Determine ALB subnets based on tags if annotation is not provided #7
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
Milestone
Comments
bigkraig
added
the
kind/feature
|
I'm going to add this to 1.0...it'll make our examples much easier. |
joshrosso
added a commit
that referenced
this issue
Sep 15, 2017
- When the alb.ingress.kubernetes.io/subnets annotation is not present on an ingress resource, the alb-ingress-controller attempts to qualify 2+ subnets to deploy in. - Subnets that qualify are based on the tags of the subnets themselves. In order for a subnet to be used to deploy an ALB the following tag criteria must be met. - kubernetes.io/cluster/$CLUSTER_NAME where $CLUSTER_NAME is the same cluster name specified on the ingress controller. The value of this tag must be 'shared'. - kubernetes.io/role/alb-ingress the value of this tag should be empty. - After subnets matching the above 2 tags have been located, they are checked to ensure 2 or more are in unique AZs, otherwise the ALB will not be created. If 2 subnets share the same AZ, only 1 of the 2 is used. - Resolves #7
|
This has been implemented in 2964d75 but does require 2 tags to qualify as a usable subnet. From the commit: |
thejasn
pushed a commit
to thejasn/aws-load-balancer-controller
that referenced
this issue
Apr 7, 2022
UPSTREAM: <carry>: Switch to UBI for builder image
alebedev87
pushed a commit
to alebedev87/aws-load-balancer-controller
that referenced
this issue
Oct 26, 2023
UPSTREAM: <carry>: Switch to UBI for builder image
johngmyers
pushed a commit
to johngmyers/aws-load-balancer-controller
that referenced
this issue
Feb 6, 2024
…lity Merge in DEL/aws-load-balancer-controller-fork from IENGOC-39 to main * commit '3e26f86e82a5d419a7f8adfc5c95dd45984be6f4': IENGOC-39: Remediate more bd vulnerabilities IENGOC-39: Remediate bd vulnerabilities cut v2.6.2 release (kubernetes-sigs#3453) update ci e2e script for cert IDs (kubernetes-sigs#3392) fix test failure doc updates (kubernetes-sigs#3426) Change of text "your-cluster-name" (kubernetes-sigs#3152) slice init style suggestion whitespace group errors, emit one event per reconcile, requeue on failure don't block TGB reconciliation loop on failed SG ingress reconciliation fix: remove service from function args feat: resolve health check port name for NLB Expose ingress configuration options for missing backends (kubernetes-sigs#3342) Stricter dependency/security review remove unnecessary patch requests (kubernetes-sigs#3380) increase timeout to 2h in ci scripts wait for the TG to be healthy before cleanup any resource
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If
alb.ingress.kubernetes.io/subnetsis not specified, we should use/emulate the existing cloudprovider functionality to determine the correct subnets in which to create the ALB. Specifically, internal ALBs will be created in subnets tagged withkubernetes.io/role/internal-elb, while internet-facing ones will be created inkubernetes.io/role/elbsubnets.The text was updated successfully, but these errors were encountered: