k8s-bigip-ctlr icon indicating copy to clipboard operation
k8s-bigip-ctlr copied to clipboard

Published 20 hours ago verified publisher icon F5Networks

Requesting Specific IPs for LoadBalancer ServiceType

Open smangelkramer opened this issue 1 year ago • 1 comments
trafficstars

Title

Requesting Specific IPs for LoadBalancer ServiceType

Description

Allow a specific IP to be allocated for a load balancer service.

Actual Problem

At the moment, only one pool can be referenced. This is disadvantageous and complex to maintain when /32 pools are created.

Solution Proposed

Assign a specific IP to the LoadBalancer service object with an annotation. If this is already assigned, a warning should be issued.

Alternatives

Creating pools with 1 IP (/32) - which is hacky and actually nonsense.

Additional context

.

smangelkramer avatar Jun 27 '24 09:06 smangelkramer

@smangelkramer Please share RFE examples, CIS config to [email protected]

trinaths avatar Jun 27 '24 15:06 trinaths

@smangelkramer somebody can correct me if I'm wrong, but I believe this is already an (undocumented) feature as of 2.16.1:

dronenb avatar Jul 03 '24 01:07 dronenb

@dronenb, @smangelkramer, my understanding was the same. The annotation of "cis.f5.com/ip" is supposed to give you a static IP. I'll follow this issue and test myself, and update with findings. Please update if you know the answer.

mikeoleary avatar Jul 05 '24 14:07 mikeoleary

@dronenb, @mikeoleary Yes, that is absolutely correct. I contacted the F5 product team and was made aware of the (undocumented) feature, which we have now (today) successfully tested. It is exactly the feature we needed. A Jira task was created internally for F5 to update the documentation. Many thanks for your support.

smangelkramer avatar Jul 05 '24 15:07 smangelkramer

@smangelkramer that is great to hear. According to docs, you must have ipam=true in your CIS deployment. Is that correct, still? Can we stop running the IPAM controller if we use this annotation?

mikeoleary avatar Jul 05 '24 15:07 mikeoleary

I am curious about the IPAM controller as well. Additionally, I would like clarification on how IP conflicts can be prevented, and whether or not it is now possible to have two separate LB's using different ports but the same IP, which I believe was not previously possible.

dronenb avatar Jul 05 '24 17:07 dronenb

@smangelkramer i can confirm now too. I tested using CIS v2.17, and I do not need to run IPAM controller if I use this annotation to set the IP address.

@dronenb i didn’t test your scenario of 2 different services of type LB, with the same IP address in the annotation, but listening in different ports. I think you should test this but it sounds like a separate issue.

mikeoleary avatar Jul 06 '24 14:07 mikeoleary

Its a documentation update. The feature to support static IP for svcType LB is available with annotation.

trinaths avatar Jul 09 '24 05:07 trinaths