Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

clustermesh: validate service type, and fix deprecated LB annotations #2664

Merged
merged 2 commits into from
Jul 11, 2024

Conversation

giorio94
Copy link
Member

@giorio94 giorio94 commented Jul 5, 2024

Currently, the "clustermesh enable" command lists ClusterIP as one of the supported service types. However, exposing the clustermesh-apiserver via a ClusterIP service is hardly ever a sensible idea, as this component must be reachable from other clusters. Still, this possibility has proved to be sometimes confusing for newbie users, who ended up with a broken setup.

In an effort to prevent these problems, let's explicitly validate the specified service type, and allow only NodePort and LoadBalancer services. In any case, it is still possible to configure a service of type ClusterIP via the helm chart in the handful of very advanced use-cases (if any) which can actually work and benefit from it.

While being there, let's also update the deprecated annotations used to configure internal LoadBalancers.

giorio94 added 2 commits July 5, 2024 17:44
Currently, the "clustermesh enable" command lists ClusterIP as one of the
supported service types. However, exposing the clustermesh-apiserver via
a ClusterIP service is hardly ever a sensible idea, as this component must
be reachable from other clusters. Still, this possibility has proved to
be sometimes confusing for newbie users, who ended up with a broken setup.

In an effort to prevent these problems, let's explicitly validate the
specified service type, and allow only NodePort and LoadBalancer
services. In any case, it is still possible to configure a service of
type ClusterIP via the helm chart in the handful of very advanced
use-cases (if any) which can actually work and benefit from it.

Signed-off-by: Marco Iorio <[email protected]>
Copy link
Member

@mhofstetter mhofstetter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cli ✔️

@giorio94
Copy link
Member Author

@jrajahalme Gentle ping 🙏

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jul 11, 2024
@michi-covalent michi-covalent merged commit 66f760c into cilium:main Jul 11, 2024
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ready-to-merge This PR has passed all tests and received consensus from code owners to merge.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants