Comments (4)
Bo98
commented on May 25, 2024
The 0.0.0.0 thing doesn't break anything since it fails to remove it anyway: #85
Basically what happens is the removal of the original IP and the assignment of the new IP is a two step operation: delete the old access config and add the new access config. During this time, internet connection is unavailable from the node.
When kubeIP deletes an IP, it issues another request to wait until it is done:
kubeip/pkg/kipcompute/compute.go
Line 170 in c3dd8ec
The wait operation is terminated when the internet connection is lost (the network interface is reloaded I think, so all open connections are dropped). kubeIP sees this as an error and aborts before it can add the new IP, leaving it in the state where it is now.
At this point a new IP can't be added because of two reasons:
- Connections to the Google API requires an internet connection. This however can be worked around. You can create a VPC network that has Private Google Access enabled, and have a private DNS zone that provides the IPs for either
private.googleapis.comorrestricted.googleapis.comand CNAME*.googleapis.comto one of those. - Connection to the Kubenetes master control plane also requires an internet connection. This cannot be worked around AFAIK. You would need VPC network peering between the two networks and since the control plane is managed by Google, there's no option to do this. What kubeIP could do here is instead of allowing the error on the wait operation to abort back to the start, it could try just retry the wait request or something similar. At this point, connection to the Kubernetes control plane is not actually necessary if it remembers the state where it is at rather than aborting.
This issue only however applies to public clusters. If you create a private cluster this is not an issue because:
- There is no delete IP operation necessary
- Private Google Access is enabled and configured by default
- A VPC peering connection to the control plane exists
so no functional external internet connection is required at all for private clusters.
(yes, this is basically me dumping my personal experience here for anyone who may need it)
from kubeip.
Hax7
commented on May 25, 2024
@Bo98 So KubeIP does not work for public clusters?
from kubeip.
Bo98
commented on May 25, 2024
When assiging an IP to the node it's running on, no, at least not currently. If you must use a public cluster you'll need to run kubeIP on a separate node.
Private clusters were fine for my case, since you can still assign a public IP for public access to whatever's running in the container.
from kubeip.
alexei-led
commented on May 25, 2024
fixed with KubeIP v2
from kubeip.
Related Issues (20)
- Limit RBAC rights HOT 1
- Release an update with more recent docker image HOT 1
- KUBEIP_NODEPOOL prefix/wildcard HOT 1
- KUBEIP_COPYLABELS not applying labels HOT 4
- KubeIP not able to assign an IP to a node in state NotReady
- Minor Fix for the sed command in README to be working for macOS users. HOT 1
- IPv6 / Dual-Stack Support HOT 1
- Implementation in on-premises/Bare metal clusters. HOT 1
- Tell Anthony to stop spamming company email addresses he harvests from LinkedIn
- instance tagging
- Unable to switch to using kubeip v2, returning region-related error HOT 2
- Support GCP Global Addresses HOT 1
- in gcp/gke region gets populated with zone HOT 2
- when scaling up cluster and 2 or more nodes are starting in the same time there is a race condition HOT 3
- if --filter is used --order-by cannot be used
- KubeIP sporadically fails to assign the address on GCP because of missing access config check during delete step HOT 13
- Kubeip using a lot of CPU HOT 1
- Support for internal IP HOT 1
- build.yaml Action is using soon-to-be-deprecated calls like "save-state" and "set-output" HOT 3
- Make kubeip compatible with Workload Identity HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubeip.