-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Headless should use ExternalIP when using --publish-host-ip #1263
Comments
Just encountered this as well - the documentation seems to imply that it's designed for routing to nodes from the internet ("when trying to access them from outside the cluster") — perhaps there's a bug? |
Got the behavior I wanted by using a service with |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
I'm confused by this as well. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
/remove-lifecycle rotten |
#1391 should resolve this; it's working for my purposes. Both |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
/remove-lifecycle stale |
/kind feature |
Were you still using a Headless service to do this, or not? |
@stefanlasiewski Here's the manifest: apiVersion: v1
kind: Service
metadata:
name: admin-marker
labels:
app: admin-marker
annotations:
livepeer.live/admin-external-dns: "true"
external-dns.alpha.kubernetes.io/hostname: "[redacted]"
external-dns.alpha.kubernetes.io/ttl: "120"
spec:
type: NodePort
externalTrafficPolicy: Local
selector:
app: admin-marker
ports:
- port: 443
targetPort: 443
protocol: TCP
name: https |
Thanks @iameli. Looks like your solution was to use the NodePort service type, instead of a Headless service (probably due to this bug). I have a similar NodePort service, and it's using the internal IP address of the node, not the external IP. I'm looking around for a solution. |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
/remove-lifecycle stale |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
/remove-lifecycle stale |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
/remove-lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close |
@k8s-triage-robot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
"complete" |
/remove-lifecycle rotten |
/reopen |
@kevincox: Reopened this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Yes! Thanks for pointing that out. The final docs are here: https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/hostport.md#user-content-using-node-external-ips-as-targets My config for the reference of others looks like this. Only the relevant parts kept. I didn't have to do anything special with the external-dns process itself. apiVersion: apps/v1
kind: DaemonSet
spec:
template:
spec:
name: nginx
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
- containerPort: 443
hostPort: 443
protocol: TCP apiVersion: v1
kind: Service
metadata:
annotations:
external-dns.alpha.kubernetes.io/endpoints-type: NodeExternalIP
external-dns.alpha.kubernetes.io/hostname: example.com
spec:
type: ClusterIP
clusterIP: None
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443 |
Right now when publishing a headless service it uses the internal IP which means that it can't receive inbound connections.
I think this should be the default since the service code prefers external IP. However it might be best to avoid changing current behaviour.
The text was updated successfully, but these errors were encountered: