[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Miouge1
To fully approve this pull request, please assign additional approvers.
We suggest the following additional approver: smarterclayton

Assign the PR to them by writing /assign @smarterclayton in a comment when ready.

The full list of commands accepted by this bot can be found here.

The pull request process is described here

/ok-to-test

We should also add some ut . Also implementation wise is there any technical blockers to doing this

@Miouge1: The following test failed, say /retest to rerun them all:

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

I also have some question for this, the checking was added in #20394 , but I donot know why the checking is needed.

@thockin I saw you opened #20394 , any comments why do not support mix protocols for lb services?

It's not that "not all implementations support it", it's that almost all implementations (as far as I know) do NOT support it. I would like to be able to allow this, but it would be just another source of support issues when people try to bridge environments.

This could be an implementation-specific annotation, which could build support for an argument that it IS portable, but to the best of my knowledge it is not.

@kubernetes/sig-network-api-reviews Does anyone else have evidence that this works in more places than I know?

+1 to support this with annotation

Is the idea an annotation like: allow-mixed-protocol: true that would disable the validation?

@Miouge1 Yes, I think so.

@thockin can you please help confirm so that we can proceed this with a new PR? Thanks.

Coming at this problem from the "I've maintained load-balancers" side of the fence, I find this surprising. My expectation going in was that the GCP integration is the aberration. If the LB implementation supports TCP and UDP, I don't see why they wouldn't allow mixing the two in one Service.

If the argument is that most LBs only support TCP... Then we already have a support problem, because I can already tell k8s to create a UDP-only balancer, and that will presumably fail. Allowing mixed protocols doesn't change that surface, the LB implementation is still free to log a sadness event on the service and fail to converge it, or add an admission check to eagerly reject things.

As a point of reference, I did things the annotation way in MetalLB, and in my corner of the universe, this constraint of k8s generates an ongoing trickle of people confused that they need to resort to declarative hacks (2 services and implementation-specific annotations) to express something that their mental model says should be trivial.

@thockin What would it take to satisfy you that the proposed lack-of-constraint makes sense for the majority of k8s users? If I know what data we'd need, I'd be happy to go collect it (and possibly be proved wrong, I'm aware that I'm coming from a place of assumptions here). But if we're going to move the status quo, I'd rather move it towards a more intuitively sensible API than to enshrine vendor-specific hacks.

Build the matrix:

GCP:
AWS:
Azure:
OpenStack:

Of those how many support mixed protocols?

Of the out-of-tree clouds (alibaba, huawei, IBM, DigitalOcean, maybe others), how many support mixed protocols?

I don't LIKE being overly minimalist. I want this to work, so show me it will work for more people than it will fail for.

It seems silly to impose this very artificial limitation on all platforms (but particularly MetalLB) simply because some [cloud] platforms don't support it.

As a MetalLB user, I'm stumbling on this issue. I understand @thockin 's point. I also think that allowing an override of this check via an annotation would be very helpful for those of us who are using 'balancing' methods that support both tcp and udp (e.g., MetalLB).

Maybe this check can be done on per LB provider basis. As I know, there is already interface for LBs. So, that interface should include method to show if LB can or can not do mixed protocols.

Wait, so the reason this isn't supported is because cloud providers aren't doing it? That's the ONLY reason? That is very dumb. Who cares what they're doing?

For those coming into this thread fresh and using MetalLB, I got around this by creating two separate services of type loadBalancer that specify the same LoadBalancerIP

For each service, it will be necessary to pass an annotation allowing said service to have the same IP as another service.

    annotations:
        metallb.universe.tf/allow-shared-ip: "true"

Kinda surprised this is still a thing

Another pass at this with opt in to make it more acceptable! #75831

AWS now supports this, https://aws.amazon.com/about-aws/whats-new/2019/06/network-load-balancer-now-supports-udp-protocol/

Wait, so the reason this isn't supported is because cloud providers aren't doing it? That's the ONLY reason? That is very dumb. Who cares what they're doing?

For those coming into this thread fresh and using MetalLB, I got around this by creating two separate services of type loadBalancer that specify the same LoadBalancerIP

For each service, it will be necessary to pass an annotation allowing said service to have the same IP as another service.

    annotations:
        metallb.universe.tf/allow-shared-ip: "true"

This is exactly what I needed to get RPI cluster running. Thanks.

I'd like to add that this feature is really needed

In our use case we don't want to manually manage IPs so we let MetalLB assign IPs to services and we use CoreDNS to resolve the external IP. In that scenario, being forced to define 2 services means

• we have to use different hostnames for the same service based on protocol being used
• we are now using 2 IP addresses for the same service

bump

OpenStack supports UDP loadbalancing as of kubernetes/cloud-provider-openstack#844 via kubernetes/cloud-provider-openstack@594b9a3

bump

The issue is closed, bumping will do nothing. If you have new data, open a new bug and please stop spamming everyone subscribed to this one. Thanks!

bump

The issue is closed, bumping will do nothing. If you have new data, open a new bug and please stop spamming everyone subscribed to this one. Thanks!

you can track the development of this feature in kubernetes/enhancements#1435 (comment)

Please, don't "bump" issues 😄