Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-2127

[GCP] Allow Ingress ILB to define a specific subnet

    XMLWordPrintable

Details

    • False
    • False
    • 0
    • 0% 0%

    Description

      1. Proposed title of this feature request
      [GCP] Allow Ingress ILB to define a specific subnet

      2. What is the nature and description of the request?
      When creating an OpenShift cluster in Google Cloud, the cluster-ingress-operator creates the service "router-default" that is used to create an ILB in Google cloud for the router.
      The service is managed by the IngressController, and the object do not support any parameter to define the a specific subnet to which the ILB should be connected

      GCE supports the definition of the custom subnet via the annotation `networking.gke.io/internal-load-balancer-subnet` https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing#lb_subnet

      https://github.com/kubernetes/ingress-gce/blob/c4fd082b87afdc5fa294920477eca368db269d87/vendor/k8s.io/legacy-cloud-providers/gce/gce_annotations.go#L61-L64

      3. Why does the customer need this? (List the business requirements here)

      • Customer needs to place one or more ingress router into dedidated subnets for security reasons and requirements
      • Right now as a workaround is possible to annotate the Ingress service but this will complicate the management and can lead to possible issues

      4. List any affected packages or components.

      • Ingress Controller
      • cluster-ingress-operator

      Attachments

        Issue Links

          duplicates

          Feature Request - Feature requests from customers and/or users RFE-1911 GCP : Support to specify the subnet for Kubernetes "service type" Internal Load Balancer

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Accepted
          is related to

          Feature Request - Feature requests from customers and/or users RFE-2824 IngressController should support the definition of loadBalancerIP on the LoadBalancer service

          • Critical - To be worked on immediately following BLOCKER issues.
          • Under Review

          Activity

            People

              ddharwar@redhat.com Deepthi Dharwar
              pbertera@redhat.com Pietro Bertera
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: