Kubernetes version: v1.33.1
Cloud being used: OKE - Cloud Oracle
This post is about migrating from ingress to gateway-api.
My problem is that the documentation says that if I don’t reference an address, a random public IP is assigned to my gateway…
Source: Gateway API | Kubernetes
Even with that reference, my gateway was created with 2 public IPs.
Below is my manifest file and a screenshot confirming the 2 IPs.
```yaml
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: loki-gateway
namespace: loki
spec:
addresses:
- type: IPAddress
value: 136.123.123.245
gatewayClassName: nginx
listeners:
- name: loki-http
protocol: HTTP
port: 80
hostname: foo.example.com.br
allowedRoutes:
namespaces:
from: Same
- name: loki-https
protocol: HTTPS
port: 443
hostname: foo.example.com.br
tls:
mode: Terminate
certificateRefs:
- name: loki-tls
kind: Secret
group: “”
allowedRoutes:
namespaces:
from: Same
```
Hi @Gilberto_de_Oliveira thanks for your post!
I don’t see the screenshot that you are referring to. Could you double check that you’ve attached it?
From how you’re describing it, it seems like the two addresses you are seeing show up in the status.addresses field. Is that correct?
Thanks!
When I tested with your Gateway resource, it only added one IP address to my Service’s External IP list.
Lets run a test. If you delete loki-gateway from your cluster, will both External IPs be remove from the loki-gateway-nginx service? Or does the 162.x.104.14 address stay there?
Since it’s not possible to attach videos, I’m sending 1 screenshots that capture some of the assigned IPs immediately after the kubectl apply command.
Currently, it is no longer assigning two IPs simultaneously, as shown in the first image.
However, I still cannot assign a reserved IP address by referencing it.
spec:
addresses:
value
It hadn’t happened at that moment, but I just checked, and the gateway has two public IPs. Check the application’s restart time.
@Gilberto_de_Oliveira Does the Service’s externalIPs field just have the single IP address that you specified in the Gateway? All that NGINX Gateway Fabric should be setting is that field.
If an additional IP address is being added, it tells me that the cloud provider is adding it. There may be a way to disable that, or you could try setting the following in the NginxProxy CRD
kubectl -n nginx-gateway edit nginxproxies.gateway.nginx.org ngf-proxy-config
spec:
kubernetes:
service:
loadBalancerIP: x.x.x.x
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: loki-gateway
namespace: loki
spec:
addresses:
type: IPAddress
value: 136.123.123.245
gatewayClassName: nginx
listeners:
name: loki-http
protocol: HTTP
port: 80
hostname: my-dns.com.br
allowedRoutes:
namespaces:
from: Same
name: loki-https
protocol: HTTPS
port: 443
hostname: my-dns.com.br
tls:
mode: Terminate
certificateRefs:
name: loki-tls
kind: Secret
group: “”
allowedRoutes:
namespaces:
from: Same
The Gateway file, after being modified, now includes the IP Address.
-
-
==============================================
Command output
kubectl get -n loki svc/loki-gateway-nginx -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: “2025-12-03T12:21:58Z”
finalizers:
service.kubernetes.io/load-balancer-cleanup
labels:
app.kubernetes.io/instance: nginx-gateway
app.kubernetes.io/managed-by: nginx-gateway-nginx
app.kubernetes.io/name: loki-gateway-nginx
gateway.networking.k8s.io/gateway-name: loki-gateway
name: loki-gateway-nginx
namespace: loki
resourceVersion: “332967551”
uid: 2950ac9f-3ad2-41f-748a7ea635d4
spec:
allocateLoadBalancerNodePorts: true
clusterIP: 10.96.101.194
clusterIPs:
10.96.101.194
externalIPs:
136.123.123.245 ( Fixed IP address, defined in the YAML file. )
externalTrafficPolicy: Local
healthCheckNodePort: 31843
internalTrafficPolicy: Cluster
ipFamilies:
IPv4
ipFamilyPolicy: PreferDualStack
ports:
name: port-80
nodePort: 32353
port: 80
protocol: TCP
targetPort: 80
name: port-443
nodePort: 30349
port: 443
protocol: TCP
targetPort: 443
selector:
app.kubernetes.io/instance: nginx-gateway
app.kubernetes.io/managed-by: nginx-gateway-nginx
app.kubernetes.io/name: loki-gateway-nginx
gateway.networking.k8s.io/gateway-name: loki-gateway
sessionAffinity: None
type: LoadBalancer
status:
loadBalancer:
ingress:
ip: 136.456.456.235 ( IP assigned automatically )
ipMode: VIP
@sjberman
Could you check what I sent?
Did you happen to edit the NginxProxy resource as I suggested? I don’t see that configuration in your reply (it’s a little hard to read due to the formatting).
1 Like
@sjberman
I tried editing, but right after applying it, it seems it wasn’t accepted, and it reverted to the previous IP, removing the lines I added.
The changes I sent in the comment were made via the manifest file.
Here’s a pastebin with better indentation.
Was there an error or something when you tried editing the NginxProxy CRD? This is the only way actually edit the NGINX Service with the loadBalancerIP field. Also be sure to check the status of your Gateway resource to see if there is any error messaging there regarding an Invalid NginxProxy configuration.
Here’s a guide on handling that resource: Data plane configuration | NGINX Documentation
@sjberman
I believe that when you previously instructed me on how to edit the CRD, I did something wrong. I edited it correctly now, and it worked; the application only picked up one IP address, and it was the IP address I have reserved with my cloud provider.
Thank you very much for your support.
One question: is this NginxProxy resource created when the Gateway Fabric is created?
That’s correct, when you first install NGINX Gateway Fabric, this resource is also installed. You can also create your own and attach it directly to the Gateway (the default one is attached to the GatewayClass), but that’s really only useful if you plan on defining multiple Gateways with different settings.
Glad you got it working!
My problem has been explained and resolved. If anyone can close this topic, I would appreciate it.
