-
Notifications
You must be signed in to change notification settings - Fork 83
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cloudformation fails to apply new stacks due max certificates #176
Comments
Thanks for reporting this. We did some changes like sorting certificates to work around bugs in Cloudformation. I suspect this might have broken the original logic for handling the cases where the limit is reached for one ALB. |
This fixes a couple of bugs related to exceeding the maximum number of certificates per ALB. It limits the max size to 24 instead of 25. This is done because we need to duplicate the default certificate to work around a CloudFormation bug (#162) and therefore need one extra space for this limiting the maximum unique certificates per ALB to 24 instead of the AWS limit of 25. It also fixes a bug in `AddIngress` which could potentially add some of the certificates for a single ingress to a stack and the rest to another stack resulting in an undesired state. Thirdly it adds rollback complete states to `IsComplete()` to automatically attempt to update stacks that are in a rollback complete state. Lastly it removes some of the getter methods from structs and instead exports the fields that are needed in other packages. This was done to make it easier to use the structs in tests and because we are not writing Java. Fix #176, #175 Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net>
This fixes a couple of bugs related to exceeding the maximum number of certificates per ALB. It limits the max size to 24 instead of 25. This is done because we need to duplicate the default certificate to work around a CloudFormation bug (#162) and therefore need one extra space for this limiting the maximum unique certificates per ALB to 24 instead of the AWS limit of 25. It also fixes a bug in `AddIngress` which could potentially add some of the certificates for a single ingress to a stack and the rest to another stack resulting in an undesired state. Thirdly it adds rollback complete states to `IsComplete()` to automatically attempt to update stacks that are in a rollback complete state. Lastly it removes some of the getter methods from structs and instead exports the fields that are needed in other packages. This was done to make it easier to use the structs in tests and because we are not writing Java. Fix #176, #175 Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net>
More detail on this as it was tried to handle with #184 reducing max certificates to 24, this still lets stack a brittle condition, specially in a high dynamic environments where ingresses are being added and deleted dinamically in an automated way. What happensOnce you completed an ALB with 24 certificates (and having 1 spare space for future changes), adding ingresses (or deleting) with 2 new certificates in the same time frame between two polling loops, the controller could lead to a broken stack. As in the first comment imagine a max of 3 certificates per ALB, you have configured your max to 2 and you have one ALB with What to expectWhatever the number of ingresses and related certificates changes in the cluster, controller manage properly the ALBs to end with usable infrastructure ConclusionRelying on cloudformation as it seems to works it is a little bit tricky hamdle this.
|
This fixes a couple of bugs related to exceeding the maximum number of certificates per ALB. It limits the max size to 24 instead of 25. This is done because we need to duplicate the default certificate to work around a CloudFormation bug (#162) and therefore need one extra space for this limiting the maximum unique certificates per ALB to 24 instead of the AWS limit of 25. It also fixes a bug in `AddIngress` which could potentially add some of the certificates for a single ingress to a stack and the rest to another stack resulting in an undesired state. Thirdly it adds rollback complete states to `IsComplete()` to automatically attempt to update stacks that are in a rollback complete state. Fix #176, #175 Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net>
This fixes a couple of bugs related to exceeding the maximum number of certificates per ALB. It limits the max size to 24 instead of 25. This is done because we need to duplicate the default certificate to work around a CloudFormation bug (#162) and therefore need one extra space for this limiting the maximum unique certificates per ALB to 24 instead of the AWS limit of 25. It also fixes a bug in `AddIngress` which could potentially add some of the certificates for a single ingress to a stack and the rest to another stack resulting in an undesired state. Thirdly it adds rollback complete states to `IsComplete()` to automatically attempt to update stacks that are in a rollback complete state. Fix #176, #175 Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net>
* Remove getter and setters for easier testing Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net> * Fix handling limit of certificates per ALB This fixes a couple of bugs related to exceeding the maximum number of certificates per ALB. It limits the max size to 24 instead of 25. This is done because we need to duplicate the default certificate to work around a CloudFormation bug (#162) and therefore need one extra space for this limiting the maximum unique certificates per ALB to 24 instead of the AWS limit of 25. It also fixes a bug in `AddIngress` which could potentially add some of the certificates for a single ingress to a stack and the rest to another stack resulting in an undesired state. Thirdly it adds rollback complete states to `IsComplete()` to automatically attempt to update stacks that are in a rollback complete state. Fix #176, #175 Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net> * Vendor with dep Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net> * Check for nil stack Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net> * Sync load balancer state with stack state Signed-off-by: Mikkel Oscar Lyderik Larsen <m@moscar.net>
Even including only 25 or less in the cloudformation stack this one fails to apply changes internally.
Once the certificate limit is reached KIAC is able to create a new one ALB stack but if the old one need to change some of their certificates it fails to update. It's common deal with this situation since every new ingress could fit their certificate in the full ALB pushing someother to the new one with spare space.
example:
Imagine a limit of 3 certs
you have one ALB with
A[a,b,c]
an a new ingress with[d]
certificate is created in the cluster.In the next iteration of the KIAC, detects 2 stacks and start to distribute the ingresses in this stacks with
A[d,a,b]
andB[c]
. This leads make the upgrade of the A stack fails so I guess cloudformation is trying first to add new certs and then delete others.In addition even having the update stack failed and rollbacked, KIAC updates ingresses statuses with the stacks. In this case statuses of
c
will point toB
while the cert is still inA
making a working service to failAlso once you have the stack in
UPDATE_ROLLBACK_COMPLETE
status it is not ever touched anymore by KIACkube-ingress-aws-controller/worker.go
Lines 51 to 53 in 14fb070
This make it unusable for more than 25 certificates
The text was updated successfully, but these errors were encountered: