I have the following helm chart values:
# Choose an optional name for the datacenter
global:
datacenter: minidc
# Enable the Consul Web UI via a NodePort
ui:
service:
type: 'NodePort'
# Enable Connect for secure communication between nodes
connectInject:
enabled: true
centralConfig:
enabled: "true"
proxyDefaults: |
{
"envoy_prometheus_bind_addr": "0.0.0.0:9102",
"envoy_extra_static_clusters_json": "{\"connect_timeout\": \"3.000s\", \"dns_lookup_family\": \"V4_ONLY\", \"lb_policy\": \"ROUND_ROBIN\", \"load_assignment\": { \"cluster_name\": \"jaeger_9411\",\"endpoints\": [{\"lb_endpoints\": [{\"endpoint\": {\"address\": {\"socket_address\": {\"address\": \"simplest-collector\",\"port_value\": 9411,\"protocol\": \"TCP\"}}}}]}]},\"name\": \"jaeger_9411\",\"type\": \"STRICT_DNS\"}",
"envoy_tracing_json": "{\"http\": {\"name\": \"envoy.zipkin\",\"config\": {\"collector_cluster\": \"jaeger_9411\", \"collector_endpoint\": \"/api/v1/spans\",\"trace_id_128bit\": true, \"shared_span_context\": true}}}"
}
ingressGateways:
enabled: true
gateways:
- name: ingress-gateway
replicas: 1
service:
type: 'NodePort'
ports:
- port: 8786
nodePort: 30002
client:
enabled: true
grpc: true
# Use only one Consul server for local development
server:
replicas: 1
bootstrapExpect: 1
disruptionBudget:
enabled: true
maxUnavailable: 0
The ingress-gateway pod is failing to start with the following error:
[2020-07-21 07:04:41.756][1][critical][main] [source/server/server.cc:95] error initializing configuration '/tmp/envoy-1623b29ceb93d317-bootstrap.json': cluster manager: duplicate cluster 'self_admin'
Hey @ezraroi,
I tried using the same values file and was able to reproduce the error on my minikube cluster. However, when I commented out the proxyDefaults field from the connectInject section, it was able to successfully spin up the ingress gateway.
I haven’t been able to get to the bottom of what specifically in the proxyDefaults section was causing this error and will spend some more time investigating that in particular, but I suspect it might have something to do with minikube being a single node cluster.
Hi @ashwin-venkatesh, I also managed to make it work by deleting the proxyDefaults stanza.
looks like when providing some envoy config and not using the default one it is somehow not working
A quick follow up question @ezraroi. Do pods that get connected with connectInject setup with the proxyDefaults register themselves successfully?
I suspect those proxy defaults might not works in our current configuration
Also it looks like the proxy defaults configure the consul global “proxy-default” https://www.consul.io/docs/agent/config-entries/proxy-defaults.html
Not certain if they serve they same purpose here.
Yes, the inject is working with the proxyDefaults.
If I dont install ingress-gateway everything works fine.
The configuration from the proxyDefaults is passed to the envoy proxy and it is working fine.
Only when adding ingress-gateway it is not working.
The configuration I use is taken from a code published by @nic
This appears to be similar to this github issue. We identified a bug and have opened up a PR to address the same that can be tracked here. This should hopefully make it into the next consul patch release. In the meantime, you could use this image: ashwinvenkatesh/consul-dev which has the patch built into it.
Hopefully this should unblock you until the patch is released. Please let me know if this addresses the problem you were seeing. I tried it against my minikube cluster and the ingress gateways came up successfully with it.
Cheer!!