Ingress GCE & Problem Kubernetes Meetup Tokyo #14 2018/11/08 @tjun

Who am I? - @tjun - Merpay SRE, EM - (Sometimes) Working with Mercari Microservices Platform Team - We are hiring!

Ingress-GCE ● Ingress controller for Google Cloud ○ GCE L7 load balancer controller ○ Configured through the Kubernetes Ingress API

L7 Load balancing on Kubernetes GCP resources are created with $ kubectl apply -f ingress.yaml Global Forwarding Rule -> TargetHttpProxy -> URL Map -> Backend Service -> Instance Group or Network Endpoint Group

Ingress GCE or Ingress Nginx https://medium.com/omnius/kubernetes-ingress-gce-vs-nginx-controllers-1-3-d89d6dd3da73

Merpay architecture Clients Merpay API Gateway API ServiceA ServiceA ServiceA API

Ingress GCE problem on GKE v1.10.6 GKE Release Notes

Ingress GCE problem on GKE v1.10.6 When we recreate an Ingress: ● External IP is never attached ● Backend Services are not created What we did: ● kubectl describe ing xxxxx / kubectl get events ● Check TLS on secret and ● Check kube-apiserver logs and cert-manager logs ● Recreate ingress without static-ip -> OK ● Recreate ingress with 1 backend -> sometimes OK

Ingress GCE problem on GKE v1.10.6 Ask GCP support

Our workaround until cluster upgrade $ kubectl apply -f merpay-ingress1.yaml $ kubectl apply -f merpay-ingress2.yaml $ kubectl apply -f merpay-ingress3.yaml -> OK $ kubectl apply -f merpay-ingress4.yaml

Summary 今は直っているので、IngressGCEめちゃ便利です。GKE最高！