Comments (11)
Yep, can definitely repro on GKE, a few seconds after making the Gateway change to add/remove a Listener/LB service port, connections start failing for ~30 seconds or so
from contour.
Thanks for your help @skriss - I'm going to close this out and figure out how to raise an issue with GKE team.
from contour.
Sorry logs are here
contour.logs.gz
from contour.
Following up - Contour updates a Service type=LoadBalancer when listeners are added on the Gateway (eg. 443).
For some reason on GKE when this update to the Service happens drops traffic on other listener ports (eg. 80).
from contour.
Follow up work @skriss mentioned is to see if this pattern is exhibited on other LBs. If so contour may want to add a workaround where they always have a port 433 on the K8s Service definition.
from contour.
Initial tests on Azure/AKS are not showing this problem, the LB remains "up" while additional ports are added/removed
from contour.
AWS (EKS + NLB) also do not show this problem, LB remains up while adding/removing additional ports
from contour.
Thanks for testing - can you run your tests against GKE. It would expect it to fail but worth doing the validation.
from contour.
Yep, will do, need to track down an account
from contour.
@skriss what cluster version are you using?
from contour.
@skriss what cluster version are you using?
1.27.8-gke.1067004
from contour.
Related Issues (20)
- Cant rewrite ingress address HOT 2
- TCPRoute delete not propagated HOT 3
- Global ext auth e2e test flake
- allow arbitrary Envoy runtime settings to be configurable
- Request to path returning 404 for trailing dot domain HOT 4
- ipAllowPolicy with source: Remote and x-forwarded-for IP address does not work HOT 2
- With Gateway API enabled, why adding 8000 to the Listener port number is needed? HOT 5
- update to Envoy 1.30
- What hashing strategy does Contour use in load balancing? HOT 1
- Using TLS termination with JWTs HOT 2
- Migrate HTTPProxy to HTTPRoute HOT 3
- Allow NodeIp targets for ExtensionServices HOT 3
- additional docs on HTTP/2 connection reuse issue + workarounds
- Gateway API: 0s timeout should disable the timeout HOT 2
- Add option to configure leader election HOT 3
- Cipher configuration issue
- A potential risk in contour that could lead to takeover of the cluster HOT 2
- Bug Alert in Logs HOT 6
- Bump Gateway API support to v1.1.0
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from contour.