Allow configuring `service.type: LoadBalancer` with annotations (!8) · Merge requests · GitLab.org / Cloud Native / charts / gitlab-zoekt

Dylan Griffith requested to merge service-configuration-load-balancer into main Mar 22, 2023

Prior to this change I was planning on deploying this with an internal ingress load balancer which is effectively an L7 load balancer. This was needed for inter-cluster communication as GitLab runs on many K8s clusters (see https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#infra-current-archi-diagram ). I've since learnt we can also communicate across clusters with an internal Service LoadBalancer which effectively means 1 less K8s resource to worry about (ie. just configure the service.yaml and don't use the ingress.yaml). It's also an L4 load balancer which means we won't get path based routing but instead we'll just get 2 ports (probably simpler anyway) and it also means that we may preserve source IPs and have more flexible for implementing NetworkPolicy rules.

This MR uses the same approach as the registry which uses a service.type: LoadBalancer at https://gitlab.com/gitlab-com/gl-infra/k8s-workloads/gitlab-com/-/blob/09ffd7d7bdb3aaf10b6e5e95ced38341f0d5b7f9/releases/gitlab/values/values.yaml.gotmpl#L416 .

In order to allow us to configure this I needed a few additions to the service template.

You can see how this will be configured in Staging by looking at gitlab-com/gl-infra/k8s-workloads/gitlab-com!2618 (merged)

Edited Mar 22, 2023 by Dylan Griffith

Allow configuring `service.type: LoadBalancer` with annotations

Merge request reports