GKE Ingress pointing to ExternalName service doesn't work

Question

First of all, what I want to build is right below.

as above diagram, I want Ingress to make distribute traffics to service which is at other namespace me in same cluster. (Ingress is in main namespace) But the Ingress doesn't allow to point dns directly, I make ExternalName Service that points to me-service dns me-service.me.svc.cluster.local and then Ingress points to it.

Yaml of it is

main.k8s.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: main
---
apiVersion: v1
kind: Service
metadata:
  name: me-service
  namespace: main
spec:
  externalName: me-service.me.svc.cluster.local
  type: ExternalName
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: gce
  name: main-router
  namespace: main
spec:
  rules:
  - host: some-domain.me
    http:
      paths:
      - backend:
          service:
            name: me-service
            port:
              number: 80
        path: /
        pathType: ImplementationSpecific

me.k8s.yaml

apiVersion: v1
kind: Namespace
metadata:
  labels:
    stag: production
  name: me
---
apiVersion: v1
kind: Service  # <-- this is the service I want to point
metadata:
  labels:
    app: me
    stag: production
  name: me-service
  namespace: me
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: me
    stag: production
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: me
    stag: production
  name: me-deployment
  namespace: me
spec:
  replicas: 2
  selector:
    matchLabels:
      app: me
      stag: production
  template:
    metadata:
      labels:
        app: me
        stag: production
    spec:
      containers:
      - image: gcr.io/me:latest
        name: me
        ports:
        - containerPort: 80
        resources:
          limits:
            cpu: 300m
            memory: 512M
          requests:
            cpu: 250m
            memory: 512M

And I checked dns address works but Ingress object doesn't created with error message

me-service:80 (<error: endpoints "me-service" not found>)
 Type     Reason     Age                    From                     Message
  ----     ------     ----                   ----                     -------
  Warning  Translate  6m21s (x233 over 22h)  loadbalancer-controller  Translation failed: invalid ingress spec: could not find port "80" in service "main/me-service"

How can I make ingress work? If you need more information, please let me know. :pray:

GKE Engine: 1.20.6-gke.1000

HTTP Load Balancing: Enabled

Network policy: Disabled

Dataplane V2: Enabled

Answer 1

I'm posting it as an answer for better visibility. As I already mentioned in my comments:

As far as I know you cannot use GKE ingress with ExternalName Service type. The two supported types are LoadBalancer and NodePort. If nothing changed recently, you shouldn't be able to create an ingress resource even with a simple ClusterIP, only two above mentioned svc types so I don't believe that ExternalName would work. Well, you can actually use ClusterIP but only if you use container native load balancing which requires your GKE cluster to be VPC-native.

You can still use GKE but you don't have to use GCE ingress as an ingress controller at the same time. But I would try first if it doesn't work with the mentioned container-native load balancing.

You can always deploy different ingress controller on your GKE cluster e.g. nginx-ingress. It can use ClusterIP services out of the box, but I'm not sure if it can handle the ExternalName so you would have to try this out.

OP confirmed that with nginx-ingress it was possible to distribute traffic to services located in different namespaces:

@mario Thank you for your comment. I successfully distribute traffics to other namespace svc using NGINX-ingress. – HyeonJunOh Jul 23 at 9:23