[EnMasse] External Kubernetes services
Lohmann Carsten (INST/ECS4)
Carsten.Lohmann at bosch-si.com
Fri Dec 15 12:19:53 UTC 2017
Hi Ulf,
here is an example with the added modifications of our "messaging-external" service:
---------------------
- apiVersion: v1
kind: Service
metadata:
labels:
app: enmasse
annotations:
dns.alpha.kubernetes.io/external: our-messaging-domain-name.
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "certName"
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "5671"
name: messaging-external
spec:
ports:
- name: amqps
port: 5671
protocol: TCP
# TLS gets terminated at the LoadBalancer, target port here 5672
targetPort: 5672
selector:
capability: router
type: LoadBalancer
loadBalancerSourceRanges: ..ip list..
---------------------
So it's about added annotations, different target port, added "loadBalancerSourceRanges".
Regarding using an empty endpoint list of the address space:
If the endpoints only correspond to K8s services, that's OK. I was only wondering if an omitted endpoint also leads to other corresponding resources (e.g. pods) not being created.
See https://github.com/EnMasseProject/enmasse/issues/544.
Best regards
Carsten Lohmann
> -----Ursprüngliche Nachricht-----
> Von: Ulf Lilleengen [mailto:lulf at redhat.com]
> Gesendet: Donnerstag, 14. Dezember 2017 17:41
> An: Lohmann Carsten (INST/ECS4) <Carsten.Lohmann at bosch-si.com>;
> enmasse at redhat.com
> Betreff: Re: [EnMasse] External Kubernetes services
>
> Hi Carsten,
>
> The intention is that you can override this when creating the address space by
> specifying an empty endpoint list like this:
>
> {
> "kind": "AddressSpace",
> "spec": {
> "endpoints": []
> }
> }
>
> Unfortunately, it appears that this does not work as intended. I have created an
> issue to address this[1], but I'd like to know if that is sufficient for your use case
> before starting on a fix.
>
> Any details you can share on what properties are required for you to be able to
> configure your loadbalancer using the address space resource rather than having
> to create them explicitly would be valuable. If you have an example LoadBalancer
> service definition, I can try to propose a way to configure endpoints in sufficient
> detail that will give you the LoadBalancer service you wish.
>
> [1] https://github.com/EnMasseProject/enmasse/issues/648
>
> Best regards,
>
> Ulf
>
> On 14. des. 2017 16:57, Lohmann Carsten (INST/ECS4) wrote:
> > Hi,
> >
> > in EnMasse 0.15.0 there has been this change:
> >
> > "Replace use of Ingress with K8S LoadBalancer Service"
> >
> > https://github.com/EnMasseProject/enmasse/commit/f2680732530e37ff5fa85
> > c02ff58617a002e2640
> >
> > Having the K8S LoadBalancer Services be created automatically by the
> > Address Controller proves to be rather inflexible in our use case.
> >
> > Before EnMasse 0.15.0, we have used an adapted "external-lb.yaml" file
> > with added annotations
> >
> > - concerning definition of DNS records for the created LoadBalancer,
> > definition of LoadBalancer SSL certificate/port, etc.
> >
> > Now to have these annotations, we must either adapt or
> > delete/re-create the Services.
> >
> > And since in the AWS setup there is the creation of dependent AWS
> > LoadBalancer entries, there is quite some overhead involved in this.
> >
> > Would it be feasible to add a flag to skip automatic Service creation?
> > Or changing the code-wise creation to one based on a yaml file that
> > can be adapted?
> >
> > Best regards
> >
> > *Carsten Lohmann
> > *
> > (INST/ECS4)
> > Bosch Software Innovations GmbH | Ullsteinstr. 128 | 12109 Berlin |
> > GERMANY| www.bosch-si.com <http://www.bosch-si.com>
> >
> > Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411
> > B
> > Aufsichtsratsvorsitzender: Dr.-Ing. Thorsten Lücke; Geschäftsführung:
> > Dr.-Ing. Rainer Kallenbach, Michael Hahn
> >
> >
> >
> >
> >
> > _______________________________________________
> > enmasse mailing list
> > enmasse at redhat.com
> > https://www.redhat.com/mailman/listinfo/enmasse
> >
More information about the enmasse
mailing list