Using 1.10. Something, I’ll have to check tomorrow morning. I don’t want to use nginx or the provided haproxy as my Octavia LBaaS is a global service and because the less I rely on Kube the more I’m happy ;-) Le lun. 28 mai 2018 à 21:26, Saverio Proto <ziopr...@gmail.com> a écrit :
> Hello Flint, > > what version of Kubernetes are you deploying on top of Openstack ? > > are you using the external Openstack cloud controller ? I tested it an > it works only if you have at least v.1.10.3 > > Look at this page: > > https://github.com/kubernetes/cloud-provider-openstack/tree/master/examples/loadbalancers > > Please test that you can make a SSL termination on the loadbalancer, > describing it with Kubernetes yaml files. That is important for > production operation. Test also if you have downtime when you have to > renew SSL certificates. > > You will also want to check that traffic that hits your pods has the > HTTP header X-Forwarded-For, or even better the IP packets you receive > at the Pods have the source IP address of the original client. > > If needed test everything also with IPv6 > > I personally decided not to use Octavia, but to go for the Kubernetes > ingress-nginx > https://github.com/kubernetes/ingress-nginx > > The key idea is that instead of Openstack controlling the LoadBalancer > having Octavia spinning up a VM running nginx, you have Kubernetes > controlling the LoadBalancer, running a nginx-container. > At the end you need a nginx to reverse proxy, you have to decided if > this resource is managed by Openstack or Kubernetes. > > Keep in mind that if you go for a kubernetes ingress controller you > can avoid using nginx. There is already an alternative ha-proxy > implementation: > https://www.haproxy.com/blog/haproxy_ingress_controller_for_kubernetes/ > > Cheers, > > Saverio > > 2018-05-28 19:09 GMT+02:00 Flint WALRUS <gael.ther...@gmail.com>: > > Hi everyone, I’m currently deploying Octavia as our global LBaaS for a > lot > > of various workload such as Kubernetes ingress LB. > > > > We use Queens and plan to upgrade to rocky as soon as it reach the stable > > release and we use the native Octavia APIv2 (Not a neutron redirect etc). > > > > What do you need to know? > > > > Le lun. 28 mai 2018 à 14:50, Saverio Proto <ziopr...@gmail.com> a écrit > : > >> > >> Hello Chris, > >> > >> I finally had the time to write about my deployment: > >> > >> > https://cloudblog.switch.ch/2018/05/22/openstack-horizon-runs-on-kubernetes-in-production-at-switch/ > >> > >> in this blog post I explain why I use the kubernetes nginx-ingress > >> instead of Openstack LBaaS. > >> > >> Cheers, > >> > >> Saverio > >> > >> > >> 2018-03-15 23:55 GMT+01:00 Chris Hoge <ch...@openstack.org>: > >> > Hi everyone, > >> > > >> > I wanted to notify you of a thread I started in openstack-dev about > the > >> > state > >> > of the OpenStack load balancer APIs and the difficulty in integrating > >> > them > >> > with Kubernetes. This in part directly relates to current public and > >> > private > >> > deployments, and any feedback you have would be appreciated. > Especially > >> > feedback on which version of the load balancer APIs you deploy, and if > >> > you > >> > haven't moved on to Octavia, why. > >> > > >> > > >> > > http://lists.openstack.org/pipermail/openstack-dev/2018-March/128399.html > >> > < > http://lists.openstack.org/pipermail/openstack-dev/2018-March/128399.html> > >> > > >> > Thanks in advance, > >> > Chris > >> > _______________________________________________ > >> > OpenStack-operators mailing list > >> > OpenStack-operators@lists.openstack.org > >> > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > >> > >> _______________________________________________ > >> OpenStack-operators mailing list > >> OpenStack-operators@lists.openstack.org > >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators >
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
