Disallow headless Services with LB type #33274
Conversation
k8s-github-robot
added
size/M
|
Would adding this validation break existing users? Strengthening validation is an API change so we have to ensure we cannot break an existing use case / automation setup that depends on it. |
smarterclayton
added
kind/api-change
|
@smarterclayton I will try to figure this out. Are there any procedures for checking whether the API change is breaking, or should I just move around the GH and check whether the change breaks existing manifests? |
|
Easiest to justify is:
On Thu, Sep 22, 2016 at 1:02 PM, Maciej Kwiek notifications@github.com
|
|
@smarterclayton according to docs: http://kubernetes.io/docs/user-guide/services/#headless-services it doesn't make sense in any case to create a headless load balancer. Excerpt from the doc: "For such Services a cluster IP is not allocated, the kube proxy does not handle these services, and there is no load balancing or proxying done by the platform for them.". I will try to ask around if anyone ever tried to use this case for anything, but it doesn't seem to make any sense. |
k8s-github-robot
added
size/S
|
There's no lie balancing done by the platform - could an integrator off the platform use this correctly (or in a more powerful way) if they wanted? |
|
"Load" |
|
According to the docs, ClusterIP is a virtual IP address used by Kubernetes to fetch traffic to backend pods. So headless LoadBalancer doesn't seem to make sense, because it doesn't have an address to balance the load to and therefore should be disallowed by API. |
|
LoadBalancer services don't actually have to load balance to the cluster On Mon, Sep 26, 2016 at 3:19 AM, Maciej Kwiek notifications@github.com
|
|
@smarterclayton can you give me an example of such implementation? I was not aware of that. @thockin does the issue this PR aims to fix actually make sense given what Clayton is saying? |
|
I don't think there any combination of headless+LB that valid today. This is technically a breaking change, but every platform we support fails to handle this. |
| @@ -2402,6 +2402,9 @@ func ValidateService(service *api.Service) field.ErrorList { | |||
| allErrs = append(allErrs, field.Invalid(portPath, port.Port, "may not expose port 10250 externally since it is used by kubelet")) | |||
| } | |||
| } | |||
| if service.Spec.ClusterIP == "None" { | |||
| allErrs = append(allErrs, field.Invalid(specPath.Child("clusterIP"), service.Spec.ClusterIP, "may not be set to 'None' for LoadBalancer")) | |||
There was a problem hiding this comment.
nit: add the word "services" at the end
|
Really, every cloud provider we have written an implementation for does not
do this. But anyone who is on metal could have done this just by setting
an ingress IP and adding the right scripting to populate their LB. I'm not
terribly concerned because most people probably default to clusterIP, and
an integration like that would still work even with a clusterIP. I guess
someone could write a service load balancer integration that gives each
endpoint one VIP and maintains a mapping, but given I haven't heard about
anyone doing that...
I guess I'm reasonably convinced no one would be impacted outside of the
first party circle, and if they are impacted they'll let us know. Needs a
release note.
|
|
Is release note in PR description enough? |
k8s-github-robot
removed
the
needs-rebase
|
Jenkins unit/integration failed for commit 95f4b6a. Full PR test history. The magic incantation to run this job again is |
|
Jenkins GCI GCE e2e failed for commit 95f4b6a. Full PR test history. The magic incantation to run this job again is |
|
Yes On Wed, Sep 28, 2016 at 9:07 AM, k8s-ci-robot notifications@github.com
|
|
Jenkins GKE smoke e2e failed for commit 95f4b6a. Full PR test history. The magic incantation to run this job again is |
thockin
changed the title
| @@ -2406,6 +2406,9 @@ func ValidateService(service *api.Service) field.ErrorList { | |||
| allErrs = append(allErrs, field.Invalid(portPath, port.Port, "may not expose port 10250 externally since it is used by kubelet")) | |||
| } | |||
| } | |||
| if service.Spec.ClusterIP == "None" { | |||
| allErrs = append(allErrs, field.Invalid(specPath.Child("clusterIP"), service.Spec.ClusterIP, "may not be set to 'None' for LoadBalancer service")) | |||
There was a problem hiding this comment.
nit, since CI is still flaking. "services" not "service"
There was a problem hiding this comment.
Aw man, sorry about that. Will fix and rebase, flakes are still strong here.
|
@k8s-bot unit this |
|
@k8s-bot gci gce e2e test this |
thockin
added
the
lgtm
|
I've LGTM'ed this, despite asking for a 1 character change. If this goes through, please followup. If it doesn't, please fix :) |
If the Service is a Load Balancer, it should not have None Cluster IP. If it does, Service validation fails.
k8s-github-robot
removed
the
lgtm
|
Fixed the typo, rebased, flakes are gone. Please re-review. |
smarterclayton
added
the
lgtm
|
Lgtm |
|
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
|
Automatic merge from submit-queue |
What this PR does / why we need it: It adds new validation rule for Services, to ensure that creating LoadBalancer type service with cluster IP set to "None" fails.
Which issue this PR fixes (optional, in
fixes #<issue number>(, #<issue_number>, ...)format, will close that issue when PR gets merged): fixes #33036Release note:
This change is