My Oracle Support Banner

Warning of CreatingLoadBalancerFailed when creating private loadbalancer in OCI OKE (Doc ID 2604230.1)

Last updated on OCTOBER 17, 2021

Applies to:

Oracle Cloud Infrastructure - Oracle Container Engine for Kubernetes - Version N/A and later
Information in this document applies to any platform.

Symptoms

Attempt to create a service in OKE with type LoadBalancer. This loadbalancer is to be created in a private subnet.

The docs below indicates that two annotations should be used:
   https://docs.cloud.oracle.com/iaas/Content/ContEng/Tasks/contengcreatingloadbalancer.htm#CreatingInternalLoadBalancersinPublicandPrivateSubnets
which is:

service.beta.kubernetes.io/oci-load-balancer-internal
service.beta.kubernetes.io/oci-load-balancer-subnet1

 However, the following error occurs when creating the service, as shown in log:

Warning CreatingLoadBalancerFailed 3s service-controller
Error creating load balancer (will retry): failed to ensure load balancer for service ingress-nginx/ingress-nginx: creating load balancer: Service error:InvalidParameter. Private subnet with id ocid1.subnet.oc1.iad.xxxxxxxxxxxxxxxxxxxxxxxxxxxxx is not allowed in a public loadbalancer.. http status code: 400. Opc request id: XXXXXXXXXX/xxxxxxxxxx

The service is verified with the following diagnosis, with the same warning:

> kubectl describe service -n ingress-nginx ingress-nginx

Name: ingress-nginx
Namespace: ingress-nginx
Labels: app.kubernetes.io/name=ingress-nginx app.kubernetes.io/part-of=ingress-nginx service.beta.kubernetes.io/oci-load-balancer-internal=true Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/par...
Selector: app.kubernetes.io/name=ingress-nginx,app.kubernetes.io/part-of=ingress-nginx
Type: LoadBalancer
IP: xx.xx.xx.xx
Port: http 80/TCP
TargetPort: http/TCP
NodePort: http 30179/TCP
Endpoints: xx.xx.xx.xx:80
Port: https 443/TCP
TargetPort: https/TCP
NodePort: https 31097/TCP
Endpoints: xx.xx.xx.xx:443
Session Affinity: None
External Traffic Policy: Cluster
Events:
Type Reason Age From Message ---- ------ ---- ---- ------- Warning CreatingLoadBalanc 2m39s

The yaml config is as below:

kind: Service
apiVersion: v1
metadata:
  name: ingress-nginx
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    service.beta.kubernetes.io/oci-load-balancer-internal: "true"
spec:
  type: LoadBalancer
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
  ports:
    - name: http
      port: 80
      targetPort: http
    - name: https
      port: 443
      targetPort: https

 

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.