Menu
In my gcloud console it shows the following error for my defined ingresses:
Error during sync: error while evaluating the ingress spec: service "monitoring/kube-prometheus" is type "ClusterIP", expected "NodePort" or "LoadBalancer"
I am using traefik as reverse proxy (instead of nginx) and therefore I define an ingress using a ClusterIP. As far as I understand the process all traffic is proxied through the traefik service (which has a Loadbalancer ingress defined) and therefore all my other ingresses SHOULD actually have a ClusterIP instead of NodePort or Loadbalancer?
Question:
So why does Google Cloud warn me that it expected a NodePort or LoadBalancer?
914
You can configure various ways to access the grouping. By default, you get a stable cluster IP address that clients inside the cluster can use to contact Pods in the Service. A client sends a request to the stable IP address, and the request is routed to one of the Pods in the Service.
A NodePort is an open port on every node of your cluster. Kubernetes transparently routes incoming traffic on the NodePort to your service, even if your application is running on a different node.
I don't know why that error happens, because it seems (to me) to be a valid configuration. But to clear the error, you can switch your service to a named NodePort. Then switch your ingress to use the port name instead of the number. For example:
Service:
apiVersion: v1 kind: Service metadata: name: testapp spec: ports: - name: testapp-http # ADD THIS port: 80 protocol: TCP targetPort: 80 selector: app: testapp type: NodePort Ingress:
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: testapp spec: rules: - host: hostname.goes.here http: paths: - backend: serviceName: testapp # USE THE PORT NAME FROM THE SERVICE INSTEAD OF THE PORT NUMBER servicePort: testapp-http path: / Update:
This is the explanation I received from Google.
Since services by default are ClusterIP [1] and this type of service is meant to be accessible from inside the cluster. It can be accessed from outside when kube-proxy is used, not meant to be directly accessed with an ingress.
As a suggestion, I personally find this article [2] good for understanding the difference between these types of services.
[1] https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
[2] https://medium.com/google-cloud/kubernetes-nodeport-vs-loadbalancer-vs-ingress-when-should-i-use-what-922f010849e0
147
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
