-1

Background: We hosted application in a GKE cluster, the application running on the GKE cluster has an ingress resource containing the rules to point to our application services. We are using ingress-nginx as the ingress controller for this cluster..

We have now created a GCP Internal Load Balancer(TCP) to point to the nodeport where the ingress-controller service is listening. (Note: nginx ingress controller service" is of type node port)

  1. When we try to access application with http://ILB-IP:80 (http-port), it throws connection refused exception but gets a desired response when we access directly with nodeport http://ILB-IP:31380 (nodeport)

  2. When we give ingress service as type load balancer, GCP creates an ILB in the background. In this case application is accessible over http port and all the request is being served.

Can anyone help us to figure out when we explicitly creates ILB and sends the request, why application is not accessible when we are hitting the ILB front end on http port while the same is accessible when ILB front end is ILB-IP:?

Thanks in advance!

Jesse Scherer
  • 1,492
  • 9
  • 26
Mayur
  • 1
  • 4

3 Answers3

0

The ingress controller needs to be configured as type:LoadBalancer as described in this help center article, which will create an external LB to route the traffic to the services that are exposed via an Ingress resource, which is the expected way to do it.

When exposing the ingress controller as type:NodePort then the service is accessible on each Node’s IP at a static port as explained in here.

Md Zubayer
  • 367
  • 1
  • 7
  • Basically we are looking that using a ILB, we can switch between two different K8S backends. In order to do that we are creating a nginx-ingress service as a NodePort and intend to forward the traffic from port 80 on the ILB to the desired nodeport in k8s cluster. In short we are trying to do the same as a service type LoadBalancer would do. However, the ILB takes the same port as the NodePort but unable to forward port 80 to the NodePort. Is there a way we can achieve that ? – Mayur Dec 12 '18 at 10:30
0

Over discussion with google support came to know that service type as LoadBalancer creates an IP table entry on each nodes, which allow traffic to redirect from port 80 to the defined node port.

So, if our use-case requires to create ILB explicitly and our application to be accessible over Node Port, Then "we have to manually edit the IP tables on each kubernetes node in order to traffic to be redirect from the port 80 to the node port"

Mayur
  • 1
  • 4
  • Attaching link for your reference. https://kubernetes.io/docs/concepts/services-networking/service/#the-gory-details-of-virtual-ips – Mayur Dec 21 '18 at 06:05
0

Checkout this : https://medium.com/google-cloud/internal-load-balancing-for-kubernetes-services-on-google-cloud-f8aef11fb1c4

GCP has started supporting internal LB creation for K8S services.

user2983509
  • 234
  • 2
  • 9