Project Name: testlabs
Type of quota increase requested: floating ip
Amount to increase: 2 additional (4 total)
Reason: RelEng is testing https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner with Magnum and additional floating IPs are needed to provision services with type: LoadBalancer.
Description
Description
Related Objects
Related Objects
Event Timeline
Comment Actions
I asked @Andrew about this, and my understanding is that floating IPs are not required to create Octavia load balancers in OpenStack. But I don't have a full understanding of how Magnum works, so I might be wrong! Can you share more details like tofu code, errors you're getting, etc.?
Comment Actions
https://docs.openstack.org/magnum/ocata/dev/kubernetes-load-balancer.html
To publish a service endpoint externally so that the service can be accessed from the external network, Kubernetes provides the external load balancer feature. This is done by simply specifying the attribute “type: LoadBalancer” in the service manifest. When the service is created, Kubernetes will add an external load balancer in front of the service so that the service will have an external IP address in addition to the internal IP address on the container network. The service endpoint can then be accessed with this external IP address.
Comment Actions
Our ingress service is managed via helm via tofu, but the relevant issue is that the service fails to provision and hangs on EnsuringLoadBalancer;
Name: ingress-nginx-controller
Namespace: ingress
Labels: app.kubernetes.io/component=controller
app.kubernetes.io/instance=ingress-nginx
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=ingress-nginx
app.kubernetes.io/part-of=ingress-nginx
app.kubernetes.io/version=1.11.5
helm.sh/chart=ingress-nginx-4.11.5
Annotations: external-dns.alpha.kubernetes.io/hostname: wmcloud.org
meta.helm.sh/release-name: ingress-nginx
meta.helm.sh/release-namespace: ingress
service.beta.kubernetes.io/do-loadbalancer-name: wmcloud.org
Selector: app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/name=ingress-nginx
Type: LoadBalancer
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.254.30.9
IPs: 10.254.30.9
Port: http 80/TCP
TargetPort: http/TCP
NodePort: http 31447/TCP
Endpoints: 10.100.188.69:80
Port: https 443/TCP
TargetPort: https/TCP
NodePort: https 31051/TCP
Endpoints: 10.100.188.69:443
Session Affinity: None
External Traffic Policy: Cluster
Internal Traffic Policy: Cluster
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal EnsuringLoadBalancer 19s (x126 over 10h) service-controller Ensuring load balancerHere's the object YAML from k8s if that's helpful:
apiVersion: v1 kind: Service metadata: annotations: external-dns.alpha.kubernetes.io/hostname: wmcloud.org meta.helm.sh/release-name: ingress-nginx meta.helm.sh/release-namespace: ingress service.beta.kubernetes.io/do-loadbalancer-name: wmcloud.org creationTimestamp: "2025-09-09T16:50:49Z" finalizers: - service.kubernetes.io/load-balancer-cleanup labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx app.kubernetes.io/version: 1.11.5 helm.sh/chart: ingress-nginx-4.11.5 name: ingress-nginx-controller namespace: ingress resourceVersion: "243110" uid: ae3e971d-0067-4e39-96a3-523b79a2b4c7 spec: allocateLoadBalancerNodePorts: true clusterIP: 10.254.30.9 clusterIPs: - 10.254.30.9 externalTrafficPolicy: Cluster internalTrafficPolicy: Cluster ipFamilies: - IPv4 ipFamilyPolicy: SingleStack ports: - appProtocol: http name: http nodePort: 31447 port: 80 protocol: TCP targetPort: http - appProtocol: https name: https nodePort: 31051 port: 443 protocol: TCP targetPort: https selector: app.kubernetes.io/component: controller app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx sessionAffinity: None type: LoadBalancer status: loadBalancer: {}
Comment Actions
My new capi-helm driver in codfw1dev has the floating IP disabled (see diff on https://wikitech.wikimedia.org/wiki/Portal:Cloud_VPS/Admin/Magnum_setup) but that doesn't help anyone today :/
(Dan is going to move this work to a different project to be created shortly)