-
Notifications
You must be signed in to change notification settings - Fork 21.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue : Error creating load balancer (will retry): failed to ensure load balancer for service kube-system/abc-xyz-nginx-ingress-controller: timed out waiting for the condition #16516
Comments
Thanks for the feedback! We are currently investigating and will update you shortly. |
@MicahMcKittrick-MSFT Thanks. |
@MicahMcKittrick-MSFT so just to add more information. the way I am doing this creating an internal load balancer manually in the MC_ resource group and I am trying to allocate Private IP address of the LB to the ingress-internal .yaml, like below. Can it be done this way?
After digging into log analytics :
But if I dont create the internal load balancer manually and let helm install create it from internal-ingress.yaml , I see an IP getting assigned to the externalIP column. So the question is, Can I assign an existing load balancer IP to the ingress controller? |
@chetanku I ran through the doc and was able to get it to work
Although it does say External IP it is actually still isolated to your Virtual Network. So External part is a bit confusing. If you were creating an actual public IP address you would have to follow this doc instead https://docs.microsoft.com/en-us/azure/aks/static-ip From the error you are getting it seems the IP you are trying to assign is already in use in that subnet. I would suggest trying a different one to see if you get the same error. |
@MicahMcKittrick-MSFT So I can't assign a pre-existing Load Balancer IP to the controller? I will have to create the Load Balancer through |
@MicahMcKittrick-MSFT Thanks for your reply. How can I achieve "If you already have a LB created then it already has an IP address associated. You can still use that load balancer you would just want to associate the service with that LB and the correct IP."? |
Check out this: https://docs.microsoft.com/en-us/azure/aks/egress#create-a-service-with-the-static-ip Essentially, you are creating a service and assigning it to the LoadBalancer type and setting the IP and the port you want to associate. |
@chetanku were you able to read through the doc I provided and determine if it helped? |
@MicahMcKittrick-MSFT Thanks for checking, I am trying to understand and connect assigning IP at controller level like mentioned in https://docs.microsoft.com/en-us/azure/aks/ingress-internal-ip , and assigning IP at service level https://docs.microsoft.com/en-us/azure/aks/egress#create-a-service-with-the-static-ip |
@iainfoulds could you help clarify on this scenario? |
They're two different things. The internal IP address for an ingress resource means that only an internal IP address is assigned to your ingress controller for use with internal apps. There is no external IP address assigned that would permit external traffic from reaching the services that get deployed behind that internal-only ingress controller. The doc for egress traffic is for when you want any outbound traffic to always be presented with the same IP address. By default, egress traffic uses the first IP address it finds on a load balancer. If only one IP address is configured on the load balancer, that's what gets used. Defining an egress address is more for when you have multiple IP addresses configured on a single load balancer. I don't understand the scenario here, as if you're wanting the same internal IP address to be used for egress traffic, you shouldn't need to provide any additional configuration. That IP address should be what's presented on outbound traffic, unless you're defining multiple internal IP addresses on the load balancer? |
@iainfoulds Thanks for the detail. Let me rephrase what I was trying to do
The above way didn't work and I got the error mentioned in the comment -- #16516 (comment) So my question is in order to assign an Internal Load Balancer IP Address to ingress controller the Load Balancer has to be created via aks using helm install stable/nginx-ingress --namespace kube-system -f internal-ingress.yaml OR is there anyway to assign an IP address of an already created/existing load balancer to a new ingress controller ? |
You'd need to let AKS create the load balancer resources in Azure for your services rather than trying to manually create them ahead of them and then use them in AKS. Just create the service through the Kubernetes API, and let the networking plugin create and configure the appropriate Azure resources. The Helm chart is a simple way of deploying an ingress controller, but is basically just wrapping the NGINX ingress controller - https://github.com/nginxinc/kubernetes-ingress. You can install that manually, and there are other ingress controllers for Kubernetes such as Heptio Contour or Træfik. You don't have to use Helm, it's just an easy wrapper for the Kubernetes resources. You're free to use the install method and ingress controller that you prefer, we don't limit to only using Helm and NGINX ingress. @MicahMcKittrick-MSFT As there's no doc action here, #please-close |
@iainfoulds so basically we can't. thanks for the clarification. |
@chetanku We will now proceed to close this thread. If there are further questions regarding this matter, please comment and we will gladly continue the discussion. |
Thanks for confirming @iainfoulds. Appreciate it :) |
So I am following https://docs.microsoft.com/en-us/azure/aks/ingress-static-ip
I am getting the error from the original post and the comment before says we cannot do this? This is a bit confusing now.. can somebody please clarify somewhere how to do this. I want to create the static addres via Azure so it doesnt go away. If i just create nginx it created a new static_ip resource for me but when i delete nginx that resource goes away. As described in the doc I have linked, it demonstrates on how to do what I want... but its not working
I am not using RBAC and also my user does not have permissions to the MC_ group. But Kubernetes is delegated and it can create things as it sees necessary. --EDIT We recreated the cluster with that option turned off and created the nginx loadbalncer manually using a bare IP address. |
I am following this doc to set up an ingress controller to an internal virtual network in my cluster.
https://docs.microsoft.com/en-us/azure/aks/ingress-internal-ip
but after the below step of installing the Nginx controller, no IP is assigned in the external IP column in my controller even after waiting for a long time.
helm install stable/nginx-ingress --namespace kube-system -f internal-ingress.yaml
I have created an internal load balancer in MC_ resource group with a static IP address. (I tried dynamic as well). I see my service principal has the network contributor permissions in the subnet as well.
When I run this is what I see in events.
Can someone please help?
The text was updated successfully, but these errors were encountered: