You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by "zzjin (via GitHub)" <gi...@apache.org> on 2023/04/26 10:16:53 UTC

[GitHub] [apisix-ingress-controller] zzjin opened a new issue, #1816: bug: apisix-ingress-controller gateway cannot listen tcproute

zzjin opened a new issue, #1816:
URL: https://github.com/apache/apisix-ingress-controller/issues/1816

   ### Current Behavior
   
   Apply gateway+tcproute notwork
   
   ### Expected Behavior
   
   tcproute works as except.
   
   ### Error Logs
   
   ```
   1 reflector.go:424]  pkg/mod/k8s.io/client-go@v0.25.4/tools/cache/reflector.go:169: failed to list *v1alpha2.TCPRoute: tcproutes.gateway.networking.k8s.io is forbidden: User "system:serviceaccount:apisix:apisix-ingress-controller" cannot list resource "tcproutes" in API group "gateway.networking.k8s.io" at the cluster scope
   1 reflector.go:140] pkg/mod/k8s.io/client-go@v0.25.4/tools/cache/reflector.go:169: Failed to watch *v1alpha2.TCPRoute: failed to list *v1alpha2.TCPRoute: tcproutes.gateway.networking.k8s.io is forbidden: User "system:serviceaccount:apisix:apisix-ingress-controller" cannot list resource "tcproutes" in API group "gateway.networking.k8s.io" at the cluster scope
   ```
   
   ### Steps to Reproduce
   
   1. Apply k8s gateway api exp version: 
   ```
   kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v0.6.2/standard-install.yaml
   ```
   2. Install apisix with ingress+gateway enabled: 
   ```bash
   helm upgrade -i apisix apisix/apisix -n apisix --create-namespace \
     --set ingress-controller.enabled=true \
     --set ingress-controller.config.apisix.serviceNamespace=apisix \
     --set gateway.type=NodePort \
     --set gateway.http.containerPort=80 \
     --set apisix.kind=DaemonSet \
     --set apisix.hostNetwork=true \
     --set gateway.tls.enabled=true \
     --set gateway.tls.containerPort=443 \
     --set gateway.tls.servicePort=443 \
     --set apisix.securityContext.runAsUser=0 \
     --set ingress-controller.config.kubernetes.enableGatewayAPI=true
   ```
   3. Apply gatewayclass&gateway&tcproute
   ```yaml
   apiVersion: gateway.networking.k8s.io/v1alpha2
   kind: GatewayClass
   metadata:
     name: apisix-lb
   spec:
     controllerName: apisix.apache.org/gateway-controller
   ---
   apiVersion: gateway.networking.k8s.io/v1beta1
   kind: Gateway
   metadata:
     name: test-tcp-gateway
   spec:
     gatewayClassName: apisix-lb
     listeners:
     - name: test-1
       protocol: TCP
       port: 30001
       allowedRoutes:
         kinds:
         - kind: TCPRoute
   ---
   apiVersion: gateway.networking.k8s.io/v1alpha2
   kind: TCPRoute
   metadata:
     name: tcp-test-1
   spec:
     parentRefs:
     - name: test-tcp-gateway
       sectionName: test-1
     rules:
     - backendRefs:
       - name: pg-cluster-postgresql
         port: 5432
   
   ### Environment
   
   - APISIX Ingress controller version (run `apisix-ingress-controller version --long`)
   ```
   Version: 1.6.0
   Git SHA: no-git-module
   Go Version: go1.19.4
   Building OS/Arch: linux/amd64
   Running OS/Arch: linux/amd64
   ```
   - Kubernetes cluster version (run `kubectl version`)
   ```
   clientVersion:
     buildDate: "2023-01-18T19:22:09Z"
     compiler: gc
     gitCommit: ff2c119726cc1f8926fb0585c74b25921e866a28
     gitTreeState: clean
     gitVersion: v1.25.6
     goVersion: go1.19.5
     major: "1"
     minor: "25"
     platform: linux/amd64
   kustomizeVersion: v4.5.7
   serverVersion:
     buildDate: "2023-01-18T19:15:26Z"
     compiler: gc
     gitCommit: ff2c119726cc1f8926fb0585c74b25921e866a28
     gitTreeState: clean
     gitVersion: v1.25.6
     goVersion: go1.19.5
     major: "1"
     minor: "25"
     platform: linux/amd64
   ```
   - OS version if running APISIX Ingress controller in a bare-metal environment (run `uname -a`)
   ```
   Linux master0 5.15.0-1032-gcp #40-Ubuntu SMP Fri Mar 31 01:34:12 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] bug: apisix-ingress-controller gateway cannot listen tcproute [apisix-ingress-controller]

Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.

github-actions[bot] closed issue #1816: bug: apisix-ingress-controller gateway cannot listen tcproute
URL: https://github.com/apache/apisix-ingress-controller/issues/1816


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix-ingress-controller] tao12345666333 commented on issue #1816: bug: apisix-ingress-controller gateway cannot listen tcproute

Posted by "tao12345666333 (via GitHub)" <gi...@apache.org>.

tao12345666333 commented on issue #1816:
URL: https://github.com/apache/apisix-ingress-controller/issues/1816#issuecomment-1523215779

   The error log shows that your RBAC configuration is wrong


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix-ingress-controller] zzjin commented on issue #1816: bug: apisix-ingress-controller gateway cannot listen tcproute

Posted by "zzjin (via GitHub)" <gi...@apache.org>.

zzjin commented on issue #1816:
URL: https://github.com/apache/apisix-ingress-controller/issues/1816#issuecomment-1524978053

   As I'm using expermntal resources like tcproute，I must add rbac clusterrole tcproutes，udproutes manual.
   
   After add clusterrole， apisix-ingress-controller do not log rbac error.
   
   But problem still exists. no tcproute can be accessed，without error log.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix-ingress-controller] tao12345666333 commented on issue #1816: bug: apisix-ingress-controller gateway cannot listen tcproute

Posted by "tao12345666333 (via GitHub)" <gi...@apache.org>.

tao12345666333 commented on issue #1816:
URL: https://github.com/apache/apisix-ingress-controller/issues/1816#issuecomment-1527144117

   you can refer to this test case https://github.com/apache/apisix-ingress-controller/blob/2182a48cbca785373eca745a13d8cf2b7d9ab6c8/test/e2e/suite-gateway/gateway_tcproute.go#L30


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix-ingress-controller] zzjin commented on issue #1816: bug: apisix-ingress-controller gateway cannot listen tcproute

Posted by "zzjin (via GitHub)" <gi...@apache.org>.

zzjin commented on issue #1816:
URL: https://github.com/apache/apisix-ingress-controller/issues/1816#issuecomment-1524982060

   As I'm using expermntal resources like tcproute，I must add rbac clusterrole tcproutes，udproutes manual.
   
   After add clusterrole， apisix-ingress-controller do not log rbac error.
   
   But problem still exists. no tcproute can be accessed，without error log.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix-ingress-controller] karl-chanel commented on issue #1816: bug: apisix-ingress-controller gateway cannot listen tcproute

Posted by "karl-chanel (via GitHub)" <gi...@apache.org>.

karl-chanel commented on issue #1816:
URL: https://github.com/apache/apisix-ingress-controller/issues/1816#issuecomment-1615842038

   mark


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix-ingress-controller] github-actions[bot] commented on issue #1816: bug: apisix-ingress-controller gateway cannot listen tcproute

Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.

github-actions[bot] commented on issue #1816:
URL: https://github.com/apache/apisix-ingress-controller/issues/1816#issuecomment-1741616780

   This issue has been marked as stale due to 90 days of inactivity. It will be closed in 30 days if no further activity occurs. If this issue is still relevant, please simply write any comment. Even if closed, you can still revive the issue at any time or discuss it on the dev@apisix.apache.org list. Thank you for your contributions.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] bug: apisix-ingress-controller gateway cannot listen tcproute [apisix-ingress-controller]

Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.

github-actions[bot] commented on issue #1816:
URL: https://github.com/apache/apisix-ingress-controller/issues/1816#issuecomment-1784333514

   This issue has been closed due to lack of activity. If you think that is incorrect, or the issue requires additional review, you can revive the issue at any time.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org