Allow Multicluster Service to be non LoadBalancer ServiceType (#5307)

Signed-off-by: Björn Wenzel <bjoern.wenzel@dbschenker.com>

charts/linkerd2-multicluster/README.md

@@ -17,20 +17,21 @@ Kubernetes: `>=1.13.0-0`
 |-----|------|---------|-------------|
 | controllerComponentLabel | string | `"linkerd.io/control-plane-component"` | Control plane label. Do not edit |
 | createdByAnnotation | string | `"linkerd.io/created-by"` | Annotation label for the proxy create. Do not edit. |
-| gateway | bool | `true` | If the gateway component should be installed  |
+| gateway | bool | `true` | If the gateway component should be installed |
 | gatewayLocalProbePath | string | `"/health-local"` | The path that will be used by the local liveness checks to ensure the gateway is alive |
 | gatewayLocalProbePort | int | `8888` | The port that will be used by the local liveness checks to ensure the gateway is alive |
-| gatewayName | string | `"linkerd-gateway"` | The name of the gateway that will be installed  |
+| gatewayName | string | `"linkerd-gateway"` | The name of the gateway that will be installed |
 | gatewayNginxImage | string | `"nginx"` | The Nginx image |
-| gatewayNginxImageVersion | float | `1.17` | The version of the Nginx image  |
+| gatewayNginxImageVersion | float | `1.17` | The version of the Nginx image |
 | gatewayPort | int | `4143` | The port on which all the gateway will accept incoming traffic |
 | gatewayProbePath | string | `"/health"` | The path that will be used by remote clusters for determining whether the gateway is alive |
 | gatewayProbePort | int | `4181` | The port used for liveliness probing |
-| gatewayProbeSeconds | int | `3` | The interval (in seconds) between liveness probes  |
+| gatewayProbeSeconds | int | `3` | The interval (in seconds) between liveness probes |
+| gatewayServiceType | string | `"LoadBalancer"` | Service Type of gateway Service |
 | installNamespace | bool | `true` | If the namespace should be installed |
-| linkerdVersion | string | `"linkerdVersionValue"` | Control plane version  |
+| linkerdVersion | string | `"linkerdVersionValue"` | Control plane version |
 | namespace | string | `"linkerd-multicluster"` | Service Mirror component namespace |
-| proxyOutboundPort | int | `4140` | The port on which the proxy accepts outbound traffic  |
+| proxyOutboundPort | int | `4140` | The port on which the proxy accepts outbound traffic |
 | remoteMirrorServiceAccount | bool | `true` | If the remote mirror service account should be installed |
 | remoteMirrorServiceAccountName | string | `"linkerd-service-mirror-remote-access-default"` | The name of the service account used to allow remote clusters to mirror local services |
 

charts/linkerd2-multicluster/templates/gateway.yaml

@@ -133,7 +133,7 @@ spec:
     protocol: TCP
   selector:
     app: {{.Values.gatewayName}}
-  type: LoadBalancer
+  type: {{ .Values.gatewayServiceType }}
 {{- if .Values.loadBalancerIP }}
   loadBalancerIP: {{ .Values.loadBalancerIP }}
 {{- end }}

charts/linkerd2-multicluster/values.yaml

@@ -2,7 +2,7 @@
 controllerComponentLabel: linkerd.io/control-plane-component
 # -- Annotation label for the proxy create. Do not edit.
 createdByAnnotation: linkerd.io/created-by
-# -- If the gateway component should be installed 
+# -- If the gateway component should be installed
 gateway: true
 # -- The path that will be used by the local liveness checks to ensure the
 # gateway is alive
@@ -10,11 +10,11 @@ gatewayLocalProbePath: /health-local
 # -- The port that will be used by the local liveness checks to ensure the
 # gateway is alive
 gatewayLocalProbePort: 8888
-# -- The name of the gateway that will be installed 
+# -- The name of the gateway that will be installed
 gatewayName: linkerd-gateway
 # -- The Nginx image
 gatewayNginxImage: nginx
-# -- The version of the Nginx image 
+# -- The version of the Nginx image
 gatewayNginxImageVersion: 1.17
 # -- The port on which all the gateway will accept incoming traffic
 gatewayPort: 4143
@@ -23,18 +23,20 @@ gatewayPort: 4143
 gatewayProbePath: /health
 # -- The port used for liveliness probing
 gatewayProbePort: 4181
-# -- The interval (in seconds) between liveness probes 
+# -- The interval (in seconds) between liveness probes
 gatewayProbeSeconds: 3
 # -- If the namespace should be installed
 installNamespace: true
-# -- Control plane version 
+# -- Control plane version
 linkerdVersion: linkerdVersionValue
 # -- Service Mirror component namespace
 namespace: linkerd-multicluster
-# -- The port on which the proxy accepts outbound traffic 
+# -- The port on which the proxy accepts outbound traffic
 proxyOutboundPort: 4140
 # -- If the remote mirror service account should be installed
 remoteMirrorServiceAccount: true
 # -- The name of the service account used to allow remote clusters to mirror
 # local services
 remoteMirrorServiceAccountName: linkerd-service-mirror-remote-access-default
+# -- Service Type of gateway Service
+gatewayServiceType: LoadBalancer

cli/cmd/multicluster.go

@@ -59,6 +59,7 @@ type (
 		gatewayNginxImage       string
 		gatewayNginxVersion     string
 		remoteMirrorCredentials bool
+		gatewayServiceType      string
 	}
 
 	linkOptions struct {
@@ -73,6 +74,7 @@ type (
 		controlPlaneVersion     string
 		dockerRegistry          string
 		selector                string
+		gatewayAddresses        string
 	}
 
 	gatewaysOptions struct {
@@ -97,6 +99,7 @@ func newMulticlusterInstallOptionsWithDefault() (*multiclusterInstallOptions, er
 		gatewayNginxImage:       defaults.GatewayNginxImage,
 		gatewayNginxVersion:     defaults.GatewayNginxImageVersion,
 		remoteMirrorCredentials: true,
+		gatewayServiceType:      defaults.GatewayServiceType,
 	}, nil
 }
 
@@ -113,6 +116,7 @@ func newLinkOptionsWithDefault() (*linkOptions, error) {
 		serviceMirrorRetryLimit: defaults.ServiceMirrorRetryLimit,
 		logLevel:                defaults.LogLevel,
 		selector:                k8s.DefaultExportedServiceSelector,
+		gatewayAddresses:        "",
 	}, nil
 }
 
@@ -198,6 +202,7 @@ func buildMulticlusterInstallValues(ctx context.Context, opts *multiclusterInsta
 	defaults.ProxyOutboundPort = uint32(values.GetGlobal().Proxy.Ports.Outbound)
 	defaults.LinkerdVersion = version.Version
 	defaults.RemoteMirrorServiceAccount = opts.remoteMirrorCredentials
+	defaults.GatewayServiceType = opts.gatewayServiceType
 
 	return defaults, nil
 }
@@ -395,6 +400,7 @@ func newMulticlusterInstallCommand() *cobra.Command {
 	cmd.Flags().StringVar(&options.gatewayNginxImage, "gateway-nginx-image", options.gatewayNginxImage, "The nginx image to be used")
 	cmd.Flags().StringVar(&options.gatewayNginxVersion, "gateway-nginx-image-version", options.gatewayNginxVersion, "The version of nginx to be used")
 	cmd.Flags().BoolVar(&options.remoteMirrorCredentials, "service-mirror-credentials", options.remoteMirrorCredentials, "Whether to install the service account which can be used by service mirror components in source clusters to discover exported services")
+	cmd.Flags().StringVar(&options.gatewayServiceType, "gateway-service-type", options.gatewayServiceType, "Overwrite Service type for gateway service")
 
 	// Hide developer focused flags in release builds.
 	release, err := version.IsReleaseChannel(version.Version)
@@ -617,7 +623,8 @@ func newLinkCommand() *cobra.Command {
 				return err
 			}
 
-			gatewayAddresses := []string{}
+			gatewayAddresses := ""
+			gwAddresses := []string{}
 			for _, ingress := range gateway.Status.LoadBalancer.Ingress {
 				addr := ingress.IP
 				if addr == "" {
@@ -626,10 +633,14 @@ func newLinkCommand() *cobra.Command {
 				if addr == "" {
 					continue
 				}
-				gatewayAddresses = append(gatewayAddresses, addr)
+				gwAddresses = append(gwAddresses, addr)
 			}
-			if len(gatewayAddresses) == 0 {
+			if len(gwAddresses) == 0 && opts.gatewayAddresses == "" {
 				return fmt.Errorf("Gateway %s.%s has no ingress addresses", gateway.Name, gateway.Namespace)
+			} else if len(gwAddresses) > 0 {
+				gatewayAddresses = strings.Join(gwAddresses, ",")
+			} else {
+				gatewayAddresses = opts.gatewayAddresses
 			}
 
 			gatewayIdentity, ok := gateway.Annotations[k8s.GatewayIdentity]
@@ -659,7 +670,7 @@ func newLinkCommand() *cobra.Command {
 				TargetClusterDomain:           configMap.GetGlobal().ClusterDomain,
 				TargetClusterLinkerdNamespace: controlPlaneNamespace,
 				ClusterCredentialsSecret:      fmt.Sprintf("cluster-credentials-%s", opts.clusterName),
-				GatewayAddress:                strings.Join(gatewayAddresses, ","),
+				GatewayAddress:                gatewayAddresses,
 				GatewayPort:                   gatewayPort,
 				GatewayIdentity:               gatewayIdentity,
 				ProbeSpec:                     probeSpec,
@@ -728,6 +739,7 @@ func newLinkCommand() *cobra.Command {
 	cmd.Flags().StringVar(&opts.logLevel, "log-level", opts.logLevel, "Log level for the Multicluster components")
 	cmd.Flags().StringVar(&opts.dockerRegistry, "registry", opts.dockerRegistry, "Docker registry to pull service mirror controller image from")
 	cmd.Flags().StringVarP(&opts.selector, "selector", "l", opts.selector, "Selector (label query) to filter which services in the target cluster to mirror")
+	cmd.Flags().StringVar(&opts.gatewayAddresses, "gateway-addresses", opts.gatewayAddresses, "If specified overwrites gateway addresses when gateway service is not type LoadBalancer (comma separated list)")
 
 	return cmd
 }

pkg/charts/multicluster/values.go

@@ -46,6 +46,7 @@ type Values struct {
 	RemoteMirrorServiceAccount     bool   `json:"remoteMirrorServiceAccount"`
 	RemoteMirrorServiceAccountName string `json:"remoteMirrorServiceAccountName"`
 	TargetClusterName              string `json:"targetClusterName"`
+	GatewayServiceType             string `json:"gatewayServiceType"`
 }
 
 // NewInstallValues returns a new instance of the Values type.