AWS NLB: Support cross-zone load balancing annotation #61064
Conversation
k8s-ci-robot
added
release-note
|
@chrislovecnm / @jsafrane I'm not entirely sure how to test this as the entire NLB feature seems to be barely test covered, any hints? |
|
/sig aws |
|
@johanneswuerbach: GitHub didn't allow me to assign the following users: micahhausler. Note that only kubernetes members and repo collaborators can be assigned. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/assign @justinsb |
johanneswuerbach
force-pushed
the
nlb-cross-zone
branch
from
259ad3b
to
decabbd
Compare
|
@justinb, have you taken a look at this PR? I ran into the lack of cross-AZ support for NLBs today, and only discovered the root of the problem by studying the implementation. We have an implementation available here. What's the next step? |
|
/ok-to-test |
k8s-ci-robot
removed
the
needs-ok-to-test
|
|
||
| // Determine if cross zone load balancing enabled/disabled has been specified | ||
| crossZoneLoadBalancingEnabledAnnotation := annotations[ServiceAnnotationLoadBalancerCrossZoneLoadBalancingEnabled] | ||
| if crossZoneLoadBalancingEnabledAnnotation != "" { |
There was a problem hiding this comment.
Why add a parameter to ensureLoadBalancerv2() since annotations are already getting passed?
Could you move this logic into ensureLoadBalancerv2()
| } | ||
| describeAttributesOutput, err := c.elbv2.DescribeLoadBalancerAttributes(describeAttributesRequest) | ||
| if err != nil { | ||
| glog.Warning("Unable to retrieve load balancer attributes during attribute sync") |
There was a problem hiding this comment.
Since you're returning the error, you don't need to log it here. Can you wrap it instead?
fmt.Errorf("My error message: %q", err)| return nil, err | ||
| } | ||
|
|
||
| foundAttributes := &describeAttributesOutput.Attributes |
There was a problem hiding this comment.
Why dereference this here and add a *foundAttributes below? Why not just
for _, foundAttribute := range describeAttributesOutput.Attributes {
...
}
| // Whether the ELB was new or existing, sync attributes regardless. This accounts for things | ||
| // that cannot be specified at the time of creation and can only be modified after the fact, | ||
| // e.g. idle connection timeout. | ||
| if len(loadBalancerAttributes) > 0 { |
There was a problem hiding this comment.
It might help this read better if loadBalancerAttributes was renamed to something like desiredLoadBalancerAttributes. Reading below,
if targetValue, ok := loadBalancerAttributes[*foundAttribute.Key]would be easier to understand if it was
if targetValue, ok := desiredLoadBalancerAttributes[*foundAttribute.Key]| // Determine if cross zone load balancing enabled/disabled has been specified | ||
| crossZoneLoadBalancingEnabledAnnotation := annotations[ServiceAnnotationLoadBalancerCrossZoneLoadBalancingEnabled] | ||
| if crossZoneLoadBalancingEnabledAnnotation != "" { | ||
| loadBalancerAttributes["load_balancing.cross_zone.enabled"] = crossZoneLoadBalancingEnabledAnnotation |
There was a problem hiding this comment.
This value should be "true" not whatever string value the user entered.
There was a problem hiding this comment.
The reasoning behind using the value here, was to make setting it explicitly to false work. I know that you could also delete the annotation to revert it to false, but that seemed not really obvious. wdyt?
There was a problem hiding this comment.
Yea, you're right true or false could be valid values. Can you make sure you call strconv.ParseBool() like the check for access logs does to make sure the input is valid? https://github.com/kubernetes/kubernetes/blob/master/pkg/cloudprovider/providers/aws/aws.go#L3415-L3425
|
|
||
| // Identify to be changed attributes | ||
| for _, foundAttribute := range *foundAttributes { | ||
| if targetValue, ok := loadBalancerAttributes[*foundAttribute.Key]; ok { |
There was a problem hiding this comment.
You should add an else case for if !ok, meaning the annotation for the attribute was deleted.
From the docs:
Any existing attributes that you do not modify retain their current values.
If the annotation gets removed, we would want to set the value to "false" and add it to changedAttributes.
There was a problem hiding this comment.
@micahhausler Wouldn't that mean that we set any value to false, also the attributes k8s doesn't know about and which might have a different default (e.g. routing.http2.enabled, while only being a valid attribute for ALBs defaults to true).
Instead I set now load_balancing.cross_zone.enabled to false by default, so a set annotation will change it, but an eventually removed annotation changes it back to false.
johanneswuerbach
force-pushed
the
nlb-cross-zone
branch
2 times, most recently
from
f478ff6
to
ff13751
Compare
|
👍 |
k8s-ci-robot
added
the
lgtm
|
/retest |
|
/test pull-kubernetes-e2e-gce |
|
@kubernetes/sig-aws-misc |
|
/test all Tests are more than 96 hours old. Re-running tests. |
|
/retest |
|
Any updates? |
|
would be great to get this going.. kind of wasteful otherwise when using NLB |
|
/test pull-kubernetes-godeps |
|
/milestone v1.14 |
|
@micahhausler: You must be a member of the kubernetes/kubernetes-milestone-maintainers github team to set the milestone. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/approve |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: johanneswuerbach, jsafrane, micahhausler The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/retest Review the full test history for this PR. Silence the bot with an |
AWS Network Load Balancer recently got support for cross-zone load balancing. Use the existing `service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled` annotation to configure it.
johanneswuerbach
force-pushed
the
nlb-cross-zone
branch
from
ff13751
to
5e6d865
Compare
k8s-ci-robot
removed
the
lgtm
|
@jsafrane rebased and replaced glog usage with klog. CI should pass now 🤞 |
k8s-ci-robot
added
the
sig/cloud-provider
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
@johanneswuerbach, can you please let me know if this feature (NLB-cross zone load balancing) is available in kubernetes v1.15 ? |
|
AWS docs are not provided for this one . I understand this is a kubernetes only annotation but is it not supposed to be included by AWS docs ? Is this the official doc for the annotation ? Also if I understand correctly this is for the controller annotation for service not for the ingress resource itself . https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.1/guide/service/annotations/ |
AWS Network Load Balancer recently got support for cross-zone load balancing.
Use the existing
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabledannotation to configure it.
AWS release announcement:
https://aws.amazon.com/about-aws/whats-new/2018/02/network-load-balancer-now-supports-cross-zone-load-balancing/
What this PR does / why we need it:
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Special notes for your reviewer:
Release note: