Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add AWS LoadBalancerController #10489

Merged
merged 2 commits into from
Feb 11, 2021

Conversation

olemarkus
Copy link
Member

Also waiting for #10149
Should otherwise be good.

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Dec 22, 2020
@k8s-ci-robot k8s-ci-robot added area/addons area/api size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Dec 22, 2020
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 9, 2021
@olemarkus olemarkus force-pushed the aws-loadbalancer-controller branch from c31e9e7 to 46cb8a4 Compare January 31, 2021 16:38
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 31, 2021
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: olemarkus

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 31, 2021
@olemarkus olemarkus changed the title WIP: Add AWS LoadBalancerController Add AWS LoadBalancerController Jan 31, 2021
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jan 31, 2021
@olemarkus olemarkus force-pushed the aws-loadbalancer-controller branch from 46cb8a4 to 01b3053 Compare February 1, 2021 17:47
@olemarkus
Copy link
Member Author

/milestone v1.20

@k8s-ci-robot k8s-ci-robot added this to the v1.20 milestone Feb 5, 2021
Copy link
Contributor

@dntosas dntosas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you are on fire @olemarkus 🔥

Comment on lines 1737 to 1739
limits:
cpu: 200m
memory: 500Mi
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe we should remove limits in here as well? ^^

for bigger clusters LB controller may need some more memory during reconciliation, we should avoid OOMkills (happened to us a lot of times)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ofc we can see this in next PRs, just mentioning it not to forget

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. No I agree not putting limits on this one. Removed.

Comment on lines 1718 to 1720
- --enable-waf=false
- --enable-wafv2=false
- --enable-shield=false
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should these ones be configurable? if you agree, i can take it on next PR

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not right now. We should at least wait for IRSA support.
The idea that anything running on the control plane can disable waf or shield on any AWS ELB (even those not owned by the cluster) sounds a bit too insane to me.

@olemarkus olemarkus force-pushed the aws-loadbalancer-controller branch from 01b3053 to 1befaf3 Compare February 8, 2021 10:14
// Default: false
Enabled *bool `json:"enabled,omitempty"`
// Image is the docker container used.
// Default: v2.0.0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if this is a good place to mention default by version.

@olemarkus olemarkus force-pushed the aws-loadbalancer-controller branch from e23ad9b to 943cd9a Compare February 11, 2021 08:04
// Enabled enables the loadbalancer controller.
// Default: false
Enabled *bool `json:"enabled,omitempty"`
// Image is the docker container used.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Image is the docker container used.
// Image is the container image tag used.

@olemarkus olemarkus force-pushed the aws-loadbalancer-controller branch from 943cd9a to e106e5f Compare February 11, 2021 09:16
@hakman
Copy link
Member

hakman commented Feb 11, 2021

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 11, 2021
@k8s-ci-robot k8s-ci-robot merged commit b233f03 into kubernetes:master Feb 11, 2021
k8s-ci-robot added a commit that referenced this pull request Feb 11, 2021
…489-origin-release-1.20

Automated cherry pick of #10489: Add AWS LoadBalancerController
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/addons area/api area/documentation cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants