clustermesh: validate service type, and fix deprecated LB annotations #2664
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently, the "clustermesh enable" command lists ClusterIP as one of the supported service types. However, exposing the clustermesh-apiserver via a ClusterIP service is hardly ever a sensible idea, as this component must be reachable from other clusters. Still, this possibility has proved to be sometimes confusing for newbie users, who ended up with a broken setup.
In an effort to prevent these problems, let's explicitly validate the specified service type, and allow only NodePort and LoadBalancer services. In any case, it is still possible to configure a service of type ClusterIP via the helm chart in the handful of very advanced use-cases (if any) which can actually work and benefit from it.
While being there, let's also update the deprecated annotations used to configure internal LoadBalancers.