Endpoints controller demands ports for headless services

[thockin]

API validation explicitly allows headless services to not have ports, but we seem to have not updated endpoints controller to know this:

https://github.com/kubernetes/kubernetes/blob/master/pkg/api/validation/validation.go#L2390

vs

https://github.com/kubernetes/kubernetes/blob/master/pkg/controller/endpoint/endpoints_controller.go#L389

Superficially this seems like an easy fix. May be a candidate for 1.4.x

@sebgoa

[fraenkel]

@thockin What did you expect to happen? It will skip creating any EndpointSubsets. It handles having no ports.

[thockin]

I think it should create a Subset with a 0 port (or a dummy value). We
don't currently represent port ranges, but if we did it would be (1-655356)
here.

On Thu, Sep 15, 2016 at 12:23 PM, Michael Fraenkel <notifications@github.com

wrote:

@thockin https://github.com/thockin What did you expect to happen? It
will skip creating any EndpointSubsets. It handles having no ports.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#32796 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AFVgVPPhlx1blRNr1HuD6MYEfQF3qKphks5qqZs0gaJpZM4J9-qX
.

[sebgoa]

correct, it should create a subset with the PodIP that match the service selector. 0 port would work (or even no port at all if endpoints could support that).

[fraenkel]

Looking at RepackSubsets, it will drop out endpoints with no ports so going with the 0 port is what I did.

[thockin]

Yeah, without trawling code (thanks!) It is not clear if a zero port would
work. If I were clever, I would have written the validation to disallow 0,
because no-port-needed logic came later, and then would have expanded it to
make port=0 mean no-port-needed.

Simply trying it might be the best course, but we should audit kubectl, APi
validation, API defaulting, subset repacking, endpoints controller,
kube-proxy, and DNS server for correct behavior in the face of headless
without ports. Clearly some of that is wrong today, no surprise if more of
it is wrong still :)

On Sep 16, 2016 10:57 AM, "Michael Fraenkel" notifications@github.com
wrote:

Looking at RepackSubsets, it will drop out endpoints with no ports so going
with the 0 port is what I did.

—
You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub
#32796 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AFVgVFJ6ubH_f_Tknymh-mJfhj3ketPtks5qqtiZgaJpZM4J9-qX
.

[F21]

I just ran into this myself. A work around is to do something like this:

apiVersion: v1
kind: Service
metadata:
  name: my-svc
  labels:
    run: my-svc
spec:
  clusterIP: None
  selector:
    run: my-svc
  ports:

[je-al]

Furthermore, kubectl needs some love:

➜  kubectl create service clusterip my-nginx-hl --clusterip='None' --tcp='80:80'
error: can not map ports with clusterip=None

➜  kubectl create service clusterip my-nginx-hl --clusterip='None'
service "my-nginx-hl" created

➜  kubectl describe svc/my-nginx-hl
Name:                   my-nginx-hl
Namespace:              default
Labels:                 app=my-nginx-hl
Selector:               app=my-nginx-hl
Type:                   ClusterIP
IP:                     None
Session Affinity:       None
No events.

➜  kubectl patch svc --type=json -p='[{"op":"replace","path":"/spec/selector","value":{"run":"my-nginx"}}]' my-nginx-hl                                                               <<<
"my-nginx-hl" patched

➜  kubectl describe svc/my-nginx-hl
Name:                   my-nginx-hl
Namespace:              default
Labels:                 app=my-nginx-hl
Selector:               run=my-nginx
Type:                   ClusterIP
IP:                     None
Session Affinity:       None
No events.

➜  kubectl patch svc --type=json -p='[{"op":"replace","path":"/spec/ports","value":[{"name":"80-80","port":80, "targetPort":80,"procotol":"TCP"}]}]' my-nginx-hl
"my-nginx-hl" patched

➜  kubectl describe svc/my-nginx-hl
Name:                   my-nginx-hl
Namespace:              default
Labels:                 app=my-nginx-hl
Selector:               run=my-nginx
Type:                   ClusterIP
IP:                     None
Port:                   80-80   80/TCP
Endpoints:              172.17.0.5:80,172.17.0.6:80,172.17.0.7:80
Session Affinity:       None
No events.

P.S.: disregard the selector patching, that's an unrelated issue.

[jianzi123]

I would like to work on this issue