Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue disabling advertised listener #1583

Open
ajurcenk opened this issue Oct 28, 2024 · 1 comment
Open

Issue disabling advertised listener #1583

ajurcenk opened this issue Oct 28, 2024 · 1 comment

Comments

@ajurcenk
Copy link

ajurcenk commented Oct 28, 2024
edited by github-actions bot
Loading

What happened?

We have enabled multiple listeners in the redpanda and disabled the advertised listener for mtlstest listener. In the generated redpanda configuration the the internall listener is removed from redpanda configuration for disabled advertised listener: mtlstest.

What did you expect to happen?

The listener port is removed from LB port mappingsr, no advertised listener is added for the disabled listener, but an internal listener is added for disabled listener.

But we need multiple options for managing advertised listeners' visibility:

  • Disable the external port mapping in LB but keep the advertised listener for use cases as custom ingress controllers/application gateways.
  • Disable the external listener: no port mapping in LB, no advertised listener

How can we reproduce it (as minimally and precisely as possible)?. Please include values file.

The external listener is disabled for mildest listener 
external:
      default:
        enabled: true
        # -- The port used for external client connections.
        port: 9094
        # prefixTemplate: ""
        # -- If undefined, `listeners.kafka.external.default.port` is used.
        advertisedPorts:
        - 443
        tls:
          # enabled: true
          cert: external
        # default is "sasl"
        authenticationMethod: "sasl"
      mtlstest:
        enabled: false
        # -- The port used for external client connections.
        port: 9194
        # prefixTemplate: ""
        # -- If undefined, `listeners.kafka.external.default.port` is used.
        advertisedPorts:
        - 443
        tls:
          enabled: true
          cert: external
          requireClientAuth: true
        # default is "sasl"
        authenticationMethod: "mtls_identity"

The redpanda generated configuration: The internal mtlstest listener is removed from redpanda configuration, but we want only to remove from LB configuration and keep the advertised listeners.

      kafka_api:
      - address: 0.0.0.0
        name: internal
        port: 9093
      - address: 0.0.0.0
        authentication_method: sasl
        name: default
        port: 9094

Anything else we need to know?

5.8.12

Which are the affected charts?

Redpanda

Chart Version(s)

5.8.12

Cloud provider

AKS

JIRA Link: K8S-407
@chrisseto
Copy link
Contributor

We don't currently expose a way to control which listeners appear within the Service port list.

The easiest way to work around this right now would be to disable the external Service entirely and manage the Service yourself.

external:
  enabled: false
---
# Some other yaml file that you kubectl apply -f
apiVersion: v1
kind: Service
metadata:
  annotations: {}
  labels: {}
  name: my-custom-service
spec:
  ports: [] # Your Ports here
  selector: {} # You can copy the selectors that the chart users or copy labels from commonLabels.
  type: ClusterIP

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chrisseto @ajurcenk