Multiple Auto Scaling Groups and Instances not in Auto Scaling Group …

…management (#118) * Add support for multiple AutoScaling groups #116 * Add suport for instances that are not part of Auto Scaling Group #116 * Document multiple ASGs and single instances features. * Skip target group update if there are no single instances #116 * When fetching nodes list from Kubernetes, filter out master nodes #116 * Minor fixes to documentation, coding style and replacement of some loops with calls to AWS API. * Fetch instances from EC2 instead of fetching them from Kubernetes * Aggregate calls to DescribeAutoScaleGroups when fetching multiple ASGs information * Remove Auto Scaling Group detection during start up to allow starting on instance not in ASG * Update documentation to match that instances are fetched from EC2 and not Kubernetes * Remove redundant kubernetes code that lists nodes * Change default filter to use tag kubernetes.io/cluster/<cluster-id> instead of KubernetesCluster * Update documentation for default filters * Minor fixes to documentation and code readability * Use DescribeInstancesPages in getInstancesDetailsWithFilters to fetch all instances * When fetching list of ASGs, do not send duplicate ASG names in call to getAutoScalingGroupsByName * Rename CUSTOM_TAG_FILTER env variable to CUSTOM_FILTERS and clarify documentation about it * Change pointer receiver to value receiver in a few places * Fix typo in README * Rename constant DIP_SPLIT_SIZE to dipSplitSize
zalando-incubator · Jan 24, 2018 · 289884b · 289884b
1 parent 8d50d90
commit 289884b
Show file tree

Hide file tree

Showing 15 changed files with 1,370 additions and 61 deletions.
diff --git a/README.md b/README.md
@@ -21,6 +21,8 @@ This information is used to manage AWS resources for each ingress objects of the
 - Automatic forwarding of requests to all Worker Nodes, even with auto scaling
 - Automatic cleanup of unnecessary managed resources
 - Support for internet-facing and internal load balancers
+- Support for multiple Auto Scaling Groups
+- Support for instances that are not part of Auto Scaling Group
 - Can be used in clusters created by [Kops](https://github.com/kubernetes/kops), see our [deployment guide for Kops](deploy/kops.md)
 
 ## Upgrade
@@ -87,21 +89,42 @@ This is achieved using AWS CloudFormation. For more details check our [CloudForm
 The controller *will not* manage the security groups required to allow access from the Internet to the load balancers.
 It assumes that their lifecycle is external to the controller itself.
 
-### Discovery
+During startup phase EC2 filters are constructed as follows:
 
-On startup, the controller discovers the AWS resources required for the controller operations:
+* If `CUSTOM_FILTERS` environment variable is set, it is used to generate filters that are later used
+  to fetch instances from EC2.
+* If `CUSTOM_FILTERS` environment variable is not set or could not be parsed, then default
+  filters are `tag:kubernetes.io/cluster/<cluster-id>=owned tag-key=k8s.io/role/node` where `<cluster-id>`
+  is determined from EC2 tags of instance on which Ingress Controller pod is started.
+
+`CUSTOM_FILTERS` is a list of filters separated by spaces. Each filter has a form of `name=value` where name is one
+of names that are recognized by the EC2 API (you can find list [here](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html))
+and value is value of a filter. For example:
+
+* `tag-key=test` will filter instances that has tag named `test`.
+* `vpc-id=vpc-1a2b3c4d` will filter instances that belong to specific VPC.
+* Default filter `tag:kubernetes.io/cluster/<cluster-id>=owned tag-key=k8s.io/role/node` filters instances
+  that has tag `kubernetes.io/cluster/<cluster-id>` with value `owned` and have tag named `tag-key=k8s.io/role/node`.
 
-1. The AutoScalingGroup
+Every poll cycle EC2 is queried with filters that were constructed during startup.
+Each new discovered instance is scanned for Auto Scaling Group tag. Each Target
+Group created by this Ingress controller is then added to each known Auto Scaling Group.
+Each Auto Scaling Group information is fetched only once when first node of it is discovered for first time.
+If instance does not belong to Auto Scaling Group (does not have `aws:autoscaling:groupName` tag) it is stored in separate list of
+Single Instances. On each cycle instances on this list are registered as targets in all Target Groups managed by this controller.
+If call to get instances from EC2 did not return previously known Single Instance, it is deregistered from Target Group and removed from list of Single Instances.
+Call to deregister instances is aggregated so that maximum 1 call to deregister is issued in poll cycle.
 
-    Simple lookup of the Auto Scaling Group that name matches the `aws:autoscaling:groupName` tag from the
-    EC2 instance running the controller.
+### Discovery
+
+On startup, the controller discovers the AWS resources required for the controller operations:
 
-2. The Security Group
+1. The Security Group
 
     Lookup of the `kubernetes.io/cluster/<cluster-id>` tag of the Security Group matching the clusterID for the controller node and `kubernetes:application` matching the value `kube-ingress-aws-controller` or as fallback for `<v0.4.0`
     tag `aws:cloudformation:logical-id` matching the value `IngressLoadBalancerSecurityGroup` (only clusters created by CF).
 
-3. The Subnets
+2. The Subnets
 
     Subnets are discovered based on the VPC of the instance where the
     controller is running. By default it will try to select all subnets of the