Invalid value for field 'resource.IPAddress' when creating service type LoadBalancer

[fbaier-fn]

Hi,

I am running into an issue where I create a service type LoadBalancer with a reserved internal static ip as LoadBalancerIP on GKE but that IP never gets assigned to the loadbalancer. Instead I get:

service-controller  Error syncing load balancer: failed to ensure load balancer: failed to create forwarding rule for load balancer (af0c4abc55961447bb91cc3586a3e2e7(monitoring/loki-lb)): googleapi: Error 400: Invalid value for field 'resource.IPAddress': '192.168.130.42'. Invalid IP address specified., invalid

I am following sort of https://cloud.google.com/kubernetes-engine/docs/tutorials/configuring-domain-name-static-ip#step_2a_using_a_service

Not sure if I am doing something wrong, any ideas?

Steps to reproduce

I reserve an internal regional static ip:

$ gcloud compute addresses list                                                                             
NAME            ADDRESS/RANGE   TYPE      PURPOSE       NETWORK  REGION    SUBNET      STATUS
loki-access     192.168.130.42  INTERNAL  GCE_ENDPOINT           us-west1  static-ips  RESERVED

I am creating a service

apiVersion: v1
kind: Service
metadata:
  labels:
    app: loki
    name: loki
  name: loki-lb
  namespace: monitoring
spec:
  loadBalancerIP: 192.168.130.42
  ports:
  - name: http-metrics
    port: 3100
    protocol: TCP
    targetPort: 3100
  selector:
    app: loki
    name: loki
  sessionAffinity: None
  type: LoadBalancer 

Ill check the service:

$ kubectl get service -n monitoring
NAME                    TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
loki-lb                 LoadBalancer   192.168.7.41    <pending>     3100:30951/TCP               21m

I see its pending for a while so I use kubectl describe to check and see this error message:

Events:
  Type     Reason                  Age                 From                Message
  ----     ------                  ----                ----                -------
  Normal   EnsuringLoadBalancer    89s (x10 over 22m)  service-controller  Ensuring load balancer
  Warning  SyncLoadBalancerFailed  86s (x10 over 22m)  service-controller  Error syncing load balancer: failed to ensure load balancer: failed to create forwarding rule for load balancer (af0c4abc55961447bb91cc3586a3e2e7(monitoring/loki-lb)): googleapi: Error 400: Invalid value for field 'resource.IPAddress': '192.168.130.42'. Invalid IP address specified., invalid

What I expect

The loadbalancer being created with the reserved ip as described in the documentation.

[rramkumar1]

/assign @prameshj

[prameshj]

From the description, it looks like you are trying to create an Internal LoadBalancer, but the service spec does not have the "Internal" annotation.

So the service_controller is trying to create an external loadbalancer and failing because the IP is internal. Please add
"cloud.google.com/load-balancer-type": "Internal"

to your service spec. The only other thing to make sure is that your GKE cluster and the reserved IP are in the same subnet. Currently I see the ip address is in "static-ips" subnet. IF GKE cluster is not in this subnet, then you also need the annotation:
"networking.gke.io/internal-load-balancer-subnet": "static-ips"

The above annotation will work on GKE 1.17 clusters currently.

[prameshj]

/close
Please reopen if the above steps don't resolve it.

[k8s-ci-robot]

@prameshj: Closing this issue.

In response to this:

/close
Please reopen if the above steps don't resolve it.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.