New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Load balancer security group not being created with IPv6 ingress rules #887
Comments
Hi,
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
@fejta-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Creating an ALB ingress with the following annotations, almost everything appears to be set up correctly — an ALB with internet-facing, dualstack configuration is set up, along with the correct target groups.
However, the associated security group (labelled "managed LoadBalancer securityGroup by ALB Ingress Controller"), only creates two rules: one for each port (80, 443), with the IPv4 CIDR:
0.0.0.0/0
. IPv6 clients are unable to connect unless I manually update the security group with a::/0
rule for each port.I see that the list of CIDRs to add to the security group comes from the
alb.ingress.kubernetes.io/inbound-cidrs
and defaults to0.0.0.0/0
, but when I try to add::/0
for IPv6 to this list, it's rejected.Am I missing something in my configuration to allow IPv6 to work when the ingress controller creates ALBs?
Logs when creating a new ingress
The text was updated successfully, but these errors were encountered: