Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: haproxy-ingress should be able to take IP address from a service. #93

Closed
james-masson opened this issue Feb 15, 2018 · 4 comments
Closed

Feature request: haproxy-ingress should be able to take IP address from a service. #93

james-masson opened this issue Feb 15, 2018 · 4 comments
Labels
kind/feature
Milestone
v0.6

Comments

@james-masson
Copy link

I'm using the following setup currently:

DNS ( external-dns) -> External loadbalancer ( GCP internal-only LB - defined through k8s service ) -> Nginx-ingress -> app ingress -> K8s headless service -> app pods

I want to replace Nginx-ingress with haproxy-ingress, for speed and better metrics.

With nginx-ingress, the IP address that the external loadbalancer registers is provided automatically to the app ingress, and is then registered in DNS against the app name by external-dns.

With haproxy-ingress - the app ingress always uses the external IP of the node running the haproxy-ingress.

Is there any way to get haproxy-ingress to recognise that there's a service loadbalancer infront of it, and to use that IP instead?

In nginx-ingress this just works.

detailed config/debug below.

thanks

James M

kubectl -n shared-services get ingress
NAME      HOSTS                      ADDRESS        PORTS     AGE
testapp   testapp.dev.mydomain   <node IP>   80, 443   24m

Address above should be external Loadbalancer IP (as shown below) - not node IP

kubectl -n shared-services get svc
NAME                       TYPE           CLUSTER-IP      EXTERNAL-IP    PORT(S)                      AGE
haproxy-ingress            LoadBalancer   172.16.17.179   10.151.16.10   80:30186/TCP,443:31261/TCP   50m
testapp                    ClusterIP      None            <none>         3000/TCP                     25m

---
apiVersion: v1
kind: Service
metadata:
  name: haproxy-ingress
  annotations:
    cloud.google.com/load-balancer-type: "Internal"
spec:
  type: LoadBalancer
  ports:
  - name: http
    port: 80
    targetPort: 80
  - name: https
    port: 443
    targetPort: 443
  selector:
    k8s-app: haproxy-ingress
  loadBalancerSourceRanges:
  - 10.0.0.0/8
  - 172.16.0.0/12
---
apiVersion: apps/v1beta2
kind: Deployment
metadata:
  labels:
    k8s-app: haproxy-ingress
    run: haproxy-ingress
  name: haproxy-ingress
spec:
  selector:
    matchLabels:
      run: haproxy-ingress
  template:
    metadata:
      labels:
        k8s-app: haproxy-ingress
        run: haproxy-ingress
    spec:
      containers:
      - name: haproxy-ingress
        image: quay.io/jcmoraisjr/haproxy-ingress
        args:
        - --default-backend-service=kube-system/default-http-backend
        - --default-ssl-certificate=$(POD_NAMESPACE)/tls-secret
        - --configmap=$(POD_NAMESPACE)/haproxy-ingress
        ports:
        - name: http
          containerPort: 80
        - name: https
          containerPort: 443
        - name: stat
          containerPort: 1936
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: testapp
  labels:
    app: testapp
spec:
  template:
    metadata:
      labels:
        app: testapp
    spec:
      containers:
      - name:  testapp
        image: heroku/nodejs-hello-world
        ports:
        - name: http
          containerPort: 3000
---
apiVersion: v1
kind: Service
metadata:
  name: testapp
  labels:
    app: testapp
spec:
  clusterIP: None
  ports:
  - name: http
    port: 3000
    targetPort: 3000
  selector:
    app: testapp
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: testapp
  annotations:
    kubernetes.io/ingress.class: haproxy
    service.beta.kubernetes.io/external-traffic: OnlyLocal
spec:
  tls:
  - secretName: tls-secret
    hosts:
      - testapp.dev.mydomain
      - dev.mydomain
  rules:
  - host: "testapp.dev.mydomain"
    http:
      paths:
      - backend:
          serviceName: "testapp"
          servicePort: 3000
@james-masson
Copy link
Author

After doing some more digging, this seems to be handled by the nginx-ingress --publish-service option.

 --publish-service string            Service fronting the ingress controllers. Takes the form namespace/name. 
		The controller will set the endpoint records on the ingress objects to reflect those on the service.

https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/cli-arguments.md

So I guess this is now a feature request.

@james-masson james-masson changed the title haproxy-ingress only takes IP for ingress from node it's running on Feature request: haproxy-ingress should be able to take IP address from a service. Feb 15, 2018
@jcmoraisjr jcmoraisjr added this to the v0.6 milestone Feb 15, 2018
@jcmoraisjr
Copy link
Owner

HAProxy Ingress has also --publish-service but it's not documented because I didn't test this myself. Please let me know if this config work and I'll update doc, or if it doesn't work and I'll provision an environment to test this properly.

@james-masson
Copy link
Author

Works perfectly, thanks!

@jcmoraisjr jcmoraisjr mentioned this issue Feb 16, 2018
Closed
danigrmartinez added a commit to danigrmartinez/haproxy-ingress that referenced this issue Aug 31, 2018
@danigrmartinez
Add publish-service documentation
e3557e5 
I am running v0.6-beta.3 in AWS, k8s 1.9 and external-dns. It is perfectly working. I hope were in the documentation to save time the next person. 👍 

Related to this issue jcmoraisjr#93
@danigrmartinez danigrmartinez mentioned this issue Aug 31, 2018
Merged
@jcmoraisjr jcmoraisjr mentioned this issue Nov 15, 2019
Closed
@VGerris
Copy link

VGerris commented Dec 15, 2020

can anyone post an example of the annotation / document this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature
Projects
None yet
Milestone
v0.6
Development

No branches or pull requests
3 participants
@VGerris @james-masson @jcmoraisjr