Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RabbitMQ Cluster Service's port names cause issue in Istio [KIA0601: Port name must follow <protocol>[-suffix] form] #878

Closed
klydra opened this issue Oct 22, 2021 · 1 comment · Fixed by #888
Closed

RabbitMQ Cluster Service's port names cause issue in Istio [KIA0601: Port name must follow <protocol>[-suffix] form] #878

klydra opened this issue Oct 22, 2021 · 1 comment · Fixed by #888
Assignees
@Zerpet
Labels
bug Something isn't working

Comments

@klydra
Copy link

klydra commented Oct 22, 2021

Describe the bug

When using a RabbitMQ Cluster with Istio, the service which is automatically created an can't be changed manually, is creating errors.
Since the Service is managed by the Operator, you can't simply change the port names manually without rebuilding the operator AFAIK.

To Reproduce

Steps to reproduce the behavior:

  1. Install Istio
  2. Deploy RabbitMQ Operator
  3. Deploy a RabbitMQ Cluster
  4. Inspect the rabbitmq-queue service in the Kiali Dashboard

Expected behavior
There should be no problem reported by Istio with the out of the box configuration.

Screenshots

image
image

Version and environment information

  • RabbitMQ: 3.8.9-management
  • RabbitMQ Cluster Operator: 1.10.0
  • Kubernetes:
  • Cloud provider or hardware configuration: MicroK8S + Istio

Configuration

rabbitmq-cluster.yaml

kind: RabbitmqCluster
apiVersion: rabbitmq.com/v1beta1
metadata:
  name: rabbitmq-queue
  namespace: api
spec:
  image: 'rabbitmq:3.8.9-management'
  override: {}
  persistence:
    storageClassName: microk8s-hostpath
    storage: 10Gi
  rabbitmq:
    additionalPlugins:
      - rabbitmq_event_exchange
  replicas: 1
  resources:
    limits:
      cpu: 2000m
      memory: 1Gi
    requests:
      cpu: 1000m
      memory: 1Gi
  service:
    type: ClusterIP
  terminationGracePeriodSeconds: 604800
  tls:
    disableNonTLSListeners: true
    secretName: tls-credential

Automatically generated service

kind: Service
apiVersion: v1
metadata:
  name: rabbitmq-queue
  namespace: api
spec:
  ports:
    - name: prometheus-tls
      protocol: TCP
      port: 15691
      targetPort: 15691
    - name: amqps
      protocol: TCP
      port: 5671
      targetPort: 5671
    - name: management-tls
      protocol: TCP
      port: 15671
      targetPort: 15671
  selector:
    app.kubernetes.io/name: rabbitmq-queue
  type: ClusterIP
@klydra klydra added the bug Something isn't working label Oct 22, 2021
@Zerpet
Copy link
Collaborator

Zerpet commented Oct 25, 2021

Thank you for the detailed description of the problem! If I understand this correctly, the main impact is that Istio treats all traffic as L4 i.e. plain TCP, which doesn't take advantage of all Istio features, specially regarding traffic monitoring.

According to Istio docs, we can use service.spec.ports[].appProtocol, instead of following the protocol-suffix approach in the port name. Changing the port name may impact anything that relies in the port name to fetch the port number.

For our stream protocol, we should use something like rabbitmq.com/stream.

@Zerpet Zerpet self-assigned this Oct 27, 2021
@Zerpet Zerpet mentioned this issue Nov 3, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Zerpet Zerpet

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Include protocol information in Service ports rabbitmq/cluster-operator
2 participants
@Zerpet @klydra