From 97e924d124824a4d33e3ba10d090a5ce7ea17c80 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 19:27:37 -0400 Subject: [PATCH 01/14] Clarify how to disable the GCE ingress controller --- examples/deployment/gce/README.md | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/examples/deployment/gce/README.md b/examples/deployment/gce/README.md index 1c8ef12db..d228ad5da 100644 --- a/examples/deployment/gce/README.md +++ b/examples/deployment/gce/README.md @@ -12,14 +12,27 @@ controller.__ As of Kubernetes 1.3, GLBC runs as a static pod on the master. If you want to totally disable it, you can ssh into the master node and delete the GLBC -manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. You can also -disable it on GKE at cluster bring-up time through the `disable-addons` flag: +manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. + +### Disabling GCE ingress on cluster creation + +Disable it on GKE at cluster bring-up time through the `disable-addons` flag: ```console gcloud container clusters create mycluster --network "default" --num-nodes 1 \ ---machine-type n1-standard-2 --zone $ZONE \ ---disable-addons HttpLoadBalancing \ ---disk-size 50 --scopes storage-full +--machine-type n1-standard-2 \ +--zone $ZONE \ +--disk-size 50 \ +--scopes storage-full \ +--disable-addons HttpLoadBalancing +``` + +### Disabling GCE ingress by existing cluster + +Disable it on GKE for an existing cluster through the `update-addons` flag: + +```console +gcloud container clusters update mycluster --update-addons HttpLoadBalancing=DISABLED ``` ## Deploying a new controller From a5556e356fe955e3dc362098905ab909d7579b47 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 19:28:42 -0400 Subject: [PATCH 02/14] Minor fixes --- examples/deployment/gce/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/deployment/gce/README.md b/examples/deployment/gce/README.md index d228ad5da..3adb478dd 100644 --- a/examples/deployment/gce/README.md +++ b/examples/deployment/gce/README.md @@ -37,7 +37,7 @@ gcloud container clusters update mycluster --update-addons HttpLoadBalancing=DIS ## Deploying a new controller -The following command deploys a GCE Ingress controller in your cluster +The following command deploys a GCE Ingress controller in your cluster: ```console $ kubectl create -f gce-ingress-controller.yaml @@ -49,7 +49,7 @@ NAME READY STATUS RESTARTS AGE l7-lb-controller-1s22c 2/2 Running 0 27s ``` -now you can create an Ingress and observe the controller +Now you can create an Ingress and observe the controller: ```console $ kubectl create -f gce-tls-ingress.yaml From 81f5170034537a11b2fc77b8f522974bb478fc0c Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 19:38:48 -0400 Subject: [PATCH 03/14] fix link --- docs/faq/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 49e4a9e5a..0a45c1efe 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -73,7 +73,7 @@ Setting the annotation to any value other than "gce" or the empty string, will force the GCE controller to ignore your Ingress. The same applies for the nginx controller. -To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#host-do-i-disable-the-ingress-controller) faq. +To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#how-do-i-disable-the-gce-ingress-controller) faq. ## How do I run multiple Ingress controllers in the same cluster? From 78639ebfbda60d57f2c2ef2ac22814ab821de86b Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 19:44:36 -0400 Subject: [PATCH 04/14] fix link --- docs/faq/gce.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq/gce.md b/docs/faq/gce.md index b9428608f..7230d2555 100644 --- a/docs/faq/gce.md +++ b/docs/faq/gce.md @@ -282,7 +282,7 @@ We plan to fix this [soon](https://github.com/kubernetes/kubernetes/issues/16337 ## How do I disable the GCE Ingress controller? 3 options: -1. Have it no-op based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-the-ingress-controller) +1. Have it no-op based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller) 2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest` 3. Create the GKE cluster without it: From 69c59dbbf622459d1aaa780a7e1679cf97dad711 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:12:35 -0400 Subject: [PATCH 05/14] update annotation style --- docs/faq/README.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 0a45c1efe..9f2aca115 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -52,7 +52,7 @@ for unsatisfied Ingress. ## How do I disable an Ingress controller? Either shutdown the controller satisfying the Ingress, or use the -`Ingress-class` annotation, as follows: +`ingress.class` annotation: ```yaml apiVersion: extensions/v1beta1 @@ -77,9 +77,8 @@ To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#h ## How do I run multiple Ingress controllers in the same cluster? -Multiple Ingress controllers can co-exist and key off the `ingress-class` -annotation, as shown in this [faq](#how-do-i-run-multiple-ingress-controllers-in-the-same-cluster), -as well as in [this](/examples/daemonset/nginx) example. +Multiple Ingress controllers can co-exist and key off the `ingress.class` +annotation, as shown in this faq, as well as in [this](/examples/daemonset/nginx) example. ## How do I contribute a backend to the generic Ingress controller? From 7bb0f4d394bc7aac8286cd2808671bc646c2c06e Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:13:01 -0400 Subject: [PATCH 06/14] be explicit about ingress.class usage --- docs/faq/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 9f2aca115..27d1e043d 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -69,9 +69,9 @@ spec: servicePort: 80 ``` -Setting the annotation to any value other than "gce" or the empty string, will -force the GCE controller to ignore your Ingress. The same applies for the nginx -controller. +Setting the annotation to any value other than "gce" or the empty string "" will force the GCE controller to ignore your Ingress. + +Setting the annotation to any value other than "nginx" will force the nginx controller to ignore your Ingress. To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#how-do-i-disable-the-gce-ingress-controller) faq. From 413b02803e4ebc0388d7c65d9bead88a50e20451 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:13:49 -0400 Subject: [PATCH 07/14] be even more clear about ingress.class selector --- docs/faq/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 27d1e043d..d88bac86b 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -69,9 +69,9 @@ spec: servicePort: 80 ``` -Setting the annotation to any value other than "gce" or the empty string "" will force the GCE controller to ignore your Ingress. +The GCE controller will only act on Ingresses with the annotation value of "gce" or empty string "", the default value if the annotation is omitted. -Setting the annotation to any value other than "nginx" will force the nginx controller to ignore your Ingress. +The nginx controller will only act on Ingresses with the annotation value of "nginx". To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#how-do-i-disable-the-gce-ingress-controller) faq. From f40b5cb8b6d547f2eee84ed0438c3aabf0dadf8a Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:14:05 -0400 Subject: [PATCH 08/14] consolidate gce ingress disabling methods --- docs/faq/gce.md | 33 +++++++++++++++++++++++++------ examples/deployment/gce/README.md | 25 +---------------------- 2 files changed, 28 insertions(+), 30 deletions(-) diff --git a/docs/faq/gce.md b/docs/faq/gce.md index 7230d2555..5ee2902e2 100644 --- a/docs/faq/gce.md +++ b/docs/faq/gce.md @@ -281,16 +281,37 @@ We plan to fix this [soon](https://github.com/kubernetes/kubernetes/issues/16337 ## How do I disable the GCE Ingress controller? -3 options: +As of Kubernetes 1.3, GLBC runs as a static pod on the master. +If you want to disable it, you have 3 options: + +### Soft disable + 1. Have it no-op based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller) + +### Hard disable + 2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest` -3. Create the GKE cluster without it: +3. Disable the addon in GKE: + +#### Disabling GCE ingress on cluster creation + +Disable the addon in GKE at cluster bring-up time through the `disable-addons` flag: ```console -$ gcloud container clusters create mycluster --network "default" --num-nodes 1 \ ---machine-type n1-standard-2 --zone $ZONE \ ---disable-addons HttpLoadBalancing \ ---disk-size 50 --scopes storage-full +gcloud container clusters create mycluster --network "default" --num-nodes 1 \ +--machine-type n1-standard-2 \ +--zone $ZONE \ +--disk-size 50 \ +--scopes storage-full \ +--disable-addons HttpLoadBalancing +``` + +#### Disabling GCE ingress in an existing cluster + +Disable the addon in GKE for an existing cluster through the `update-addons` flag: + +```console +gcloud container clusters update mycluster --update-addons HttpLoadBalancing=DISABLED ``` ## What GCE resources are shared between Ingresses? diff --git a/examples/deployment/gce/README.md b/examples/deployment/gce/README.md index 3adb478dd..68eea05e9 100644 --- a/examples/deployment/gce/README.md +++ b/examples/deployment/gce/README.md @@ -10,30 +10,7 @@ controller.__ ## Disabling the master controller -As of Kubernetes 1.3, GLBC runs as a static pod on the master. If you want to -totally disable it, you can ssh into the master node and delete the GLBC -manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. - -### Disabling GCE ingress on cluster creation - -Disable it on GKE at cluster bring-up time through the `disable-addons` flag: - -```console -gcloud container clusters create mycluster --network "default" --num-nodes 1 \ ---machine-type n1-standard-2 \ ---zone $ZONE \ ---disk-size 50 \ ---scopes storage-full \ ---disable-addons HttpLoadBalancing -``` - -### Disabling GCE ingress by existing cluster - -Disable it on GKE for an existing cluster through the `update-addons` flag: - -```console -gcloud container clusters update mycluster --update-addons HttpLoadBalancing=DISABLED -``` +See the hard disable options [here](/docs/faq/gce.md#how-do-i-disable-the-gce-ingress-controller). ## Deploying a new controller From b87c5ff39d22890ffe002a537f10c968c32c7574 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:16:55 -0400 Subject: [PATCH 09/14] fix --- docs/faq/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index d88bac86b..08e5a1b56 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -69,7 +69,7 @@ spec: servicePort: 80 ``` -The GCE controller will only act on Ingresses with the annotation value of "gce" or empty string "", the default value if the annotation is omitted. +The GCE controller will only act on Ingresses with the annotation value of "gce" or empty string "" (the default value if the annotation is omitted). The nginx controller will only act on Ingresses with the annotation value of "nginx". From f59e4a7b4a69f1da4538cda2a4a68f42bdde2865 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:18:47 -0400 Subject: [PATCH 10/14] make more clear gce deployment docs --- examples/deployment/gce/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/deployment/gce/README.md b/examples/deployment/gce/README.md index 68eea05e9..229478917 100644 --- a/examples/deployment/gce/README.md +++ b/examples/deployment/gce/README.md @@ -4,9 +4,9 @@ This example demonstrates the deployment of a GCE Ingress controller. Note: __all GCE/GKE clusters already have an Ingress controller running on the master. The only reason to deploy another GCE controller is if you want -to debug or otherwise observe its operation (eg via kubectl logs). Before -deploying another one in your cluster, make sure you disable the master -controller.__ +to debug or otherwise observe its operation (eg via kubectl logs).__ + +__Before deploying another one in your cluster, make sure you disable the master controller.__ ## Disabling the master controller From 19f49d5da0ad001fc2c181866d984cf71e8e94f4 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:37:12 -0400 Subject: [PATCH 11/14] expand on soft disable --- docs/faq/gce.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/faq/gce.md b/docs/faq/gce.md index 5ee2902e2..85a40fe84 100644 --- a/docs/faq/gce.md +++ b/docs/faq/gce.md @@ -286,11 +286,12 @@ If you want to disable it, you have 3 options: ### Soft disable -1. Have it no-op based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller) +1. Have it no-op for an Ingress resource based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller). +This can also be used to use one of the other Ingress controllers at the same time as the GCE controller. ### Hard disable -2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest` +2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. 3. Disable the addon in GKE: #### Disabling GCE ingress on cluster creation From 62a480f00774319b2d647cec7e877e4e887bbc2d Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:38:09 -0400 Subject: [PATCH 12/14] consolidate disabling information in beta limitations --- controllers/gce/BETA_LIMITATIONS.md | 26 +------------------------- 1 file changed, 1 insertion(+), 25 deletions(-) diff --git a/controllers/gce/BETA_LIMITATIONS.md b/controllers/gce/BETA_LIMITATIONS.md index e2d92a3fe..58fd2a4d6 100644 --- a/controllers/gce/BETA_LIMITATIONS.md +++ b/controllers/gce/BETA_LIMITATIONS.md @@ -106,31 +106,7 @@ Ingress is not yet supported on single zone clusters of size > 1000 nodes ([issu ## Disabling GLBC -Setting the annotation `kubernetes.io/ingress.class` to any value other than "gce" or the empty string, will force the GCE Ingress controller to ignore your Ingress. Do this if you wish to use one of the other Ingress controllers at the same time as the GCE controller, eg: - -```yaml -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: test - annotations: - kubernetes.io/ingress.class: "nginx" -spec: - tls: - - secretName: tls-secret - backend: - serviceName: echoheaders-https - servicePort: 80 -``` - -As of Kubernetes 1.3, GLBC runs as a static pod on the master. If you want to totally disable it, you can ssh into the master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. You can also disable it on GKE at cluster bring-up time through the `disable-addons` flag, eg: - -```console -gcloud container clusters create mycluster --network "default" --num-nodes 1 \ ---machine-type n1-standard-2 --zone $ZONE \ ---disable-addons HttpLoadBalancing \ ---disk-size 50 --scopes storage-full -``` +To completely stop the Ingress controller on GCE/GKE, please see [this] (/docs/faq/gce.md#how-do-i-disable-the-gce-ingress-controller) faq. ## Changing the cluster UID From 3b4df5c9bffdf88c7f0af21becfd105999828a3d Mon Sep 17 00:00:00 2001 From: Tony Li Date: Tue, 26 Sep 2017 14:45:25 -0400 Subject: [PATCH 13/14] Clarify list Make it clear it is not a list of steps, but a list of options. --- docs/faq/gce.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/faq/gce.md b/docs/faq/gce.md index 85a40fe84..6f3ede801 100644 --- a/docs/faq/gce.md +++ b/docs/faq/gce.md @@ -286,13 +286,14 @@ If you want to disable it, you have 3 options: ### Soft disable -1. Have it no-op for an Ingress resource based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller). +Option 1. Have it no-op for an Ingress resource based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller). This can also be used to use one of the other Ingress controllers at the same time as the GCE controller. ### Hard disable -2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. -3. Disable the addon in GKE: +Option 2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. + +Option 3. Disable the addon in GKE via `gcloud`: #### Disabling GCE ingress on cluster creation From 9bbabf12f1279b095e2d1cb324d13d88350018ed Mon Sep 17 00:00:00 2001 From: Tony Li Date: Tue, 26 Sep 2017 14:46:46 -0400 Subject: [PATCH 14/14] Update nginx controller action --- docs/faq/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 08e5a1b56..f30cf99a8 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -71,7 +71,7 @@ spec: The GCE controller will only act on Ingresses with the annotation value of "gce" or empty string "" (the default value if the annotation is omitted). -The nginx controller will only act on Ingresses with the annotation value of "nginx". +The nginx controller will only act on Ingresses with the annotation value of "nginx" or empty string "" (the default value if the annotation is omitted). To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#how-do-i-disable-the-gce-ingress-controller) faq.