New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
⚠️ ELB uses separate security group #1476
⚠️ ELB uses separate security group #1476
Conversation
/hold |
be2ced0
to
0bb9b79
Compare
@randomvariable I'm guessing you'd have the same question for clusters created with 0.4.x that upgrade to 0.5? |
Based on feedback from someone else's test, it appears the new security group is created and rules updated, but if there is an existing ELB, it's not updated with the new LB security group, it's still assigned to the control plane security group that no longer has the right ingress rules. So I think it breaks the cluster. I have time tomorrow (Monday) to make sure the reconcile loop updates the ELB's security group unless you think we should address it differently? |
@aaroniscode Let's open a linked issue and keep this PR on hold until the fix is merged to master. This way, we can probably backport both commit at the same time. |
A fix to update the load balancer to the new security group is in PR #1481 |
@randomvariable you will probably want to pull in the commit from #1482 once it's merged to master as it probably should have been included in the PR to separate out the ELB security group. |
@randomvariable @aaroniscode Now that #1481 and #1482 are in, can this one move forward? |
I think it's ready |
/remove hold |
/unhold |
/lgtm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: randomvariable, vincepri The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
…-cherry-pick-of-#1456-upstream-release-0.4⚠️ ELB uses separate security group
Cherry pick of #1456 on release-0.4.
#1456: ELB for API Server to use separate security group
For details on the cherry pick process, see the cherry pick requests page.