-
Notifications
You must be signed in to change notification settings - Fork 192
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updated deprecated service annotation #2051
base: main
Are you sure you want to change the base?
Conversation
Looking good. Could you please squash your commits into a single commit, and include a more descriptive summary and description in the commit message? A good example of our commit message standards: https://github.com/cilium/cilium-cli/pull/1948/commits |
7645e9a
to
4d9ca1e
Compare
4d9ca1e
to
7bdbbc0
Compare
Updated, is it acceptable? |
Thanks for the update. Not quite there with the commit message. Your commit message is:
One issue is that the title of the commit message is redundant and doesn't describe the change. A better title would be A few issues with the body of the commit message as well. If you provide a link to an external resource, you should consider it supplemental material that could disappear at any time. The body of the commit message should clearly describe the change and the reason for the change. There should also be a blank line between the title and the body. Putting this together your commit message would be along the lines of
For more information on commit standards, you can refer to the Cilium "submitting a pull request" documentation. Some additional guidelines for good commit messages: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please see the comment above regarding the commit message.
Updated kubernetes service annotation. Instead of using old annotation "service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0" - added new annotation "service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing" https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.6/guide/service/annotations/#:~:text=string-,service.beta.kubernetes.io/aws%2Dload%2Dbalancer%2Dinternal Signed-off-by: Artem Tokarev <[email protected]>
7bdbbc0
to
3556439
Compare
Sorry, GitHub doesn't send any notifications about PRs activity. Updated the commit message. Thanks |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the update
I've kicked the kind job, it timed out reaching cilium.io. This needs a review from @cilium/sig-clustermesh and it's good to go. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @RealArtemiy for the fix and @ti-mo for the ping.
I've left one comment inline about the opportunity of updating the EKS LB configuration to be consistent with that of the other cloud providers.
svc.ObjectMeta.Annotations["service.beta.kubernetes.io/aws-load-balancer-internal"] = "0.0.0.0/0" | ||
svc.ObjectMeta.Annotations["service.beta.kubernetes.io/aws-load-balancer-scheme"] = "internet-facing" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at the current annotation, I'm actually puzzled about the intended behavior, given that service.beta.kubernetes.io/aws-load-balancer-internal
is expected to take a boolean parameter, while we are setting 0.0.0.0/0
. Yet, considering the log message above and the configurations for the other cloud providers, I assume that the goal would be to expose it internally only. For that reason, I'd suggest setting the load balancer scheme to internal
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@giorio94 but as I understand - we need this LB to get a couple of clusters connected to each other, how can it be reached if LB internal? Am I wrong?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The assumption is that the two clusters are either on the same VPC, or the VPCs have been peered together, to enable cross-cluster node to node and pod to pod communication.
Ping, is this still being worked on? Converting to draft for now. |
Updated deprecated service annotation
https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.6/guide/service/annotations/#:~:text=string-,service.beta.kubernetes.io/aws%2Dload%2Dbalancer%2Dinternal,-boolean