Skip to content

Instantly share code, notes, and snippets.

@weltonrodrigo

weltonrodrigo/ingress_neg.md

Created March 5, 2022 22:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save weltonrodrigo/d890b0e8b2acb146aeaed4486b4c6be8 to your computer and use it in GitHub Desktop.
Save weltonrodrigo/d890b0e8b2acb146aeaed4486b4c6be8 to your computer and use it in GitHub Desktop.
Download ZIP
GKE ingress asks for LoadBalancer or NodePort service
Raw
ingress_neg.md

This message on the GKE ingress:

Warning  Translate  42m (x25 over 63m)    loadbalancer-controller  Translation failed: invalid ingress spec: service "<namespace>/<servicename>" is type "ClusterIP",
expected "NodePort" or "LoadBalancer"; service "<namespace>/<servicename>" is type "ClusterIP", expected "NodePort" or "LoadBalancer"; service "<namespace>/<servicename>" is type "ClusterIP", expected "NodePort" or "LoadBalancer"; service "<namespace>/<servicename>" is type "ClusterIP", expected "NodePort" or "LoadBalan
cer"; service "<namespace>/<servicename>" is type "ClusterIP", expected "NodePort" or "LoadBalancer"

What this actually means is that the network endpoint groups are not being created automatically, so, without a NEG, the load balancer would need an exernal ip and port to reach the pods.

You can assert that by the absence of the NEG status annotation on the ingress and also in the backend service.

If you are using shared VPC, this is expected behavior.

It's necessary to add an annotation to force the NEG creation:

  cloud.google.com/neg: '{"ingress": true}'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment