advertise external IP only/or cluster ip for the service

[murali-reddy]

Opening up bug to capture the discussion on gitter

Kube-rotuer currently advertises ClusterIP of the service to BGP peers if --advertise-cluster-ip is enabled. Which may not be desirable in all cases, and in general recommendation and perception is ClusterIP is really for pods to consume and should not be routable.

We have a bug opened to #75 , to selectivley advertise cluster IP only for necessary services. As there will services like DB which strictly need to be cluster local.

If the service has a External IP associated, then it explicitly meant to allow ingress traffic so should be advertised.

So it leaves couple of open questions.

• should we deprecate --advertise-cluster-ip? and just support --advertise-external-ip?
• or support advertising both

[hwinkel]

I think in the scope of "kubernetes based network services" and kube-router as a implementation we should consider a slightly different network model and interpretation of the service, pod and ingress ressources. I.e. we could say ClusterIPs (Services) or PodIPs are even Public IPs and directly announced to the corresponding upstream segment (i.e. TOR) nothing in k8s stops us for not using routable public IPs. In this contect ypu might not even need a ingress controller at all as you directly terminate ServiceIP or even PodIP. In this context we should be able to define a config which IPs from which networks should be advertised