13

I am trying to connect my ingress to a static ip. I seem to be following all the tutorials, but still I cannot seem to attach my static ip to ingress. My ingress file is as follows (refering to the static ip "test-ip")

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-web
  annotations:
    kubernetes.io/ingress.global-static-ip-name: "test-ip"
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/add-base-url: "true"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
  rules:
    - http:
        paths:
          - path: /api/
            backend:
              serviceName: api-cluster-ip-service
              servicePort: 5005
          - path: /
            backend:
              serviceName: web-cluster-ip-service
              servicePort: 80

However, when I run 

kubectl get ingress ingress-web

it returns

kubectl get ingress ingress-web
NAME          HOSTS     ADDRESS   PORTS     AGE
ingress-web   *                   80        4m

without giving the address. In the VPC network [External IP addresses ] the static ip is there, it is global, but it keeps saying: In use by None

 gcloud compute addresses describe test-ip --global

gives

address: 34.240.xx.xxx
creationTimestamp: '2019-03-26T00:34:26.086-07:00'
description: ''
id: '536303927960423409'
kind: compute#address
name: test-ip
networkTier: PREMIUM
selfLink: https://www.googleapis.com/compute/v1/projects/my-project- adbc8/global/addresses/test-ip
status: RESERVED

What am I missing here?

Mike
  • 3,775
  • 8
  • 39
  • 79

5 Answers5

18

I ran into this issue. I believe it has been fixed by this pull request.

Changing

kubernetes.io/ingress.global-static-ip-name

to

kubernetes.io/ingress.regional-static-ip-name

Worked for me.

Aaron Renoir
  • 4,283
  • 1
  • 39
  • 61
  • This was my error too (was asking for a global, but already had a regional IP reserved). Core point: Be sure to annotate with the type of IP you have reserved! – patricknelson Oct 08 '21 at 02:56
  • 9
    Correction: I also tried region and it still didn't work, but deleting the regional IP and instead creating a global IP allowed it to go through. I guess GKE HTTPS ingress aren't compatible with regional IPs? – patricknelson Oct 08 '21 at 03:10
  • 2
    me too @patricknelson . I tried to use the regional one but seems not working for the GKE native ingress, so I had to recreate the static ip with the Global one. – Fauzan Apr 14 '22 at 07:56
8

I've spent hours trying to figure the issue out. It simply seems like a bug with GKE.

What solved it was:

  1. Starting ingress with no static ip
  2. Going to cloud console on the web under VPC Network > External IP addresses
  3. Waiting for the Ingress ip to show up
  4. Setting is as static, and giving it a name
  5. Adding kubernetes.io/ingress.global-static-ip-name: <ip name> Ingress yaml and applying it.
Anton
  • 2,282
  • 26
  • 43
  • A bit hacky here, but it does seem to be an issue with IP configuration. I've found regions to be problematic. – Shadouts Jul 08 '21 at 08:24
  • The official Google Docs say to create the static IP first, something is definite wrong: https://cloud.google.com/kubernetes-engine/docs/tutorials/configuring-domain-name-static-ip – speedplane Jan 11 '23 at 14:45
4

You have to make sure the IP you created in GCP is Global and not Regional in order to use the following annotation in your ingress:

kubernetes.io/ingress.global-static-ip-name
iji
  • 392
  • 1
  • 2
  • 13
1

I had the same problem, but after some research and testing I managed to solve this issue. These are the steps I took:

  1. First you need to create a Global static IP address on GCP. I happened to use Terraform to do this eg see example below

    resource "google_compute_global_address" "static" { name = "global-test-ip" project = var.gcp_project_id address_type = "EXTERNAL" }

based on this documentation: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_global_address

You could however use the GCP console to do this. Note: I created this Global Static IP in the same GCP project as my GKE cluster.

  1. Once I had completed the creation of the Global Static IP I then added the following annotation to the Kubernetes ingress yaml file and applied it (ie kubectl apply -f ingress.yaml):

    annotations:
    kubernetes.io/ingress.global-static-ip-name: "global-test-ip"

Note: it took a few minutes for the Ingress and Google Load balancer to update after I applied this ingress change.

salborough
  • 19
  • 1
0

The first thing you should check is the status of the IP, e.g.

gcloud compute addresses describe traefik --global

You should see something along the lines of:

address: 34.111.200.XXX
addressType: EXTERNAL
creationTimestamp: '2022-07-25T14:06:48.827-07:00'
description: ''
id: '5625073968713218XXX'
ipVersion: IPV4
kind: compute#address
name: traefik
networkTier: PREMIUM
selfLink: https://www.googleapis.com/compute/v1/projects/contrawork/global/addresses/traefik
status: RESERVED

Your Ingress should look something like this:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: 'gce'
    kubernetes.io/ingress.global-static-ip-name: 'traefik'
  name: secondary-ingress
spec:
  defaultBackend:
    service:
      name: 'traefik'
      port:
        number: 80

After this is deployed, within 5 minutes you should see status change to IN USE.

If not, I would attempt to delete and re-create the Ingress resource.

If it still does not happen, then I would check the documentation if you have properly configured the cluster, e.g. Ensure that GKE cluster has "HTTP Load Balancing" enabled.

Gajus
  • 69,002
  • 70
  • 275
  • 438