Add an annotation to ignore non-gce ingresses

controllers/gce/controller/cluster_manager.go

@@ -260,7 +260,7 @@ func NewClusterManager(
 		// config and only invoke getGCEClient once, that will not do the right
 		// thing because a nil check against an interface isn't true in golang.
 		cloud = getGCEClient(nil)
-		glog.Infof("Created GCE client without a confi file")
+		glog.Infof("Created GCE client without a config file")
 	}
 
 	// Names are fundamental to the cluster, the uid allocator makes sure names don't collide.

controllers/gce/controller/controller.go

@@ -106,14 +106,29 @@ func NewLoadBalancerController(kubeClient *client.Client, clusterManager *Cluste
 	pathHandlers := framework.ResourceEventHandlerFuncs{
 		AddFunc: func(obj interface{}) {
 			addIng := obj.(*extensions.Ingress)
+			if !isGCEIngress(addIng) {
+				glog.Infof("Ignoring add for ingress %v based on annotation %v", addIng.Name, ingressClassKey)
+				return
+			}
 			lbc.recorder.Eventf(addIng, api.EventTypeNormal, "ADD", fmt.Sprintf("%s/%s", addIng.Namespace, addIng.Name))
 			lbc.ingQueue.enqueue(obj)
 		},
-		DeleteFunc: lbc.ingQueue.enqueue,
+		DeleteFunc: func(obj interface{}) {
+			delIng := obj.(*extensions.Ingress)
+			if !isGCEIngress(delIng) {
+				glog.Infof("Ignoring delete for ingress %v based on annotation %v", delIng.Name, ingressClassKey)
+				return
+			}
+			glog.Infof("Delete notification received for Ingress %v/%v", delIng.Namespace, delIng.Name)
+			lbc.ingQueue.enqueue(obj)
+		},
 		UpdateFunc: func(old, cur interface{}) {
+			curIng := cur.(*extensions.Ingress)
+			if !isGCEIngress(curIng) {
+				return
+			}
 			if !reflect.DeepEqual(old, cur) {
-				glog.V(3).Infof("Ingress %v changed, syncing",
+				glog.V(3).Infof("Ingress %v changed, syncing", curIng.Name)
-					cur.(*extensions.Ingress).Name)
 			}
 			lbc.ingQueue.enqueue(cur)
 		},
@@ -202,6 +217,9 @@ func (lbc *LoadBalancerController) enqueueIngressForService(obj interface{}) {
 		return
 	}
 	for _, ing := range ings {
+		if !isGCEIngress(&ing) {
+			continue
+		}
 		lbc.ingQueue.enqueue(&ing)
 	}
 }

controllers/gce/controller/util_test.go

@@ -135,7 +135,8 @@ func addPods(lbc *LoadBalancerController, nodePortToHealthCheck map[int64]string
 						ReadinessProbe: &api.Probe{
 							Handler: api.Handler{
 								HTTPGet: &api.HTTPGetAction{
-									Path: u,
+									Scheme: api.URISchemeHTTP,
+									Path:   u,
 									Port: intstr.IntOrString{
 										Type:   intstr.Int,
 										IntVal: 80,

controllers/gce/controller/utils.go

@@ -38,9 +38,26 @@ import (
 )
 
 const (
-	allowHTTPKey    = "kubernetes.io/ingress.allow-http"
+	// allowHTTPKey tells the Ingress controller to allow/block HTTP access.
+	// If either unset or set to true, the controller will create a
+	// forwarding-rule for port 80, and any additional rules based on the TLS
+	// section of the Ingress. If set to false, the controller will only create
+	// rules for port 443 based on the TLS section.
+	allowHTTPKey = "kubernetes.io/ingress.allow-http"
+
+	// staticIPNameKey tells the Ingress controller to use a specific GCE
+	// static ip for its forwarding rules. If specified, the Ingress controller
+	// assigns the static ip by this name to the forwarding rules of the given
+	// Ingress. The controller *does not* manage this ip, it is the users
+	// responsibility to create/delete it.
 	staticIPNameKey = "kubernetes.io/ingress.global-static-ip-name"
 
+	// ingressClassKey picks a specific "class" for the Ingress. The controller
+	// only processes Ingresses with this annotation either unset, or set
+	// to either gceIngessClass or the empty string.
+	ingressClassKey = "kubernetes.io/ingress.class"
+	gceIngressClass = "gce"
+
 	// Label key to denote which GCE zone a Kubernetes node is in.
 	zoneKey     = "failure-domain.beta.kubernetes.io/zone"
 	defaultZone = ""
@@ -70,6 +87,21 @@ func (ing ingAnnotations) staticIPName() string {
 	return val
 }
 
+func (ing ingAnnotations) ingressClass() string {
+	val, ok := ing[ingressClassKey]
+	if !ok {
+		return ""
+	}
+	return val
+}
+
+// isGCEIngress returns true if the given Ingress either doesn't specify the
+// ingress.class annotation, or it's set to "gce".
+func isGCEIngress(ing *extensions.Ingress) bool {
+	class := ingAnnotations(ing.ObjectMeta.Annotations).ingressClass()
+	return class == "" || class == gceIngressClass
+}
+
 // errorNodePortNotFound is an implementation of error.
 type errorNodePortNotFound struct {
 	backend extensions.IngressBackend

controllers/gce/firewalls/firewalls.go

@@ -76,7 +76,7 @@ func (fr *FirewallRules) Sync(nodePorts []int64, nodeNames []string) error {
 	if requiredPorts.Equal(existingPorts) {
 		return nil
 	}
-	glog.V(3).Infof("Firewall rule already %v exists, updating nodeports %v", name, nodePorts)
+	glog.V(3).Infof("Firewall rule %v already exists, updating nodeports %v", name, nodePorts)
 	return fr.cloud.UpdateFirewall(suffix, "GCE L7 firewall rule", fr.srcRange, nodePorts, nodeNames)
 }
 

controllers/gce/instances/instances.go

@@ -101,7 +101,7 @@ func (i *Instances) DeleteInstanceGroup(name string) error {
 		return err
 	}
 	for _, zone := range zones {
-		glog.Infof("deleting instance group %v in zone %v", name, zone)
+		glog.Infof("Deleting instance group %v in zone %v", name, zone)
 		if err := i.cloud.DeleteInstanceGroup(name, zone); err != nil {
 			errs = append(errs, err)
 		}

controllers/gce/main.go

@@ -58,7 +58,7 @@ const (
 	alphaNumericChar = "0"
 
 	// Current docker image version. Only used in debug logging.
-	imageVersion = "glbc:0.7.0"
+	imageVersion = "glbc:0.7.1"
 
 	// Key used to persist UIDs to configmaps.
 	uidConfigMapName = "ingress-uid"