Cluster information:
Kubernetes version:
Client Version: version.Info{Major:“1”, Minor:“11”, GitVersion:“v1.11.3”, GitCommit:“a4529464e4629c21224b3d52edfe0ea91b072862”, GitTreeState:“clean”, BuildDate:“2018-09-10T11:44:36Z”, GoVersion:“go1.11”, Compiler:“gc”, Platform:“darwin/amd64”}
Server Version: version.Info{Major:“1”, Minor:“8”, GitVersion:“v1.8.6”, GitCommit:“6260bb08c46c31eea6cb538b34a9ceb3e406689c”, GitTreeState:“clean”, BuildDate:“2017-12-21T06:23:29Z”, GoVersion:“go1.8.3”, Compiler:“gc”, Platform:“linux/amd64”}
Cloud being used: AWS
Installation method: kops
Host OS: Debian GNU/Linux 8.10 (jessie)
Hello,
I’m facing the following issue:
after updating some services and deployments in any namespace, kubernetes deletes and recreates the AWS Load Balancer connected to the nginx-ingress-controller, although no changes have been made to the ingress-nginx service.
In the kube-controller-manager.log file of the master node that sent the command to AWS, I found the following logs:
"
service_controller.go:298] Ensuring LB for service ingress-nginx/ingress-nginx
aws.go:2786] EnsureLoadBalancer(…)
aws.go:2256] Existing security group ingress: sg-xxxxxxxxxxxxx
aws_loadbalancer.go:230] Deleting removed load balancer listeners
aws_loadbalancer.go:242] Creating added load balancer listeners
aws_loadbalancer.go:486] Creating proxy protocol policy on load balancer
aws_loadbalancer.go:335] Updating load-balancer attributes for “aaaaaaaabbbbbbbbbccccccccc”
aws.go:3055] Loadbalancer aaaaaaaabbbbbbbbbccccccccc (ingress-nginx/ingress-nginx) has DNS name
aaaaaaaabbbbbbbbbccccccccc-<serial_of_the_deleted_lb>-.elb.amazonaws.com
service_controller.go:775] Failed to process service. Not retrying: Failed to persist updated status to apiserver, even after retries. Giving up: Not persisting update to service ‘ingress-nginx/ingress-nginx’ that has been changed since we received it: Operation cannot be fulfilled on services “ingress-nginx”: the object has been modified; please apply your changes to the latest version and try again
service_controller.go:754] Service has been deleted ingress-nginx/ingress-nginx
aws.go:3258] Removing rule for traffic from the load balancer (sg-086dd951c80cad655) to instance (sg-ec8f4f81)
aws.go:2223] Comparing sg-086dd951c80cad655 to sg-02b2179d0025d0ef9
aws.go:2223] Comparing sg-086dd951c80cad655 to sg-040d937708b32505f
aws.go:2223] Comparing sg-086dd951c80cad655 to sg-085f53cda99c42c38
aws.go:2223] Comparing sg-086dd951c80cad655 to sg-086dd951c80cad655
aws.go:2419] Removing security group ingress: sg-ec8f4f81 [{
IpProtocol: “-1”,
UserIdGroupPairs: [{
GroupId: “sg-086dd951c80cad655”
}]
}]
aws.go:3360] Ignoring DependencyViolation while deleting load-balancer security group (sg-086dd951c80cad655), assuming because LB is in process of deleting
aws.go:3384] Waiting for load-balancer to delete so we can delete security groups: ingress-nginx
aws.go:3371] Deleted all security groups for load balancer: ingress-nginx
service_controller.go:298] Ensuring LB for service ingress-nginx/ingress-nginx
aws.go:2786] EnsureLoadBalancer(…)
aws.go:2256] Existing security group ingress: sg-yyyyyyyyyyy
aws.go:2287] Adding security group ingress: sg-yyyyyyyyyyy
aws_loadbalancer.go:102] Creating load balancer for ingress-nginx/ingress-nginx with name: aaaaaaaabbbbbbbbbccccccccc
…
"
Does anyone have any ideas?
Thank you very much