-
Notifications
You must be signed in to change notification settings - Fork 7.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Istio ingress static IP support for GCP #1024
Comments
@ayj this is a GCP issue, can you comment? |
|
* Add OWNERS and pr template for mungegithub * Update OWNERS * Update OWNERS Former-commit-id: 264a86f2a931478991c6ce8aa028556b5998e7f8
* Add OWNERS and pr template for mungegithub * Update OWNERS * Update OWNERS Former-commit-id: 044c8d8280c06ffa2aa8e1ab3279537ec4e6067f
* Enable health checks in kube * gazelle * enable health checks in integration tests * fix yamls and add more tests * no mixer filter for health check ports * PR nits * remove mgmt listeners from svc listeners * update golden files * Revert "update golden files" This reverts commit a4339c01c3954ba7e6ef26747aecd4689d1007e2. * undoing config changes * merge config.go * fix compilation error * new golden files * lint fixes * Revert "new golden files" This reverts commit 5440786a8fea242ccd3d6f2c2d7ae9e47e4254a9. * undo mock mgmt ports * Revert "undo mock mgmt ports" This reverts commit c3869f29f0033954a9a13700327add29581d902f. * golden files - again! * generate TCP listeners only * compilation fix * Revert "golden files - again!" This reverts commit 27300daef4e554c0e7faee08cbf9592b27cbf5df. * go switch is not same as c switch * whole new goldens again * nits * lint fixes
do we plan on addressing this ? how do people expose GKE services ? |
Are there workarounds for this? Seems pretty limiting to not be able to use static IP with Istio ingress. |
Aha, ok, thanks!
…On Thu, Feb 22, 2018 at 6:10 PM Laurent Demailly ***@***.***> wrote:
@vaikas-google <https://github.com/vaikas-google> the work around is to
go in the cloud management UI and switch the ip from ephemeral to static
after the ingress is up
for instance:
[image: screen shot 2018-02-22 at 6 09 21 pm]
<https://user-images.githubusercontent.com/3664595/36574666-a9693d4e-17fb-11e8-8a79-af87d8a8a19c.png>
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1024 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AKwedOA1LN6HwBy-Odp6Hc4sL8tnVguvks5tXh4kgaJpZM4Pt3KL>
.
|
Can we also add the kubernetes.io/ingress.global-static-ip-name ? ( in the
helm templates, where
it can be set in values.yaml ). Probably P2 since we have a workaround -
which should be documented.
On Fri, Feb 23, 2018 at 7:27 AM, Ville Aikas <notifications@github.com>
wrote:
… Aha, ok, thanks!
On Thu, Feb 22, 2018 at 6:10 PM Laurent Demailly ***@***.***
>
wrote:
> @vaikas-google <https://github.com/vaikas-google> the work around is to
> go in the cloud management UI and switch the ip from ephemeral to static
> after the ingress is up
>
> for instance:
> [image: screen shot 2018-02-22 at 6 09 21 pm]
> <https://user-images.githubusercontent.com/3664595/
36574666-a9693d4e-17fb-11e8-8a79-af87d8a8a19c.png>
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub
> <#1024 (comment)>, or
mute
> the thread
> <https://github.com/notifications/unsubscribe-auth/AKwedOA1LN6HwBy-
Odp6Hc4sL8tnVguvks5tXh4kgaJpZM4Pt3KL>
> .
>
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1024 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAFI6tSm68mDN8qGQXZX9r0RozLAG2Q1ks5tXtjRgaJpZM4Pt3KL>
.
|
We need to support it before we add it, no? |
Am I correct that this workaround only allows to make the ip static but there is no way to attach this static ip address to another existing Istio cluster (e.g. starting a new cluster, attaching the the static ip of the ingress of the old cluster to the ingress of the new cluster, then deleting the old cluster)? Or does the workaround allow for this too? |
@denseidel Not sure if that what you're asking, but if you just want to attach an existing (regional) static IP address to your istio-ingress, you can add If you use the Helm chart to deploy Istio, these are the changes that are needed to be made (link to a commit in my fork of the Istio Helm chart): exekube/charts@5fc3353 @ldemailly should I submit a PR with the changes to the Helm chart? The feature is very useful for having an ephemeral cluster with a permanent static IP address (and permanent DNS records for it). |
Yes please! |
#4955 has been merged ✅ You can now reserve a regional static IP address (https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address), then bind it to Istio ingress service like this: # values.yaml
ingress:
enabled: true
...
service:
loadBalancerIP: 130.211.160.207 # (your static IP address) |
that's great progress, thanks, any way to do it by the name of the reserved ip instead of the actual address ? |
the issue seems to have been resolved by #4955 |
Can anyone give a link for example YAML on how to use istio ingress in GKE with static IP? I've already tried with regional static IP, no success. |
Signed-off-by: Gao Hongtao <hanahmily@gmail.com>
Google has documentation on how to change the IP of LB provisioned with Istio on GKE clusters using the addon: https://cloud.google.com/anthos/gke/docs/on-prem/archive/1.1/how-to/add-ons/istio#configure_an_external_ip_address Which is basically patching the
For those using Terraform, my workaround is to patch the gateway using the
|
After applying this ingress resource in a GKE cluster,
The address returned by
kubectl get ing static-ip
seem to depend on the ephemeral external ip of theistio-ingress
service but is different from the gcloud provisionedtest-ip
. My expected behavior is for the ingress controller to use the global-static-ip-name test-ip.The text was updated successfully, but these errors were encountered: