Skip listener attributes reconcile for Isolated regions (#3884)

kubernetes-sigs · Oct 17, 2024 · 1ea514f · 1ea514f
1 parent 808fcbc
commit 1ea514f
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 14 deletions.
diff --git a/pkg/deploy/elbv2/listener_manager.go b/pkg/deploy/elbv2/listener_manager.go
@@ -3,6 +3,7 @@ package elbv2
 import (
 	"context"
 	"reflect"
+	"strings"
 	"time"
 
 	awssdk "github.com/aws/aws-sdk-go-v2/aws"
@@ -101,7 +102,8 @@ func (m *defaultListenerManager) Create(ctx context.Context, resLS *elbv2model.L
 	}); err != nil {
 		return elbv2model.ListenerStatus{}, errors.Wrap(err, "failed to update extra certificates on listener")
 	}
-	if areListenerAttributesSupported(resLS.Spec.Protocol) {
+	listenerARN := awssdk.ToString(sdkLS.Listener.ListenerArn)
+	if !isIsolatedRegion(getRegionFromARN(listenerARN)) && areListenerAttributesSupported(resLS.Spec.Protocol) {
 		if err := m.attributesReconciler.Reconcile(ctx, resLS, sdkLS); err != nil {
 			return elbv2model.ListenerStatus{}, err
 		}
@@ -121,7 +123,8 @@ func (m *defaultListenerManager) Update(ctx context.Context, resLS *elbv2model.L
 	if err := m.updateSDKListenerWithExtraCertificates(ctx, resLS, sdkLS, false); err != nil {
 		return elbv2model.ListenerStatus{}, err
 	}
-	if areListenerAttributesSupported(resLS.Spec.Protocol) {
+	listenerARN := awssdk.ToString(sdkLS.Listener.ListenerArn)
+	if !isIsolatedRegion(getRegionFromARN(listenerARN)) && areListenerAttributesSupported(resLS.Spec.Protocol) {
 		if err := m.attributesReconciler.Reconcile(ctx, resLS, sdkLS); err != nil {
 			return elbv2model.ListenerStatus{}, err
 		}
@@ -379,3 +382,17 @@ func areListenerAttributesSupported(protocol elbv2model.Protocol) bool {
 	supported, exists := PROTOCOLS_SUPPORTING_LISTENER_ATTRIBUTES[protocol]
 	return exists && supported
 }
+
+func getRegionFromARN(arn string) string {
+	if strings.HasPrefix(arn, "arn:") {
+		arnElements := strings.Split(arn, ":")
+		if len(arnElements) > 3 {
+			return arnElements[3]
+		}
+	}
+	return ""
+}
+
+func isIsolatedRegion(region string) bool {
+	return strings.Contains(strings.ToLower(region), "-iso-")
+}
diff --git a/test/e2e/service/nlb_instance_target_test.go b/test/e2e/service/nlb_instance_target_test.go
@@ -160,20 +160,23 @@ var _ = Describe("test k8s service reconciled by the aws load balancer controlle
 				})
 				Expect(err).NotTo(HaveOccurred())
 			})
-			By("modifying listener attributes", func() {
-				err := stack.UpdateServiceAnnotations(ctx, tf, map[string]string{
-					"service.beta.kubernetes.io/aws-load-balancer-listener-attributes.TCP-80": "tcp.idle_timeout.seconds=400",
-				})
-				Expect(err).NotTo(HaveOccurred())
+			// remove this once listener attributes are available in isolated region
+			if !strings.Contains(tf.Options.AWSRegion, "-iso-") {
+				By("modifying listener attributes", func() {
+					err := stack.UpdateServiceAnnotations(ctx, tf, map[string]string{
+						"service.beta.kubernetes.io/aws-load-balancer-listener-attributes.TCP-80": "tcp.idle_timeout.seconds=400",
+					})
+					Expect(err).NotTo(HaveOccurred())
 
-				lsARN := getLoadBalancerListenerARN(ctx, tf, lbARN, "80")
+					lsARN := getLoadBalancerListenerARN(ctx, tf, lbARN, "80")
 
-				Eventually(func() bool {
-					return verifyListenerAttributes(ctx, tf, lsARN, map[string]string{
-						"tcp.idle_timeout.seconds": "400",
-					}) == nil
-				}, utils.PollTimeoutShort, utils.PollIntervalMedium).Should(BeTrue())
-			})
+					Eventually(func() bool {
+						return verifyListenerAttributes(ctx, tf, lsARN, map[string]string{
+							"tcp.idle_timeout.seconds": "400",
+						}) == nil
+					}, utils.PollTimeoutShort, utils.PollIntervalMedium).Should(BeTrue())
+				})
+			}
 		})
 		It("should provision internal load-balancer resources", func() {
 			By("deploying stack", func() {