Overview

An ipSet reserves a public IP address for each location configured within a Global Virtual Cloud (GVC). The public IP address is stored in the object’s status. When a new location is added to a GVC, a new IP address is automatically created if one does not already exist for that location. To prevent ongoing charges, IP addresses must be explicitly released once they are no longer needed.

Binding

An IP Set can be linked to a workload or a gvc through its spec.link property.

When linking to a workload, the workload must have direct load balancer enabled. A workload MUST link to the IP Set via its direct load balancer.

When linking to a gvc, the gvc must have the dedicated load balancer enabled. A gvc MUST link to the IP Set via its dedicated load balancer

The IP Set will only function if the cross-linking is properly configured (workload/gvc and IP Set link to each other).

Linking to Workload from IP Set

{
  "type": "ipSet",
  "name": "example",
  "spec": {
    "link": "/org/example-org/gvc/example-gvc/workload/example-workload",
    "locations": [
      {
        "name": "//location/aws-us-west-2",
        "retentionPolicy": "keep"
      }
    ]
  }
}

Linking to GVC from IP Set

type: ipSet
name: example
spec:
  link: //gvc/example-gvc
  locations:
    - name: //location/aws-us-west-2
      retentionPolicy: keep

Linking to IP Set from Workload

{
  "spec": {
    "containers": [
      {
        "name": "advanced-options-example",
        "args": [],
        "cpu": "50m",
        "env": [],
        "image": "kennethreitz/httpbin:latest",
        "memory": "128Mi",
        "port": 8080
      }
    ],
    "loadBalancer": {
      "direct": {
        "enabled": true,
        "ipSet": "/org/example-org/ipset/example",
        "ports": [
          {
            "externalPort": 443,
            "protocol": "TCP",
            "containerPort": 8080
          }
        ]
      }
    }
  }
}

Linking to IP Set from Gvc

spec:
  loadBalancer:
    dedicated: true
    ipSet: //ipset/example

Releasing

To delete an IP address from a location, you can set the retentionPolicy field for the specific location to "free".

An IP address will not be released unless it is no longer in use (no workload is linked, gvc location not active, etc.)

Example

{
  "type": "ipSet",
  "name": "example",
  "spec": {
    "link": "/org/example-org/gvc/example-gvc/workload/example-workload",
    "locations": [
      {
        "name": "//location/aws-us-west-2",
        "retentionPolicy": "free"
      }
    ]
  }
}

Status

Once the IP Set is initialized, its status will be updated with the new IP address(es).

Example

{
  "type": "ipSet",
  "name": "example",
  "spec": {
    "link": "/org/example-org/gvc/example-gvc/workload/example-workload",
    "locations": [
      {
        "name": "//location/aws-us-west-2",
        "retentionPolicy": "keep"
      }
    ]
  },
  "status": {
    "ipAddresses": [
      {
        "name": "aws-us-west-2",
        "ip": "10.20.30.40",
        "id": "eipalloc-0a1b2c3d4e5f67890",
        "state": "bound",
        "created": "2024-07-30T14:18:36.327Z"
      }
    ]
  }
}