Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why does Google Cloud show an error when using ClusterIP

Tags:

google-cloud-platform

kubernetes

gcloud

google-kubernetes-engine

In my gcloud console it shows the following error for my defined ingresses:

Error during sync: error while evaluating the ingress spec: service "monitoring/kube-prometheus" is type "ClusterIP", expected "NodePort" or "LoadBalancer"

I am using traefik as reverse proxy (instead of nginx) and therefore I define an ingress using a ClusterIP. As far as I understand the process all traffic is proxied through the traefik service (which has a Loadbalancer ingress defined) and therefore all my other ingresses SHOULD actually have a ClusterIP instead of NodePort or Loadbalancer?

Question:

So why does Google Cloud warn me that it expected a NodePort or LoadBalancer?

enter image description here

like image 914
kentor Avatar asked Jul 28 '18 14:07

kentor

People also ask

How can you enable clients inside a Gke cluster to be able to contact pods?

You can configure various ways to access the grouping. By default, you get a stable cluster IP address that clients inside the cluster can use to contact Pods in the Service. A client sends a request to the stable IP address, and the request is routed to one of the Pods in the Service.

What is a node port?

A NodePort is an open port on every node of your cluster. Kubernetes transparently routes incoming traffic on the NodePort to your service, even if your application is running on a different node.

1 Answers

I don't know why that error happens, because it seems (to me) to be a valid configuration. But to clear the error, you can switch your service to a named NodePort. Then switch your ingress to use the port name instead of the number. For example:

Service:

apiVersion: v1 kind: Service metadata:   name: testapp spec:   ports:   - name: testapp-http # ADD THIS     port: 80     protocol: TCP     targetPort: 80   selector:     app: testapp   type: NodePort

Ingress:

apiVersion: extensions/v1beta1 kind: Ingress metadata:   name: testapp spec:   rules:   - host: hostname.goes.here     http:       paths:       - backend:           serviceName: testapp           # USE THE PORT NAME FROM THE SERVICE INSTEAD OF THE PORT NUMBER           servicePort: testapp-http         path: /

Update:

This is the explanation I received from Google.

Since services by default are ClusterIP [1] and this type of service is meant to be accessible from inside the cluster. It can be accessed from outside when kube-proxy is used, not meant to be directly accessed with an ingress.

As a suggestion, I personally find this article [2] good for understanding the difference between these types of services.

[1] https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types

[2] https://medium.com/google-cloud/kubernetes-nodeport-vs-loadbalancer-vs-ingress-when-should-i-use-what-922f010849e0

like image 147
aayore Avatar answered Oct 07 '22 02:10

aayore
Sign in to Comment

Related questions

Helm _helpers.tpl: Calling defined templates in other template definitions
How to list applied Custom Resource Definitions in kubernetes with kubectl
Kubernetes: stop CloudSQL-proxy sidecar container in multi container Pod/Job
Kubernetes Ingress (GCE) keeps returning 502 error
kubernetes cannot ping another service
Can I connect one service account to multiple namespaces in Kubernetes?
Kubenetes POD delete with Pattern Match or Wilcard
Error: selector does not match template labels
What does Kubernetes cronjobs `startingDeadlineSeconds` exactly mean?
How do you get a Kubernetes pod's name from its IP address?
Where is the complete list of kubernetes objects?
how to scale kubernetes daemonset to 0?
My worker node status is Ready,SchedulingDisabled
How to delete completed kubernetes pod?
Sidecar containers in Kubernetes Jobs?
Kubernetes: understanding memory usage for "kubectl top node"
Kubernetes equivalent of `docker run --init`
What's the kube-public namespace for?
How best to run one-off migration tasks in a kubernetes cluster
AKS. Can't pull image from an acr

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!