cluster-api-provider-gcp icon indicating copy to clipboard operation
cluster-api-provider-gcp copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

Allow creation of "Private Clusters"

Open itspngu opened this issue 2 years ago • 14 comments
trafficstars

/kind feature

Describe the solution you'd like Currently, CAPG is hard-wired to create GCE load balancing components with a public IP address for apiserver access. The nodes themselves do not receive public addresses unless explicitly configured as such, the same should apply to the apiserver's endpoint(s). Being able to provision clusters with access limited by private IP address connectivity would be beneficial for obvious reasons.

Anything else you would like to add: I'm not 100% sure if using private endpoints should be the default - it'd be in line with how address management for nodes currently works, but would also have potential for being a breaking change.

The GKE-specific concept of private clusters is explained here. This feature request is scoped at allowing this to apply for both managed (GKE) and unmanaged (plain Cluster API) clusters.

itspngu avatar Apr 21 '23 10:04 itspngu

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Jul 20 '23 11:07 k8s-triage-robot

/remove-lifecycle stale

itspngu avatar Jul 20 '23 16:07 itspngu

Hi folks! Is it possible to take a look at this issue?

lreciomelero avatar Nov 27 '23 11:11 lreciomelero

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Feb 25 '24 11:02 k8s-triage-robot

/remove-lifecycle stale

itspngu avatar Feb 25 '24 17:02 itspngu

We would like the same thing in https://github.com/kubernetes-sigs/cluster-api-provider-openstack. IIUC there are 2 constraints here, and neither is provider-specific:

  • CAPI only allows us to specify a single control plane endpoint. This is described in InfraCluster in the CAPI book.
  • The KubeadmControlPlane can only configure a single control plane endpoint.

I don't believe this can be resolved here, but I'm very interested in a solution.

cc @huxcrux

mdbooth avatar Apr 18 '24 09:04 mdbooth

I believe this is resolved with https://github.com/kubernetes-sigs/cluster-api-provider-gcp/pull/1222 and subsequent changes.

bfournie avatar Jun 27 '24 15:06 bfournie

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Sep 25 '24 15:09 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot avatar Oct 25 '24 16:10 k8s-triage-robot

/remove-lifecycle rotten

richardcase avatar Oct 26 '24 09:10 richardcase

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Jan 24 '25 10:01 k8s-triage-robot

/remove-lifecycle stale

salasberryfin avatar Jan 27 '25 10:01 salasberryfin

This issue and issue of private management cluster not able to communicate with newly created clusters (or maybe just not documented ticket) https://github.com/kubernetes-sigs/cluster-api-provider-aws/issues/2484 still persist.

maxkokocom avatar Apr 02 '25 08:04 maxkokocom

@maxkokocom I believe the issue you mentioned is fixed by #1468

RnkeZ avatar Jun 06 '25 20:06 RnkeZ

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Sep 04 '25 21:09 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot avatar Oct 04 '25 21:10 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

k8s-triage-robot avatar Nov 03 '25 22:11 k8s-triage-robot

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

k8s-ci-robot avatar Nov 03 '25 22:11 k8s-ci-robot