Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cloudstack API end point getting failed while deploying nginx as loadbalancer on kubernetes #8936

Open
vishnuvs369 opened this issue Apr 18, 2024 · 8 comments
Open

Cloudstack API end point getting failed while deploying nginx as loadbalancer on kubernetes #8936

vishnuvs369 opened this issue Apr 18, 2024 · 8 comments
Labels
type:question
Milestone
4.19.1.0

Comments

@vishnuvs369
Copy link

I have an issue with cloudstack.. i'm deploying nginx service as loadbalancer on kubernetes getting an error given below...
image

Events:
  Type     Reason                  Age                  From                Message
  ----     ------                  ----                 ----                -------
  Warning  SyncLoadBalancerFailed  4s (x1027 over 17h)  service-controller  Error syncing load balancer: failed to check if load balancer exists before cleanup: error retrieving load balancer rules: Get http://192.168.10.120:8080/client/api?apiKey=5yQj6eY6hAoNFrHFFNK1RFvMsioFwpcruIkBk09-GhUDcA6CO_jO1-K_Gyyoqa0l7DBxmseK70GsrGfe2opabA&command=listLoadBalancerRules&keyword=ad715cbd81ac64c079be9a71f46a7c0c&listall=true&response=json&signature=WIJuc9uYnkd5XGXmtiUcRiGWzuw%3D: net/http: request canceled (Client.Timeout exceeded while awaiting headers)

i configured Endpoint url (endpoint.url) in Global settings using LAN IP...can anyone help me on this
@boring-cyborg boring-cyborg
Copy link

boring-cyborg bot commented Apr 18, 2024

Thanks for opening your first issue here! Be sure to follow the issue template!

@weizhouapache
Copy link
Member

@vishnuvs369
the endpoint URL should be reachable from the k8s pods.

If you can fix the URL, you can re-deploy the k8s secret by script /opt/bin/deploy-cloudstack-secret in the control node.
if not, you have to configure the load balancing rules manually.

@vishnuvs369
Copy link
Author

@weizhouapache
Thanks for the update, We can either add a public ip interface to the management server and configure that IP on the endpoint url or do a NAT route on 192.168.10.120 IP and configure public ip on the endpoint url. Our concern is that we need our management ui to be accessed only internally. So configuring public IP on management network we will have to take care of additional security... What is your advice for best practice...

@weizhouapache
Copy link
Member

@weizhouapache
Thanks for the update, We can either add a public ip interface to the management server and configure that IP on the endpoint url or do a NAT route on 192.168.10.120 IP and configure public ip on the endpoint url. Our concern is that we need our management ui to be accessed only internally. So configuring public IP on management network we will have to take care of additional security... What is your advice for best practice...

However, user vms should be unable to access the management network, otherwise it is a more severe security issue.

You can add some firewall rules for the public ip of the management IP.

@PaX101
Copy link

PaX101 commented Apr 22, 2024
edited

We are experiensing the same issue, it looks to be the same issue as 4.18 where the pages would take a very long time to load where they were pulling all data instead of what was needed. The command causing this slowness on our one:

https://my.url.com/client/api?apiKey=myapikeyhere&command=listVirtualMachines&listall=true&response=json&signature=mysignature

If i run this command in a browser the API takes around 5-10 minutes to load it, however is i try to run normal commands on the API such as listVirtualMachinesMetrics it is instant.

@DaanHoogland
Copy link
Contributor

We are experiensing the same issue, it looks to be the same issue as 4.18 where the pages would take a very long time to load where they were pulling all data instead of what was needed. The command causing this slowness on our one:

https://my.url.com/client/api?apiKey=myapikeyhere&command=listVirtualMachines&listall=true&response=json&signature=mysignature

If i run this command in a browser the API takes around 5-10 minutes to load it, however is i try to run normal commands on the API such as listVirtualMachinesMetrics it is instant.

@PaX101 , your comment seems to relate to a totally different issue, does it? Did you plane to add it to another issue?

@Noelantogerorge
Copy link

Hi Guys,
It is not best practice to have a public interface on the management server and open port 8080 to public access. management server should have only local network access. So when configuring Kubernetes, it checks for the endpoint URL, and that URL should be accessible from the Kubernetes cluster. In such case, kubernetes VR is only has public nic and a local NIC, which will not be available to management server local network. So how is it possible to communicate a Kubernetes cluster with the management server?
Any advice will be great and helpful.

@DaanHoogland
Copy link
Contributor

@Noelantogerorge , In your scenario I would say you need a proxy with firewall to allow your cluster to call back. And then configure the endpoint.url to be the proxy.

@rohityadavcloud rohityadavcloud added this to the 4.19.1.0 milestone Apr 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type:question
Projects
Apache CloudStack - Issues
Status: Todo
Apache CloudStack 4.19.1
Status: Todo
Milestone
4.19.1.0
Development

No branches or pull requests
6 participants
@rohityadavcloud @DaanHoogland @PaX101 @vishnuvs369 @weizhouapache @Noelantogerorge