Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes spurious LoadBalancer change when using ACM Certificate #5814

Merged
merged 1 commit into from
Sep 24, 2018
Merged

Fixes spurious LoadBalancer change when using ACM Certificate #5814

merged 1 commit into from
Sep 24, 2018

Conversation

rifelpet
Copy link
Member

@rifelpet rifelpet commented Sep 21, 2018
edited
Loading

When using .spec.api.loadBalancer.sslCertificate, subsequent kops update cluster report the following spurious change after the certificate has already been attached to the listener:

Will modify resources:
  LoadBalancer/api.$CLUSTER_NAME
  	Listeners           	 {443: {"InstancePort":443,"SSLCertificateID":""}} -> {443: {"InstancePort":443,"SSLCertificateID":"arn:aws:acm:us-east-1:000000000000:certificate/..."}}

This is because we werent keeping track of the ACM Certificate when describing the "actual" load balancer status.

This fixes that behavior, and now kops accurately reports no changes to be made. I also confirmed that update cluster continues to work on clusters that dont specify an sslCertificate.

@rifelpet
Fixes spurious LoadBalancer change when using ACM Certificate
c3d2038 
When using `.spec.api.loadBalancer.sslCertificate`, subsequent `kops update cluster` report the following spurious change:
```
Will modify resources:
  LoadBalancer/api.ho-prod-a.us-east-1.k8s.tune.com
  	Listeners           	 {443: {"InstancePort":443,"SSLCertificateID":""}} -> {443: {"InstancePort":443,"SSLCertificateID":"arn:aws:acm:us-east-1:000000000000:certificate/..."}}
```

This is because we werent keeping track of the ACM Certificate when describing the "actual" load balancer status.

This fixes that behavior, and now kops accurately reports no changes to be made.
@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Sep 21, 2018
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Sep 21, 2018
@rifelpet
Copy link
Member Author

/retest

@rdrgmnzs
Copy link
Contributor

Thanks @rifelpet !

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Sep 21, 2018
@mikesplain
Copy link
Contributor

Thank so much @rifelpet!

/lgtm
/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mikesplain, rdrgmnzs, rifelpet

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 24, 2018
@k8s-ci-robot k8s-ci-robot merged commit 5ce8301 into kubernetes:master Sep 24, 2018
@Raffo
Copy link
Contributor

Raffo commented Oct 19, 2018

Thank you so much @rifelpet ❤️ , I missed that while implementing the ACM integration!

@rifelpet rifelpet mentioned this pull request Nov 28, 2018
Closed
@rifelpet rifelpet deleted the fix_spurious_acm_change branch April 25, 2020 13:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrisz100 chrisz100 Awaiting requested review from chrisz100

@robinpercy robinpercy Awaiting requested review from robinpercy

Assignees

@rdrgmnzs rdrgmnzs

@mikesplain mikesplain

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@rifelpet @rdrgmnzs @mikesplain @k8s-ci-robot @Raffo