-
Notifications
You must be signed in to change notification settings - Fork 39.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Annnotation updates on LoadBalancer service are not propagated to corresponding AWS LoadBalancer listener #114111
Comments
@yogeek: This issue is currently awaiting triage. If a SIG or subproject determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/sig cloud-provider |
@yogeek my apologies for bothering. that's not clear what are you using as a controller and how you exactly run k8s, it's vanilla k8s on EC2 or it's EKS. Why I'm asking? The matter is, we faced with the similar issues on our project with NLB and ALPN policies support of that has been introduced in 2020 https://aws.amazon.com/about-aws/whats-new/2020/05/network-load-balancer-now-supports-tls-alpn-policies/ and perhaps our little findings will be helpful to you somehow. In case if you using latest version aws-load-balancer-controller https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/deploy/installation/ in your cluster, I think this annotation should be supported if believe to documentation https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/guide/service/annotations/#alpn-policy If you don't use aws-load-balancer-controller in your cluster, then you probably use legacy-clould-providers for provision services So annotation what you mentioned - it doesn't exists for legacy-cloud-providers now. There were Pull Requests to add support of ALPN annotation for NLB in legacy providers, but in accordance to statements that new features not allowed, only bugfixes
Seems, that add support of that feature not possible, but not sure at 100% |
I agree with @Zemlyanoy - Kubernetes is behaving as (poorly) documented; if you want to use the unofficial / deprecated PS the annotation is either unofficial or it's deprecated, but I'm not sure which, |
@Zemlyanoy as mentioned in my issue description, my cluster is deployed with kubeadm on AWS EC2 instances (so no EKS) Thank you for the details, and indeed we had to switch to the AWS Load Balancer Controller to be able to configure the ALPN with annotation. The other issue I mentioned is that with the legacy controller, after the creation of a LoadBalancer, any modification to an annotation (modifying a tag for example) is not propagated to the cloud LoadBalancer.. As you said the documentation is not very clear on which LoadBalancer controller to use between :
Hopefully, this article helped to clarify the current situation https://baptistout.net/posts/two-kubernetes-controllers-for-managing-aws-nlb/ Thanks for your help @Zemlyanoy @sftim |
What happened?
I have a
type: LoadBalancer
service with the following annotationsI want to set the ALPN policy, so I add the following annotation :
But no change is propagated to the AWS LoadBalancer listener
(same goes with a tag modification)
What did you expect to happen?
Updating service annotation should update the AWS LoadBalancer
How can we reproduce it (as minimally and precisely as possible)?
Add or update an annotation on a K8S LoadBalancer Service and check in AWS that the change is not applied.
Anything else we need to know?
No response
Kubernetes version
Cloud provider
OS version
No response
Install tools
Container runtime (CRI) and version (if applicable)
No response
Related plugins (CNI, CSI, ...) and versions (if applicable)
No response
The text was updated successfully, but these errors were encountered: