Service profile for NodePort

Linkerd General Discussion
,
1

I want to create a service profile for per-route metrics and retries for a service which is exposed via NodePort*. Is this possible?

I don’t know what to name the service.

  • using the node’s external FQDN did not work.
  • using the service’s cluster FQDN (e.g. ourservice.ns.svc.cluster.local) seemed to be a little more useful: I saw the service profile’s routes show up in the linkerd viz routes command, but the metrics stayed at zero.

I can think of a workaround: put a haproxy pod in front of every service I would want to expose using NodePort, and open a NodePort for haproxy instead of the service. However, would like to know whether there can be a solution configured without having to run extra pods.

*We’re an academic lab running a Kubernetes cluster within the institution’s network, and we don’t have the ability to create Kubernetes ingress because we cannot reserve an IP address pool. Our only option for getting IP addresses is DHCP.

2

Hi @jennydaman, can you tell us what version of Linkerd you are running? There have been several issues related to NodePort services which have been fixed so I would recommend trying the latest edge release and seeing if the issue persists there. If so, we can look into it further. To answer your question, the service’s cluster FQDN is the name to use for the service profile.

3

@Alex I am grateful for your help with this! Here are some exact details:

I installed Linkerd just a week ago using Helm, and installed the CLI via the open-source channels.

$ linkerd version
Client version: edge-24.4.1
Server version: stable-2.14.10
  • I am trying to create a ServiceProfile for the service called “chris2222-pfdcm” in the “chris” namespace. The DNS name of my cluster is “k8s.galena.fnndsc”.
  • The node I am accessing the service from is called “rc-golden.tch.harvard.edu”

First, I tried to use the service’s cluster internal FQDN like this:

$ kubectl -n chris get service chris2222-pfdcm
NAME              TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
chris2222-pfdcm   NodePort   10.233.6.164   <none>        4005:30031/TCP   14d

$ kubectl -n chris get serviceprofile
NAME                                          AGE
chris2222-pfdcm.chris.svc.k8s.galena.fnndsc   5d7h

Using the name chris2222-pfdcm.chris.svc.k8s.galena.fnndsc, the command linkerd viz routes shows the routes I’ve configured in the ServiceProfile. However, the values are all -, even after sending some HTTP requests to rc-golden.tch.harvard.edu:30031.

linkerd viz routes -n chris service/chris2222-pfdcm
ROUTE                               SERVICE   SUCCESS   RPS   LATENCY_P50   LATENCY_P95   LATENCY_P99
/api/v1/PACS/sync/pypx/     chris2222-pfdcm         -     -             -             -             -
/api/v1/PACS/thread/pypx/   chris2222-pfdcm         -     -             -             -             -
[DEFAULT]                   chris2222-pfdcm         -     -             -             -             -
everything for debugging    chris2222-pfdcm         -     -             -             -             -

If I delete the ServiceProfile and recreate it with the name “rc-golden.tch.harvard.edu”, the command linkerd viz routes will no longer show the profile’s routes.

$ kubectl -n chris get serviceprofile
NAME                        AGE
rc-golden.tch.harvard.edu   95s

$ linkerd viz routes -n chris service/chris2222-pfdcm
ROUTE               SERVICE   SUCCESS   RPS   LATENCY_P50   LATENCY_P95   LATENCY_P99
[DEFAULT]   chris2222-pfdcm         -     -             -             -             -