Traefik blocks when get svc only returns hostname, not ip address #378
Comments
|
Hello @asbalderson ! I have published a PR for this Are you able to test it using |
|
It works in SolQA AWS env. Model Controller Cloud/Region Version SLA Timestamp App Version Status Scale Charm Channel Rev Address Exposed Message Unit Workload Agent Address Ports Message |
Bug Description
in commit 354 the way the hostname/address for a load-balancer was refactored. In the initial code, we could handle cases with both hostname, or IP address being returned. While it is true that juju may manage the hostname for the service, in some cases, like AWS, kubectl get svc will only return a hostname for the service instead of IP address, resulting in traefik being blocked stating that "gateway address unavailable"
I think returning the IP adresss if it exists first, and then if it doesn't returning the hostname makes sense for the cases where the Loadbalancer assigns different context.
In the attached log output you can see the difference between the svc output for AWS vs metallb. SQA could also return what Octavia returns from this output as well when running traefik on o7k with a load balancer.
To Reproduce
kubectl --kubeconfig kube.conf get svc -n cos traefik --output jsonto observe the lack of IP address in the load balancer status.Environment
In the testing environment(s) SQA was running charmed k8s 1.28/stable on aws with the aws-integrator charm, and on baremetal was running microk8s 1.28/stable with metallb. we have seen this issue in all stable versions of juju 3.x and candidate versions of juju 3.5. In all cases we were using latest/stable for traefik.
Relevant log output
On microk8s with metallb we can see the svc context like so: $ kubectl --kubeconfig kube.conf get svc -n cos traefik --output json { "apiVersion": "v1", "kind": "Service", "metadata": { "annotations": { "controller.juju.is/id": "f1160f08-aaf7-41d0-8b49-0fa01b7f699b", "juju.is/version": "3.3.5", "metallb.universe.tf/ip-allocated-from-pool": "juju-system-microk8s-metallb", "model.juju.is/id": "8a98550d-b705-44b6-8ca4-06d7cc1181c9" }, "creationTimestamp": "2024-06-27T17:18:03Z", "labels": { "app.juju.is/created-by": "traefik", "app.kubernetes.io/managed-by": "juju", "app.kubernetes.io/name": "traefik" }, "name": "traefik", "namespace": "cos", "resourceVersion": "4290", "uid": "999b4ecf-37a2-4ec4-a76d-837cc421d1e1" }, "spec": { "allocateLoadBalancerNodePorts": true, "clusterIP": "10.152.183.180", "clusterIPs": [ "10.152.183.180" ], "externalTrafficPolicy": "Cluster", "internalTrafficPolicy": "Cluster", "ipFamilies": [ "IPv4" ], "ipFamilyPolicy": "SingleStack", "ports": [ { "name": "traefik", "nodePort": 31859, "port": 80, "protocol": "TCP", "targetPort": 80 }, { "name": "traefik-tls", "nodePort": 31320, "port": 443, "protocol": "TCP", "targetPort": 443 } ], "selector": { "app.kubernetes.io/name": "traefik" }, "sessionAffinity": "None", "type": "LoadBalancer" }, "status": { "loadBalancer": { "ingress": [ { "ip": "10.246.167.196" } ] } } }and on AWS using ELB the output is:
Additional context
While COS isn't usually set to run on charmed k8s, and doesn't have many uses on AWS at the moment. COS is a good testing workload for juju and charmed k8s releases. Since traefik is used more and more as a standard ingress operator for Canonical it makes sense that it can work in most (all) environments.
The text was updated successfully, but these errors were encountered: