-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add AWS LoadBalancerController #10489
Add AWS LoadBalancerController #10489
Conversation
c31e9e7
to
46cb8a4
Compare
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: olemarkus The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
46cb8a4
to
01b3053
Compare
/milestone v1.20 |
...ls/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml.template
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you are on fire @olemarkus 🔥
upup/models/bindata.go
Outdated
limits: | ||
cpu: 200m | ||
memory: 500Mi |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe we should remove limits in here as well? ^^
for bigger clusters LB controller may need some more memory during reconciliation, we should avoid OOMkills (happened to us a lot of times)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ofc we can see this in next PRs, just mentioning it not to forget
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. No I agree not putting limits on this one. Removed.
upup/models/bindata.go
Outdated
- --enable-waf=false | ||
- --enable-wafv2=false | ||
- --enable-shield=false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should these ones be configurable? if you agree, i can take it on next PR
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not right now. We should at least wait for IRSA support.
The idea that anything running on the control plane can disable waf or shield on any AWS ELB (even those not owned by the cluster) sounds a bit too insane to me.
01b3053
to
1befaf3
Compare
...ls/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml.template
Show resolved
Hide resolved
pkg/apis/kops/componentconfig.go
Outdated
// Default: false | ||
Enabled *bool `json:"enabled,omitempty"` | ||
// Image is the docker container used. | ||
// Default: v2.0.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if this is a good place to mention default by version.
...ls/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml.template
Outdated
Show resolved
Hide resolved
upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go
Outdated
Show resolved
Hide resolved
e23ad9b
to
943cd9a
Compare
// Enabled enables the loadbalancer controller. | ||
// Default: false | ||
Enabled *bool `json:"enabled,omitempty"` | ||
// Image is the docker container used. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// Image is the docker container used. | |
// Image is the container image tag used. |
Co-authored-by: Ciprian Hacman <[email protected]>
943cd9a
to
e106e5f
Compare
/lgtm |
…489-origin-release-1.20 Automated cherry pick of #10489: Add AWS LoadBalancerController
Also waiting for #10149
Should otherwise be good.