Skip to content

feat: add healthProbeBindAddr flag in helm chart #4139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 41 commits into
base: main
Choose a base branch
from
Open

feat: add healthProbeBindAddr flag in helm chart #4139

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
41 commits
Select commit Hold shift + click to select a range
3951a3a
feat: add healthProbeBindAddr
Apr 10, 2025
9668a4b
feat: add healthProbeBindAddr
Apr 10, 2025
bf9e1f7
initial reconcilers for gateway
zac-nixon Mar 27, 2025
cb4d007
add reference grant and targetgroup config look up
zac-nixon Mar 31, 2025
23ca9e8
update to go 1.24.2
zac-nixon Apr 8, 2025
e7c6c07
chore: change tgb field to lowercase everywhere to avoid logs dropped…
94DanielBrown Apr 9, 2025
5e0447e
support cli flag to enable manage backend SG rules for ALB
shuqz Apr 15, 2025
6b8c78a
Update security_groups.md
tucktuck9 Apr 1, 2025
93a600d
Update configurations.md
tucktuck9 Apr 1, 2025
7cba6b9
[feat: gw api] subnet discovery that works for both ALB / NLB
zac-nixon Apr 8, 2025
6f70423
refactor validation
zac-nixon Apr 15, 2025
52a2853
fix crds
zac-nixon Apr 17, 2025
0ef1444
[feat: gw api] Add eventhandlers for all the gateway resources (#4148)
shraddhabang Apr 18, 2025
d0f5cad
Enable frontend NLB (#4126)
wweiwei-li Apr 18, 2025
d94d4c4
lb creation
zac-nixon Apr 11, 2025
2b8d4f5
sg logic and refactoring
zac-nixon Apr 11, 2025
b8aa4b6
refactor duplication of deletion protection attribute
zac-nixon Apr 14, 2025
d9f5406
refactor duplicated icmp values
zac-nixon Apr 14, 2025
eaf77ed
add sg tests
zac-nixon Apr 14, 2025
1a56900
add tests for permissions genertaion
zac-nixon Apr 15, 2025
0a93d9e
fix quick-ci
zac-nixon Apr 15, 2025
46febcf
delete crd
zac-nixon Apr 17, 2025
a7671b3
address pr comments
zac-nixon Apr 17, 2025
98a5a04
.
zac-nixon Apr 17, 2025
b7b38a7
refactor to use default source ranges
zac-nixon Apr 18, 2025
0b77880
[feat: gw api] Add eventhandler for the gateway resource
shraddhabang Apr 18, 2025
0807009
Allow the same certificate to be specified for both the default and S…
u-kai Mar 29, 2025
6c8b246
update docs
u-kai Mar 29, 2025
87161a5
fix default cert member index
u-kai Mar 29, 2025
1ffc3e7
[feat: gw-api] Creating Target Group + TGB from Gateway spec (#4150)
zac-nixon Apr 22, 2025
7007927
[gw api] tg creation
zac-nixon Apr 15, 2025
c39ff25
fixes to get tg + tgb working
zac-nixon Apr 17, 2025
5de3fec
make logging less noisy
zac-nixon Apr 17, 2025
ff496e4
refactor multicluster to target group props
zac-nixon Apr 21, 2025
c35560d
refactor to use route kind enum
zac-nixon Apr 21, 2025
b9e922c
infer target group type from route
zac-nixon Apr 21, 2025
8bb0d0f
unit tests for target group builder
zac-nixon Apr 22, 2025
1b544ea
fix crds
zac-nixon Apr 22, 2025
a8d856a
feat: add healthProbeBindAddr
Apr 10, 2025
a27cd0e
Revert "feat: add healthProbeBindAddr"
Apr 22, 2025
9246045
Merge branch 'main' into feat-4136
Apr 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion helm/aws-load-balancer-controller/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -244,7 +244,8 @@ The default values set by the application itself can be confirmed [here](https:/
| `tolerateNonExistentBackendAction` | whether to allow rules that reference a backend action that does not exist. (When enabled, it will return 503 error if backend action not exist) | `true` |
| `defaultSSLPolicy` | Specifies the default SSL policy to use for HTTPS or TLS listeners | None |
| `externalManagedTags` | Specifies the list of tag keys on AWS resources that are managed externally | `[]` |
| `livenessProbe` | Liveness probe settings for the controller | (see `values.yaml`) |
| `livenessProbe` | Liveness probe settings for the controller | `{}` (see `values.yaml`) |
| `readinessProbe` | Readiness probe settings for the controller | `{}` (see `values.yaml`) |
| `env` | Environment variables to set for aws-load-balancer-controller pod | None |
| `envFrom` | Environment variables to set for aws-load-balancer-controller pod from configMap or Secret | None |
| `envSecretName` | AWS credentials as environment variables from Secret (Secret keys `key_id` and `access_key`). | None |
Expand Down Expand Up @@ -286,3 +287,4 @@ The default values set by the application itself can be confirmed [here](https:/
| `loadBalancerClass` | Sets the AWS load balancer type to be used when the Kubernetes service requests an external load balancer | `service.k8s.aws/nlb` |
| `creator` | if set to a `value!=helm`, it will disable the addition of default helm labels | `helm` |
| `runtimeClassName` | Runtime class name for the controller pods , such as `gvisor` or `kata`. An unspecified `nil` or empty `""` RuntimeClassName is equivalent to the backwards-compatible default behavior as if the RuntimeClass feature is disabled. | "" |
| `healthProbeBindAddr` | The address the health probe endpoint binds to | `""` |
27 changes: 21 additions & 6 deletions helm/aws-load-balancer-controller/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,9 @@ spec:
{{- if .Values.vpcTags }}
- --aws-vpc-tags={{ include "aws-load-balancer-controller.convertMapToCsv" .Values.vpcTags | trimSuffix "," }}
{{- end }}
{{- if .Values.healthProbeBindAddr }}
- --health-probe-bind-addr={{ .Values.healthProbeBindAddr }}
{{- end }}
{{- if or .Values.env .Values.envSecretName }}
env:
{{- if .Values.env}}
Expand Down Expand Up @@ -228,14 +231,26 @@ spec:
protocol: TCP
resources:
{{- toYaml .Values.resources | nindent 10 }}
{{- with .Values.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.readinessProbe }}
httpGet:
path: /healthz
port: {{ (split ":" .Values.healthProbeBindAddr)._1 | default 61779 }}
scheme: HTTP
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds | default 30 }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds | default 10 }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds | default 10 }}
successThreshold: {{ .Values.livenessProbe.successThreshold | default 1 }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold | default 2 }}
readinessProbe:
{{- toYaml . | nindent 10 }}
{{- end }}
httpGet:
path: /readyz
port: {{ (split ":" .Values.healthProbeBindAddr)._1 | default 61779 }}
scheme: HTTP
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds | default 10 }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds | default 10 }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds | default 10 }}
successThreshold: {{ .Values.readinessProbe.successThreshold | default 1 }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold | default 2 }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
{{- with .Values.nodeSelector }}
nodeSelector:
Expand Down
15 changes: 7 additions & 8 deletions helm/aws-load-balancer-controller/test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,9 @@ enableWaf:
# Enable WAF V2 addon for ALB (default true)
enableWafv2:

# The address the health probe endpoint binds to. (default ":61779")
healthProbeBindAddr: ""

# Maximum number of concurrently running reconcile loops for ingress (default 3)
ingressMaxConcurrentReconciles:

Expand Down Expand Up @@ -220,14 +223,10 @@ tolerateNonExistentBackendAction:
defaultSSLPolicy:

# Liveness probe configuration for the controller
livenessProbe:
failureThreshold: 2
httpGet:
path: /healthz
port: 61779
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 10
livenessProbe: {}

# readiness probe configuration for the controller
readinessProbe: {}

# Environment variables to set for aws-load-balancer-controller pod.
# We strongly discourage programming access credentials in the controller environment. You should setup IRSA or
Expand Down
32 changes: 15 additions & 17 deletions helm/aws-load-balancer-controller/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,9 @@ enableWaf:
# Enable WAF V2 addon for ALB (default true)
enableWafv2:

# The address the health probe endpoint binds to. (default ":61779")
healthProbeBindAddr: ""

# Maximum number of concurrently running reconcile loops for ingress (default 3)
ingressMaxConcurrentReconciles:

Expand Down Expand Up @@ -267,25 +270,20 @@ tolerateNonExistentBackendAction:
defaultSSLPolicy:

# Liveness probe configuration for the controller
livenessProbe:
failureThreshold: 2
httpGet:
path: /healthz
port: 61779
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 10
livenessProbe: {}
# failureThreshold: 3
# initialDelaySeconds: 30
# periodSeconds: 10
# successThreshold: 1
# timeoutSeconds: 1

# readiness probe configuration for the controller
readinessProbe:
failureThreshold: 2
httpGet:
path: /readyz
port: 61779
scheme: HTTP
successThreshold: 1
initialDelaySeconds: 10
timeoutSeconds: 10
readinessProbe: {}
# failureThreshold: 3
# initialDelaySeconds: 10
# periodSeconds: 10
# successThreshold: 1
# timeoutSeconds: 1

# Environment variables to set for aws-load-balancer-controller pod.
# We strongly discourage programming access credentials in the controller environment. You should setup IRSA or
Expand Down