Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add AWS LoadBalancerController #10489

Merged
merged 2 commits into from
Feb 11, 2021
Merged

Add AWS LoadBalancerController #10489

merged 2 commits into from
Feb 11, 2021

Conversation

olemarkus
Copy link
Member

Also waiting for #10149
Should otherwise be good.

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Dec 22, 2020
@k8s-ci-robot k8s-ci-robot added area/addons area/api size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Dec 22, 2020
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 9, 2021
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 31, 2021
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: olemarkus

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 31, 2021
@olemarkus olemarkus changed the title WIP: Add AWS LoadBalancerController Add AWS LoadBalancerController Jan 31, 2021
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jan 31, 2021
@olemarkus
Copy link
Member Author

/milestone v1.20

@k8s-ci-robot k8s-ci-robot added this to the v1.20 milestone Feb 5, 2021
dntosas
dntosas reviewed Feb 8, 2021
View reviewed changes
Copy link
Contributor

@dntosas dntosas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you are on fire @olemarkus 🔥

upup/models/bindata.go Outdated
Comment on lines 1737 to 1739
limits:
cpu: 200m
memory: 500Mi
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe we should remove limits in here as well? ^^

for bigger clusters LB controller may need some more memory during reconciliation, we should avoid OOMkills (happened to us a lot of times)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ofc we can see this in next PRs, just mentioning it not to forget

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. No I agree not putting limits on this one. Removed.

upup/models/bindata.go Outdated
Comment on lines 1718 to 1720
- --enable-waf=false
- --enable-wafv2=false
- --enable-shield=false
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should these ones be configurable? if you agree, i can take it on next PR

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not right now. We should at least wait for IRSA support.
The idea that anything running on the control plane can disable waf or shield on any AWS ELB (even those not owned by the cluster) sounds a bit too insane to me.

hakman
hakman requested changes Feb 11, 2021
View reviewed changes
...ls/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml.template Show resolved Hide resolved
pkg/apis/kops/componentconfig.go Outdated
// Default: false
Enabled *bool `json:"enabled,omitempty"`
// Image is the docker container used.
// Default: v2.0.0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if this is a good place to mention default by version.

...ls/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml.template Outdated Show resolved Hide resolved
upup/pkg/fi/cloudup/bootstrapchannelbuilder/bootstrapchannelbuilder.go Outdated Show resolved Hide resolved
hakman
hakman reviewed Feb 11, 2021
View reviewed changes
pkg/apis/kops/v1alpha2/componentconfig.go Outdated
// Enabled enables the loadbalancer controller.
// Default: false
Enabled *bool `json:"enabled,omitempty"`
// Image is the docker container used.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Image is the docker container used.
// Image is the container image tag used.

@olemarkus @hakman
Apply suggestions from code review
e106e5f 
Co-authored-by: Ciprian Hacman <ciprianhacman@gmail.com>
@hakman
Copy link
Member

hakman commented Feb 11, 2021

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 11, 2021
@k8s-ci-robot k8s-ci-robot merged commit b233f03 into kubernetes:master Feb 11, 2021
@olemarkus olemarkus mentioned this pull request Feb 11, 2021
Merged
k8s-ci-robot added a commit that referenced this pull request Feb 11, 2021
@k8s-ci-robot
Merge pull request #10788 from olemarkus/automated-cherry-pick-of-#10…
2fbacbd 
…489-origin-release-1.20

Automated cherry pick of #10489: Add AWS LoadBalancerController
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hakman hakman hakman requested changes

@dntosas dntosas dntosas left review comments

@zetaab zetaab zetaab left review comments

@johngmyers johngmyers Awaiting requested review from johngmyers

Assignees

@hakman hakman

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/addons area/api area/documentation cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
v1.20
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@olemarkus @k8s-ci-robot @hakman @dntosas @zetaab