-
Notifications
You must be signed in to change notification settings - Fork 39k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Loadbalancing umbrella issue #24145
Comments
created #27294 to address sharing of IPs, hostnames, and other "things" in an Ingress |
Who's responsible for updating this issue? For instance, the first item in the list is fixed. |
@pires that's rigth, as is
The gce controller will ignore any ingress with the annotation
Both nginx and gce will scrape your endpoints (the endpoint pods corresponding to the serviceName:servicePort in your Ingress) for an HTTP probe that doesn't require any special http headers or https. If one is found it's used for the health check, otherwise it defaults to "/"
Kube-lego currently only works with the nginx ingress controller, the idea is to get it to work with everything.
A generic cross platform e2e was written: https://github.com/kubernetes/kubernetes/blob/master/test/e2e/ingress.go#L175 E2es could always use improvement though. The next step is to write e2es for nginx and add that to presubmit. I'll updated it soon there are a couple of points i need to add to the list |
Adding to this list #28647 Source IP Preservation for external LB services. |
@pires Just tested 1.4-alpha2 for issue #10921/#28467: Does not work in alpha2 as expected (or do I misinterpret the state "closed" here as something is really in the branch): Log output in an nginx container:
Source info/bug report in #30531 |
@nvnobelen source ip was never preserved for ingress traffic through services.Type=LoadBalancer. That's what #24145 (comment) is about. For intra cluster traffic through the service vip, you should see the right source ip of the pod in nginx logs, if that doesn't work it's a regression (#27110). If you're using a hostPort pod, you may get source ip, this is a live bug (#29742), but you will get the right source ip in the case that matters most (outside cluster -> node ip:hostport). |
@bprashanth is there a bug to preserve source ip for nginx based ingress controllers ? i see lots of bugs in different cases.. but not for nginx ingress. |
@thockin can we have an owner for this issue? |
Is there an issue for source IP preservation on non-GCE clusters? |
It needs to be dealt with on a case by case basis (eg #35758) |
This issue is sort of a collector, not really actionable. We should
probably close it and move info to docs and discrete bugs/FRs.
…On Wed, Nov 23, 2016 at 12:40 PM, Prashanth B ***@***.***> wrote:
It needs to be dealt with on a case by case basis (eg #35758
<#35758>)
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#24145 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFVgVJdJygoSleZzhM0mh4NaHLvHZtQQks5rBKTVgaJpZM4IFpPF>
.
|
Any updates on this? Has it been merged to docs or discrete bugs? Additionally, unless I'm reading this wrong, it seems SNI Passthrough (L4 in Ingress) is at least somewhat done. |
The L4 Ingress proposal was closed due to inactivity. The somewhat done you mention is just a workaround for nginx controller. |
I'm going to close this bug in favor the individual pieces that are planned and in progress. /close |
A non-comprehensive list ordered by an approximation of priority. Mostly for documentation and reducing bus factor:
@kubernetes/goog-cluster
The text was updated successfully, but these errors were encountered: