I have a GKE service app using golang. I want to make the app only accessible with same vpc (because it will exposed using kong to public domain). But everytime i make the internal alb ingress inside GKE, it returns an error like this
Error syncing to GCP: error running load balancer syncing routine: loadbalancer ad8b7iw3-gke-app-event-ingress-n1p8mv91 does not exist: googleapi: Error 400: Invalid value for field 'resource.target': 'https://www.googleapis.com/compute/v1/projects/gke-project/regions/asia-southeast2/targetHttpProxies/k8s2-tp-ad8b7iw3-gke-app-event-ingress-n1p8mv91'. An active proxy-only subnetwork is required in the same region and VPC as the forwarding rule.
EDITED For now the error return like this
Missing one or more resources. If resource creation takes longer than expected, you might have an invalid configuration.
i have make svc and ingress yaml file to handle this:
ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
labels:
app: gke-app
name: event-ingress
namespace: gke-app
spec:
ingressClassName: "gce-internal"
defaultBackend:
service:
name: gke-svc
port:
number: 8003
rules:
- host: event.staginggke.my.id
http:
paths:
- path: "/"
pathType: Prefix
backend:
service:
name: gke-svc
port:
number: 8003
svc.yaml
apiVersion: v1
kind: Service
metadata:
name: gke-svc
namespace: gke-app
annotations:
cloud.google.com/neg: '{"ingress": true}'
networking.gke.io/load-balancer-type: "Internal"
labels:
app: gke-app
spec:
sessionAffinity: ClientIP
selector:
app: gke-app
ports:
- port: 8003 # Port output
targetPort: 8000 # Container port
protocol: TCP
name: http
nodePort: 30473 # Node Port Static
type: LoadBalancer
loadBalancerIP: 10.184.0.12
externalTrafficPolicy: Cluster
Thank you for helping!!! :)
You are missing a proxy-only subnet. You need to create one in the same VPC/Subnet your GKE cluster is on
https://cloud.google.com/load-balancing/docs/l7-internal/setting-up-l7-internal#configure-a-network