Protocol UDP not supported by LoadBalancer

Questions
1

Hello,

We have a microservice that’s exposed via UDP.

I am following instructions at https://docs.konghq.com/kubernetes-ingress-controller/2.3.x/guides/using-udpingress/ to setup a UDP ingress with Kong in AWS EKS (1.22).

After the step Exposing UDP Ports on Kong where I added following settings to values.yaml (exactly the same as in the link above, except port number):

udpProxy:
  enabled: true
  type: LoadBalancer
  stream:
  - containerPort: 9527
    servicePort: 9527
    protocol: UDP

… I see the staging-kong-udp-proxy service pending forever:

$ kubectl get svc
NAME                      TYPE           CLUSTER-IP       EXTERNAL-IP                                                               PORT(S)                         AGE
staging-kong-admin       NodePort       172.20.207.77    <none>                                                                    8001:31577/TCP,8444:31502/TCP   3d10h
staging-kong-proxy       LoadBalancer   172.20.177.219   <masked>.us-east-1.elb.amazonaws.com                                      80:32679/TCP,443:30594/TCP      3d10h
staging-kong-udp-proxy   LoadBalancer   172.20.215.70    <pending>                                                                 9527:31404/UDP                  95m

The service event logs says Protocol UDP not supported by LoadBalancer:

$ kubectl describe svc staging-kong-udp-proxy
Name:                     staging-kong-udp-proxy
Namespace:                kong
Labels:                   app.kubernetes.io/instance=staging
                          app.kubernetes.io/managed-by=Helm
                          app.kubernetes.io/name=kong
                          app.kubernetes.io/version=2.8
                          helm.sh/chart=kong-2.8.0
Annotations:              meta.helm.sh/release-name: staging
                          meta.helm.sh/release-namespace: kong
Selector:                 app.kubernetes.io/component=app,app.kubernetes.io/instance=staging,app.kubernetes.io/name=kong
Type:                     LoadBalancer
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       172.20.215.70
IPs:                      172.20.215.70
Port:                     streamudp-9527  9527/UDP
TargetPort:               9527/UDP
NodePort:                 streamudp-9527  31404/UDP
Endpoints:                10.0.0.204:9527
Session Affinity:         None
External Traffic Policy:  Cluster
Events:
  Type     Reason                  Age                 From                Message
  ----     ------                  ----                ----                -------
  Warning  SyncLoadBalancerFailed  20m (x19 over 85m)  service-controller  Error syncing load balancer: failed to ensure load balancer: Protocol UDP not supported by LoadBalancer
  Normal   EnsuringLoadBalancer    5s (x23 over 85m)   service-controller  Ensuring load balancer

Any help please?

2

Are the resulting ELBs for the Services that are working classic ELBs or NLBs? The code that throws the error and its test appears to confirm that classic ELB use is the problem.

You may need to reach out to AWS support to determine how to switch between the types. This section suggests that service.beta.kubernetes.io/aws-load-balancer-type: "external" may be what flips it, but I’m not certain.

AWS indicates that NLBs have supported UDP LoadBalancers for some time. Classic ELB support isn’t mentioned and I suspect those do not support UDP LoadBalancers, and documentation indicates classic ELBs are the default on the older controller.

The newer controller documentation doesn’t mention classic ELBs and presumably only provisions NLBs, and indicates support for UDP without any additional configuration.

While this warning suggests that the type annotation is what controls whether the LB is a classic ELB or an NLB, it’s not clear how you’d actually ask for a classic ELB.