From 68f8a7605e21ec1127b085078459a8abd75007db Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 19:27:37 -0400 Subject: [PATCH 01/14] Clarify how to disable the GCE ingress controller --- examples/deployment/gce/README.md | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/examples/deployment/gce/README.md b/examples/deployment/gce/README.md index 1c8ef12db..d228ad5da 100644 --- a/examples/deployment/gce/README.md +++ b/examples/deployment/gce/README.md @@ -12,14 +12,27 @@ controller.__ As of Kubernetes 1.3, GLBC runs as a static pod on the master. If you want to totally disable it, you can ssh into the master node and delete the GLBC -manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. You can also -disable it on GKE at cluster bring-up time through the `disable-addons` flag: +manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. + +### Disabling GCE ingress on cluster creation + +Disable it on GKE at cluster bring-up time through the `disable-addons` flag: ```console gcloud container clusters create mycluster --network "default" --num-nodes 1 \ ---machine-type n1-standard-2 --zone $ZONE \ ---disable-addons HttpLoadBalancing \ ---disk-size 50 --scopes storage-full +--machine-type n1-standard-2 \ +--zone $ZONE \ +--disk-size 50 \ +--scopes storage-full \ +--disable-addons HttpLoadBalancing +``` + +### Disabling GCE ingress by existing cluster + +Disable it on GKE for an existing cluster through the `update-addons` flag: + +```console +gcloud container clusters update mycluster --update-addons HttpLoadBalancing=DISABLED ``` ## Deploying a new controller From ddb9d6422840c4c91f8a4cc3c063e99eebbc356c Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 19:28:42 -0400 Subject: [PATCH 02/14] Minor fixes --- examples/deployment/gce/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/deployment/gce/README.md b/examples/deployment/gce/README.md index d228ad5da..3adb478dd 100644 --- a/examples/deployment/gce/README.md +++ b/examples/deployment/gce/README.md @@ -37,7 +37,7 @@ gcloud container clusters update mycluster --update-addons HttpLoadBalancing=DIS ## Deploying a new controller -The following command deploys a GCE Ingress controller in your cluster +The following command deploys a GCE Ingress controller in your cluster: ```console $ kubectl create -f gce-ingress-controller.yaml @@ -49,7 +49,7 @@ NAME READY STATUS RESTARTS AGE l7-lb-controller-1s22c 2/2 Running 0 27s ``` -now you can create an Ingress and observe the controller +Now you can create an Ingress and observe the controller: ```console $ kubectl create -f gce-tls-ingress.yaml From 304aac527a1c4710dfb422f6a71028fb6f67b2f0 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 19:38:48 -0400 Subject: [PATCH 03/14] fix link --- docs/faq/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 49e4a9e5a..0a45c1efe 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -73,7 +73,7 @@ Setting the annotation to any value other than "gce" or the empty string, will force the GCE controller to ignore your Ingress. The same applies for the nginx controller. -To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#host-do-i-disable-the-ingress-controller) faq. +To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#how-do-i-disable-the-gce-ingress-controller) faq. ## How do I run multiple Ingress controllers in the same cluster? From 9e718abbe6610a639e7382a5f22dc299861c8bd2 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 19:44:36 -0400 Subject: [PATCH 04/14] fix link --- docs/faq/gce.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq/gce.md b/docs/faq/gce.md index b9428608f..7230d2555 100644 --- a/docs/faq/gce.md +++ b/docs/faq/gce.md @@ -282,7 +282,7 @@ We plan to fix this [soon](https://github.com/kubernetes/kubernetes/issues/16337 ## How do I disable the GCE Ingress controller? 3 options: -1. Have it no-op based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-the-ingress-controller) +1. Have it no-op based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller) 2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest` 3. Create the GKE cluster without it: From 778a186e4d3cda5a7f9c5497f0ef5bf56c01c599 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:12:35 -0400 Subject: [PATCH 05/14] update annotation style --- docs/faq/README.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 0a45c1efe..9f2aca115 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -52,7 +52,7 @@ for unsatisfied Ingress. ## How do I disable an Ingress controller? Either shutdown the controller satisfying the Ingress, or use the -`Ingress-class` annotation, as follows: +`ingress.class` annotation: ```yaml apiVersion: extensions/v1beta1 @@ -77,9 +77,8 @@ To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#h ## How do I run multiple Ingress controllers in the same cluster? -Multiple Ingress controllers can co-exist and key off the `ingress-class` -annotation, as shown in this [faq](#how-do-i-run-multiple-ingress-controllers-in-the-same-cluster), -as well as in [this](/examples/daemonset/nginx) example. +Multiple Ingress controllers can co-exist and key off the `ingress.class` +annotation, as shown in this faq, as well as in [this](/examples/daemonset/nginx) example. ## How do I contribute a backend to the generic Ingress controller? From 4640399a4105f7d5c099b61cf75c329a4da43173 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:13:01 -0400 Subject: [PATCH 06/14] be explicit about ingress.class usage --- docs/faq/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 9f2aca115..27d1e043d 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -69,9 +69,9 @@ spec: servicePort: 80 ``` -Setting the annotation to any value other than "gce" or the empty string, will -force the GCE controller to ignore your Ingress. The same applies for the nginx -controller. +Setting the annotation to any value other than "gce" or the empty string "" will force the GCE controller to ignore your Ingress. + +Setting the annotation to any value other than "nginx" will force the nginx controller to ignore your Ingress. To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#how-do-i-disable-the-gce-ingress-controller) faq. From 7279cb038f75041a3b5dd53a9d0fb298c7a6a488 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:13:49 -0400 Subject: [PATCH 07/14] be even more clear about ingress.class selector --- docs/faq/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 27d1e043d..d88bac86b 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -69,9 +69,9 @@ spec: servicePort: 80 ``` -Setting the annotation to any value other than "gce" or the empty string "" will force the GCE controller to ignore your Ingress. +The GCE controller will only act on Ingresses with the annotation value of "gce" or empty string "", the default value if the annotation is omitted. -Setting the annotation to any value other than "nginx" will force the nginx controller to ignore your Ingress. +The nginx controller will only act on Ingresses with the annotation value of "nginx". To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#how-do-i-disable-the-gce-ingress-controller) faq. From 865df759d1ea9e5c7133fb9ce87c49cf79228b05 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:14:05 -0400 Subject: [PATCH 08/14] consolidate gce ingress disabling methods --- docs/faq/gce.md | 33 +++++++++++++++++++++++++------ examples/deployment/gce/README.md | 25 +---------------------- 2 files changed, 28 insertions(+), 30 deletions(-) diff --git a/docs/faq/gce.md b/docs/faq/gce.md index 7230d2555..5ee2902e2 100644 --- a/docs/faq/gce.md +++ b/docs/faq/gce.md @@ -281,16 +281,37 @@ We plan to fix this [soon](https://github.com/kubernetes/kubernetes/issues/16337 ## How do I disable the GCE Ingress controller? -3 options: +As of Kubernetes 1.3, GLBC runs as a static pod on the master. +If you want to disable it, you have 3 options: + +### Soft disable + 1. Have it no-op based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller) + +### Hard disable + 2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest` -3. Create the GKE cluster without it: +3. Disable the addon in GKE: + +#### Disabling GCE ingress on cluster creation + +Disable the addon in GKE at cluster bring-up time through the `disable-addons` flag: ```console -$ gcloud container clusters create mycluster --network "default" --num-nodes 1 \ ---machine-type n1-standard-2 --zone $ZONE \ ---disable-addons HttpLoadBalancing \ ---disk-size 50 --scopes storage-full +gcloud container clusters create mycluster --network "default" --num-nodes 1 \ +--machine-type n1-standard-2 \ +--zone $ZONE \ +--disk-size 50 \ +--scopes storage-full \ +--disable-addons HttpLoadBalancing +``` + +#### Disabling GCE ingress in an existing cluster + +Disable the addon in GKE for an existing cluster through the `update-addons` flag: + +```console +gcloud container clusters update mycluster --update-addons HttpLoadBalancing=DISABLED ``` ## What GCE resources are shared between Ingresses? diff --git a/examples/deployment/gce/README.md b/examples/deployment/gce/README.md index 3adb478dd..68eea05e9 100644 --- a/examples/deployment/gce/README.md +++ b/examples/deployment/gce/README.md @@ -10,30 +10,7 @@ controller.__ ## Disabling the master controller -As of Kubernetes 1.3, GLBC runs as a static pod on the master. If you want to -totally disable it, you can ssh into the master node and delete the GLBC -manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. - -### Disabling GCE ingress on cluster creation - -Disable it on GKE at cluster bring-up time through the `disable-addons` flag: - -```console -gcloud container clusters create mycluster --network "default" --num-nodes 1 \ ---machine-type n1-standard-2 \ ---zone $ZONE \ ---disk-size 50 \ ---scopes storage-full \ ---disable-addons HttpLoadBalancing -``` - -### Disabling GCE ingress by existing cluster - -Disable it on GKE for an existing cluster through the `update-addons` flag: - -```console -gcloud container clusters update mycluster --update-addons HttpLoadBalancing=DISABLED -``` +See the hard disable options [here](/docs/faq/gce.md#how-do-i-disable-the-gce-ingress-controller). ## Deploying a new controller From 5ef3df112352a70fda8244e1f81924427cf15c44 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:16:55 -0400 Subject: [PATCH 09/14] fix --- docs/faq/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index d88bac86b..08e5a1b56 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -69,7 +69,7 @@ spec: servicePort: 80 ``` -The GCE controller will only act on Ingresses with the annotation value of "gce" or empty string "", the default value if the annotation is omitted. +The GCE controller will only act on Ingresses with the annotation value of "gce" or empty string "" (the default value if the annotation is omitted). The nginx controller will only act on Ingresses with the annotation value of "nginx". From baa5e8308ec3ebaff7ab33ccb5f0ef4d07ae22c1 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:18:47 -0400 Subject: [PATCH 10/14] make more clear gce deployment docs --- examples/deployment/gce/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/deployment/gce/README.md b/examples/deployment/gce/README.md index 68eea05e9..229478917 100644 --- a/examples/deployment/gce/README.md +++ b/examples/deployment/gce/README.md @@ -4,9 +4,9 @@ This example demonstrates the deployment of a GCE Ingress controller. Note: __all GCE/GKE clusters already have an Ingress controller running on the master. The only reason to deploy another GCE controller is if you want -to debug or otherwise observe its operation (eg via kubectl logs). Before -deploying another one in your cluster, make sure you disable the master -controller.__ +to debug or otherwise observe its operation (eg via kubectl logs).__ + +__Before deploying another one in your cluster, make sure you disable the master controller.__ ## Disabling the master controller From fa806a39707c9d292fac10e742832904c9bc084c Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:37:12 -0400 Subject: [PATCH 11/14] expand on soft disable --- docs/faq/gce.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/faq/gce.md b/docs/faq/gce.md index 5ee2902e2..85a40fe84 100644 --- a/docs/faq/gce.md +++ b/docs/faq/gce.md @@ -286,11 +286,12 @@ If you want to disable it, you have 3 options: ### Soft disable -1. Have it no-op based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller) +1. Have it no-op for an Ingress resource based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller). +This can also be used to use one of the other Ingress controllers at the same time as the GCE controller. ### Hard disable -2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest` +2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. 3. Disable the addon in GKE: #### Disabling GCE ingress on cluster creation From fd1b0525a165f9e5f6e4766b85f6da53194cbf32 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Wed, 13 Sep 2017 21:38:09 -0400 Subject: [PATCH 12/14] consolidate disabling information in beta limitations --- controllers/gce/BETA_LIMITATIONS.md | 26 +------------------------- 1 file changed, 1 insertion(+), 25 deletions(-) diff --git a/controllers/gce/BETA_LIMITATIONS.md b/controllers/gce/BETA_LIMITATIONS.md index e2d92a3fe..58fd2a4d6 100644 --- a/controllers/gce/BETA_LIMITATIONS.md +++ b/controllers/gce/BETA_LIMITATIONS.md @@ -106,31 +106,7 @@ Ingress is not yet supported on single zone clusters of size > 1000 nodes ([issu ## Disabling GLBC -Setting the annotation `kubernetes.io/ingress.class` to any value other than "gce" or the empty string, will force the GCE Ingress controller to ignore your Ingress. Do this if you wish to use one of the other Ingress controllers at the same time as the GCE controller, eg: - -```yaml -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: test - annotations: - kubernetes.io/ingress.class: "nginx" -spec: - tls: - - secretName: tls-secret - backend: - serviceName: echoheaders-https - servicePort: 80 -``` - -As of Kubernetes 1.3, GLBC runs as a static pod on the master. If you want to totally disable it, you can ssh into the master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. You can also disable it on GKE at cluster bring-up time through the `disable-addons` flag, eg: - -```console -gcloud container clusters create mycluster --network "default" --num-nodes 1 \ ---machine-type n1-standard-2 --zone $ZONE \ ---disable-addons HttpLoadBalancing \ ---disk-size 50 --scopes storage-full -``` +To completely stop the Ingress controller on GCE/GKE, please see [this] (/docs/faq/gce.md#how-do-i-disable-the-gce-ingress-controller) faq. ## Changing the cluster UID From 3ef5182ebc236ed70d1f766c868e92fb59418879 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Tue, 26 Sep 2017 14:45:25 -0400 Subject: [PATCH 13/14] Clarify list Make it clear it is not a list of steps, but a list of options. --- docs/faq/gce.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/faq/gce.md b/docs/faq/gce.md index 85a40fe84..6f3ede801 100644 --- a/docs/faq/gce.md +++ b/docs/faq/gce.md @@ -286,13 +286,14 @@ If you want to disable it, you have 3 options: ### Soft disable -1. Have it no-op for an Ingress resource based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller). +Option 1. Have it no-op for an Ingress resource based on the `ingress.class` annotation as shown [here](README.md#how-do-i-disable-an-ingress-controller). This can also be used to use one of the other Ingress controllers at the same time as the GCE controller. ### Hard disable -2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. -3. Disable the addon in GKE: +Option 2. SSH into the GCE master node and delete the GLBC manifest file found at `/etc/kubernetes/manifests/glbc.manifest`. + +Option 3. Disable the addon in GKE via `gcloud`: #### Disabling GCE ingress on cluster creation From 82e190624f7571a712d257fd57555bd2719ad199 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Tue, 26 Sep 2017 14:46:46 -0400 Subject: [PATCH 14/14] Update nginx controller action --- docs/faq/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq/README.md b/docs/faq/README.md index 08e5a1b56..f30cf99a8 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -71,7 +71,7 @@ spec: The GCE controller will only act on Ingresses with the annotation value of "gce" or empty string "" (the default value if the annotation is omitted). -The nginx controller will only act on Ingresses with the annotation value of "nginx". +The nginx controller will only act on Ingresses with the annotation value of "nginx" or empty string "" (the default value if the annotation is omitted). To completely stop the Ingress controller on GCE/GKE, please see [this](gce.md#how-do-i-disable-the-gce-ingress-controller) faq.