytebase
        ports:
        - containerPort: 8080
          name: http
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 300
          periodSeconds: 300
          successThreshold: 1
          timeoutSeconds: 60
        resources:
          limits:
            cpu: 250m
            ephemeral-storage: 400M
            memory: 512Mi
          requests:
            cpu: 250m
            ephemeral-storage: 400M
            memory: 512Mi

 

 
The service YML for the tenant:

 

apiVersion: v1
kind: Service
metadata:
  annotations:
    cloud.google.com/neg: '{"ingress":true}'
    cloud.google.com/neg-status: '{"network_endpoint_groups":{"80":"k8s1-74c3cd43-default-service-4u5z93wr-80-3cf1182c"},"zones":["us-central1-a","us-central1-b"]}'
  creationTimestamp: "2023-03-18T07:55:15Z"
  labels:
    tenant: 4u5z93wr
spec:
  clusterIP: 10.12.131.57
  clusterIPs:
  - 10.12.131.57
  externalTrafficPolicy: Cluster
  internalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - nodePort: 30326
    port: 80
    protocol: TCP
    targetPort: 8080
  selector:
    app: 4u5z93wr
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

 

 
And the Ingress config:
 

 

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.global-static-ip-name: bytebase-ip-01
  name: bytebase-ingress-01
  namespace: default
spec:
  rules:
  - host: 4u5z93wr.us-central1.bytebase.com # for tenant 4u5z93wr
    http:
      paths:
      - backend:
          service:
            name: service-4u5z93wr
            port:
              number: 80
        pathType: ImplementationSpecific
  - host: 94xbo23h.us-central1.bytebase.com # for another tenant
    http:
      paths:
      - backend:
          service:
            name: service-94xbo23h
            port:
              number: 80
        pathType: ImplementationSpecific
  # and many other rules for different tenant
  tls:
  - secretName: bytebase-ssl-01
status:
  loadBalancer:
    ingress:
    - ip: xxx

 

 

0 Likes
Top Labels in this Space