kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12920 from hakman/aws-load-balancer-controller-2.3.1 

Update aws-load-balancer-controller to v2.3.1
This commit is contained in:
Kubernetes Prow Robot 2021-12-10 05:43:11 -08:00 committed by GitHub
parent cfa4629ce0 584f452595
commit a9a661961b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 229 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.9_content
View File

@ -72,6 +72,24 @@ spec:
- ipv4 - ipv4
- dualstack - dualstack
type: string type: string
loadBalancerAttributes:
description: LoadBalancerAttributes define the custom attributes to
LoadBalancers for all Ingress that that belong to IngressClass with
this IngressClassParams.
items:
description: Attributes defines custom attributes on resources.
properties:
key:
description: The key of the attribute.
type: string
value:
description: The value of the attribute.
type: string
required:
- key
- value
type: object
type: array
namespaceSelector: namespaceSelector:
description: NamespaceSelector restrict the namespaces of Ingresses description: NamespaceSelector restrict the namespaces of Ingresses
that are allowed to specify the IngressClass with this IngressClassParams. that are allowed to specify the IngressClass with this IngressClassParams.
@ -377,6 +395,13 @@ spec:
spec: spec:
description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding
properties: properties:
ipAddressType:
description: ipAddressType specifies whether the target group is of
type IPv4 or IPv6. If unspecified, it will be automatically inferred.
enum:
- ipv4
- ipv6
type: string
networking: networking:
description: networking defines the networking rules to allow ELBV2 description: networking defines the networking rules to allow ELBV2
LoadBalancer to access targets in TargetGroup. LoadBalancer to access targets in TargetGroup.
@ -519,6 +544,7 @@ spec:
targetGroupARN: targetGroupARN:
description: targetGroupARN is the Amazon Resource Name (ARN) for description: targetGroupARN is the Amazon Resource Name (ARN) for
the TargetGroup. the TargetGroup.
minLength: 1
type: string type: string
targetType: targetType:
description: targetType is the TargetType of TargetGroup. If unspecified, description: targetType is the TargetType of TargetGroup. If unspecified,
@ -681,6 +707,14 @@ rules:
verbs: verbs:
- patch - patch
- update - update
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- get
- list
- watch
- apiGroups: - apiGroups:
- elbv2.k8s.aws - elbv2.k8s.aws
resources: resources:
@ -855,7 +889,7 @@ spec:
value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com
- name: AWS_WEB_IDENTITY_TOKEN_FILE - name: AWS_WEB_IDENTITY_TOKEN_FILE
value: /var/run/secrets/amazonaws.com/token value: /var/run/secrets/amazonaws.com/token
image: amazon/aws-alb-ingress-controller:v2.2.0 image: amazon/aws-alb-ingress-controller:v2.3.1
livenessProbe: livenessProbe:
failureThreshold: 2 failureThreshold: 2
httpGet: httpGet:

2
tests/integration/update_cluster/aws-lb-controller/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content
View File

@ -53,7 +53,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.9 - id: k8s-1.9
manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml
manifestHash: e05d219afe2fba536b2b477eae99c95aa1b909ad5ab585fe408cbf6aa975c160 manifestHash: 0dec6d6bd4596a08d6981ae2bd5c255d789bd1898c336314e563ff6024374a68
name: aws-load-balancer-controller.addons.k8s.io name: aws-load-balancer-controller.addons.k8s.io
needsPKI: true needsPKI: true
selector: selector:

36
tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.9_content
View File

@ -72,6 +72,24 @@ spec:
- ipv4 - ipv4
- dualstack - dualstack
type: string type: string
loadBalancerAttributes:
description: LoadBalancerAttributes define the custom attributes to
LoadBalancers for all Ingress that that belong to IngressClass with
this IngressClassParams.
items:
description: Attributes defines custom attributes on resources.
properties:
key:
description: The key of the attribute.
type: string
value:
description: The value of the attribute.
type: string
required:
- key
- value
type: object
type: array
namespaceSelector: namespaceSelector:
description: NamespaceSelector restrict the namespaces of Ingresses description: NamespaceSelector restrict the namespaces of Ingresses
that are allowed to specify the IngressClass with this IngressClassParams. that are allowed to specify the IngressClass with this IngressClassParams.
@ -377,6 +395,13 @@ spec:
spec: spec:
description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding
properties: properties:
ipAddressType:
description: ipAddressType specifies whether the target group is of
type IPv4 or IPv6. If unspecified, it will be automatically inferred.
enum:
- ipv4
- ipv6
type: string
networking: networking:
description: networking defines the networking rules to allow ELBV2 description: networking defines the networking rules to allow ELBV2
LoadBalancer to access targets in TargetGroup. LoadBalancer to access targets in TargetGroup.
@ -519,6 +544,7 @@ spec:
targetGroupARN: targetGroupARN:
description: targetGroupARN is the Amazon Resource Name (ARN) for description: targetGroupARN is the Amazon Resource Name (ARN) for
the TargetGroup. the TargetGroup.
minLength: 1
type: string type: string
targetType: targetType:
description: targetType is the TargetType of TargetGroup. If unspecified, description: targetType is the TargetType of TargetGroup. If unspecified,
@ -681,6 +707,14 @@ rules:
verbs: verbs:
- patch - patch
- update - update
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- get
- list
- watch
- apiGroups: - apiGroups:
- elbv2.k8s.aws - elbv2.k8s.aws
resources: resources:
@ -855,7 +889,7 @@ spec:
value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com
- name: AWS_WEB_IDENTITY_TOKEN_FILE - name: AWS_WEB_IDENTITY_TOKEN_FILE
value: /var/run/secrets/amazonaws.com/token value: /var/run/secrets/amazonaws.com/token
image: amazon/aws-alb-ingress-controller:v2.2.0 image: amazon/aws-alb-ingress-controller:v2.3.1
livenessProbe: livenessProbe:
failureThreshold: 2 failureThreshold: 2
httpGet: httpGet:

2
tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content
View File

@ -103,7 +103,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.9 - id: k8s-1.9
manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml
manifestHash: e05d219afe2fba536b2b477eae99c95aa1b909ad5ab585fe408cbf6aa975c160 manifestHash: 0dec6d6bd4596a08d6981ae2bd5c255d789bd1898c336314e563ff6024374a68
name: aws-load-balancer-controller.addons.k8s.io name: aws-load-balancer-controller.addons.k8s.io
needsPKI: true needsPKI: true
selector: selector:

36
tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.9_content
View File

@ -72,6 +72,24 @@ spec:
- ipv4 - ipv4
- dualstack - dualstack
type: string type: string
loadBalancerAttributes:
description: LoadBalancerAttributes define the custom attributes to
LoadBalancers for all Ingress that that belong to IngressClass with
this IngressClassParams.
items:
description: Attributes defines custom attributes on resources.
properties:
key:
description: The key of the attribute.
type: string
value:
description: The value of the attribute.
type: string
required:
- key
- value
type: object
type: array
namespaceSelector: namespaceSelector:
description: NamespaceSelector restrict the namespaces of Ingresses description: NamespaceSelector restrict the namespaces of Ingresses
that are allowed to specify the IngressClass with this IngressClassParams. that are allowed to specify the IngressClass with this IngressClassParams.
@ -377,6 +395,13 @@ spec:
spec: spec:
description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding
properties: properties:
ipAddressType:
description: ipAddressType specifies whether the target group is of
type IPv4 or IPv6. If unspecified, it will be automatically inferred.
enum:
- ipv4
- ipv6
type: string
networking: networking:
description: networking defines the networking rules to allow ELBV2 description: networking defines the networking rules to allow ELBV2
LoadBalancer to access targets in TargetGroup. LoadBalancer to access targets in TargetGroup.
@ -519,6 +544,7 @@ spec:
targetGroupARN: targetGroupARN:
description: targetGroupARN is the Amazon Resource Name (ARN) for description: targetGroupARN is the Amazon Resource Name (ARN) for
the TargetGroup. the TargetGroup.
minLength: 1
type: string type: string
targetType: targetType:
description: targetType is the TargetType of TargetGroup. If unspecified, description: targetType is the TargetType of TargetGroup. If unspecified,
@ -681,6 +707,14 @@ rules:
verbs: verbs:
- patch - patch
- update - update
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- get
- list
- watch
- apiGroups: - apiGroups:
- elbv2.k8s.aws - elbv2.k8s.aws
resources: resources:
@ -850,7 +884,7 @@ spec:
- --ingress-class=alb - --ingress-class=alb
- --default-tags=KubernetesCluster=minimal.example.com - --default-tags=KubernetesCluster=minimal.example.com
- --aws-region=us-test-1 - --aws-region=us-test-1
image: amazon/aws-alb-ingress-controller:v2.2.0 image: amazon/aws-alb-ingress-controller:v2.3.1
livenessProbe: livenessProbe:
failureThreshold: 2 failureThreshold: 2
httpGet: httpGet:

2
tests/integration/update_cluster/many-addons-ccm/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content
View File

@ -103,7 +103,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.9 - id: k8s-1.9
manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml
manifestHash: ebf99002d1f991ad20114c2471941859cabccfee4cead00dd4412db84b76cbb2 manifestHash: d44d9ba3e4b85f7765634cb9a67f3a385df267cb678a8f6d9d8e1fe4e56b22fb
name: aws-load-balancer-controller.addons.k8s.io name: aws-load-balancer-controller.addons.k8s.io
needsPKI: true needsPKI: true
selector: selector:

36
tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.9_content
View File

@ -72,6 +72,24 @@ spec:
- ipv4 - ipv4
- dualstack - dualstack
type: string type: string
loadBalancerAttributes:
description: LoadBalancerAttributes define the custom attributes to
LoadBalancers for all Ingress that that belong to IngressClass with
this IngressClassParams.
items:
description: Attributes defines custom attributes on resources.
properties:
key:
description: The key of the attribute.
type: string
value:
description: The value of the attribute.
type: string
required:
- key
- value
type: object
type: array
namespaceSelector: namespaceSelector:
description: NamespaceSelector restrict the namespaces of Ingresses description: NamespaceSelector restrict the namespaces of Ingresses
that are allowed to specify the IngressClass with this IngressClassParams. that are allowed to specify the IngressClass with this IngressClassParams.
@ -377,6 +395,13 @@ spec:
spec: spec:
description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding
properties: properties:
ipAddressType:
description: ipAddressType specifies whether the target group is of
type IPv4 or IPv6. If unspecified, it will be automatically inferred.
enum:
- ipv4
- ipv6
type: string
networking: networking:
description: networking defines the networking rules to allow ELBV2 description: networking defines the networking rules to allow ELBV2
LoadBalancer to access targets in TargetGroup. LoadBalancer to access targets in TargetGroup.
@ -519,6 +544,7 @@ spec:
targetGroupARN: targetGroupARN:
description: targetGroupARN is the Amazon Resource Name (ARN) for description: targetGroupARN is the Amazon Resource Name (ARN) for
the TargetGroup. the TargetGroup.
minLength: 1
type: string type: string
targetType: targetType:
description: targetType is the TargetType of TargetGroup. If unspecified, description: targetType is the TargetType of TargetGroup. If unspecified,
@ -681,6 +707,14 @@ rules:
verbs: verbs:
- patch - patch
- update - update
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- get
- list
- watch
- apiGroups: - apiGroups:
- elbv2.k8s.aws - elbv2.k8s.aws
resources: resources:
@ -850,7 +884,7 @@ spec:
- --ingress-class=alb - --ingress-class=alb
- --default-tags=KubernetesCluster=minimal.example.com - --default-tags=KubernetesCluster=minimal.example.com
- --aws-region=us-test-1 - --aws-region=us-test-1
image: amazon/aws-alb-ingress-controller:v2.2.0 image: amazon/aws-alb-ingress-controller:v2.3.1
livenessProbe: livenessProbe:
failureThreshold: 2 failureThreshold: 2
httpGet: httpGet:

2
tests/integration/update_cluster/many-addons/data/aws_s3_bucket_object_minimal.example.com-addons-bootstrap_content
View File

@ -103,7 +103,7 @@ spec:
version: 9.99.0 version: 9.99.0
- id: k8s-1.9 - id: k8s-1.9
manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml
manifestHash: ebf99002d1f991ad20114c2471941859cabccfee4cead00dd4412db84b76cbb2 manifestHash: d44d9ba3e4b85f7765634cb9a67f3a385df267cb678a8f6d9d8e1fe4e56b22fb
name: aws-load-balancer-controller.addons.k8s.io name: aws-load-balancer-controller.addons.k8s.io
needsPKI: true needsPKI: true
selector: selector:

235
upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.9.yaml.template
View File

@ -1,4 +1,4 @@
# sourced from https://github.com/kubernetes-sigs/aws-load-balancer-controller/blob/main/docs/install/v2_2_0_full.yaml # sourced from https://github.com/kubernetes-sigs/aws-load-balancer-controller/releases/download/v2.3.1/v2_3_1_full.yaml
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
@ -40,14 +40,10 @@ spec:
description: IngressClassParams is the Schema for the IngressClassParams API description: IngressClassParams is the Schema for the IngressClassParams API
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string type: string
metadata: metadata:
type: object type: object
@ -55,8 +51,7 @@ spec:
description: IngressClassParamsSpec defines the desired state of IngressClassParams description: IngressClassParamsSpec defines the desired state of IngressClassParams
properties: properties:
group: group:
description: Group defines the IngressGroup for all Ingresses that description: Group defines the IngressGroup for all Ingresses that belong to IngressClass with this IngressClassParams.
belong to IngressClass with this IngressClassParams.
properties: properties:
name: name:
description: Name is the name of IngressGroup. description: Name is the name of IngressGroup.
@ -65,40 +60,43 @@ spec:
- name - name
type: object type: object
ipAddressType: ipAddressType:
description: IPAddressType defines the ip address type for all Ingresses description: IPAddressType defines the ip address type for all Ingresses that belong to IngressClass with this IngressClassParams.
that belong to IngressClass with this IngressClassParams.
enum: enum:
- ipv4 - ipv4
- dualstack - dualstack
type: string type: string
namespaceSelector: loadBalancerAttributes:
description: NamespaceSelector restrict the namespaces of Ingresses description: LoadBalancerAttributes define the custom attributes to LoadBalancers for all Ingress that that belong to IngressClass with this IngressClassParams.
that are allowed to specify the IngressClass with this IngressClassParams.
* if absent or present but empty, it selects all namespaces.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items: items:
description: A label selector requirement is a selector that description: Attributes defines custom attributes on resources.
contains values, a key, and an operator that relates the key
and values.
properties: properties:
key: key:
description: key is the label key that the selector applies description: The key of the attribute.
to. type: string
value:
description: The value of the attribute.
type: string
required:
- key
- value
type: object
type: array
namespaceSelector:
description: NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams. * if absent or present but empty, it selects all namespaces.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string type: string
operator: operator:
description: operator represents a key's relationship to description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string type: string
values: values:
description: values is an array of string values. If the description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items: items:
type: string type: string
type: array type: array
@ -110,23 +108,17 @@ spec:
matchLabels: matchLabels:
additionalProperties: additionalProperties:
type: string type: string
description: matchLabels is a map of {key,value} pairs. A single description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object type: object
type: object type: object
scheme: scheme:
description: Scheme defines the scheme for all Ingresses that belong description: Scheme defines the scheme for all Ingresses that belong to IngressClass with this IngressClassParams.
to IngressClass with this IngressClassParams.
enum: enum:
- internal - internal
- internet-facing - internet-facing
type: string type: string
tags: tags:
description: Tags defines list of Tags on AWS resources provisioned description: Tags defines list of Tags on AWS resources provisioned for Ingresses that belong to IngressClass with this IngressClassParams.
for Ingresses that belong to IngressClass with this IngressClassParams.
items: items:
description: Tag defines a AWS Tag on resources. description: Tag defines a AWS Tag on resources.
properties: properties:
@ -198,14 +190,10 @@ spec:
description: TargetGroupBinding is the Schema for the TargetGroupBinding API description: TargetGroupBinding is the Schema for the TargetGroupBinding API
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string type: string
metadata: metadata:
type: object type: object
@ -213,37 +201,28 @@ spec:
description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding
properties: properties:
networking: networking:
description: networking provides the networking setup for ELBV2 LoadBalancer description: networking provides the networking setup for ELBV2 LoadBalancer to access targets in TargetGroup.
to access targets in TargetGroup.
properties: properties:
ingress: ingress:
description: List of ingress rules to allow ELBV2 LoadBalancer description: List of ingress rules to allow ELBV2 LoadBalancer to access targets in TargetGroup.
to access targets in TargetGroup.
items: items:
properties: properties:
from: from:
description: List of peers which should be able to access description: List of peers which should be able to access the targets in TargetGroup. At least one NetworkingPeer should be specified.
the targets in TargetGroup. At least one NetworkingPeer
should be specified.
items: items:
description: NetworkingPeer defines the source/destination description: NetworkingPeer defines the source/destination peer for networking rules.
peer for networking rules.
properties: properties:
ipBlock: ipBlock:
description: IPBlock defines an IPBlock peer. If specified, description: IPBlock defines an IPBlock peer. If specified, none of the other fields can be set.
none of the other fields can be set.
properties: properties:
cidr: cidr:
description: CIDR is the network CIDR. Both IPV4 description: CIDR is the network CIDR. Both IPV4 or IPV6 CIDR are accepted.
or IPV6 CIDR are accepted.
type: string type: string
required: required:
- cidr - cidr
type: object type: object
securityGroup: securityGroup:
description: SecurityGroup defines a SecurityGroup description: SecurityGroup defines a SecurityGroup peer. If specified, none of the other fields can be set.
peer. If specified, none of the other fields can
be set.
properties: properties:
groupID: groupID:
description: GroupID is the EC2 SecurityGroupID. description: GroupID is the EC2 SecurityGroupID.
@ -254,25 +233,17 @@ spec:
type: object type: object
type: array type: array
ports: ports:
description: List of ports which should be made accessible description: List of ports which should be made accessible on the targets in TargetGroup. If ports is empty or unspecified, it defaults to all ports with TCP.
on the targets in TargetGroup. If ports is empty or unspecified,
it defaults to all ports with TCP.
items: items:
properties: properties:
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: The port which traffic must match. When description: The port which traffic must match. When NodePort endpoints(instance TargetType) is used, this must be a numerical port. When Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods. if port is unspecified, it defaults to all ports.
NodePort endpoints(instance TargetType) is used,
this must be a numerical port. When Port endpoints(ip
TargetType) is used, this can be either numerical
or named port on pods. if port is unspecified, it
defaults to all ports.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
protocol: protocol:
description: The protocol which traffic must match. description: The protocol which traffic must match. If protocol is unspecified, it defaults to TCP.
If protocol is unspecified, it defaults to TCP.
enum: enum:
- TCP - TCP
- UDP - UDP
@ -286,8 +257,7 @@ spec:
type: array type: array
type: object type: object
serviceRef: serviceRef:
description: serviceRef is a reference to a Kubernetes Service and description: serviceRef is a reference to a Kubernetes Service and ServicePort.
ServicePort.
properties: properties:
name: name:
description: Name is the name of the Service. description: Name is the name of the Service.
@ -303,12 +273,10 @@ spec:
- port - port
type: object type: object
targetGroupARN: targetGroupARN:
description: targetGroupARN is the Amazon Resource Name (ARN) for description: targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup.
the TargetGroup.
type: string type: string
targetType: targetType:
description: targetType is the TargetType of TargetGroup. If unspecified, description: targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred.
it will be automatically inferred.
enum: enum:
- instance - instance
- ip - ip
@ -357,54 +325,46 @@ spec:
description: TargetGroupBinding is the Schema for the TargetGroupBinding API description: TargetGroupBinding is the Schema for the TargetGroupBinding API
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string type: string
metadata: metadata:
type: object type: object
spec: spec:
description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding description: TargetGroupBindingSpec defines the desired state of TargetGroupBinding
properties: properties:
ipAddressType:
description: ipAddressType specifies whether the target group is of type IPv4 or IPv6. If unspecified, it will be automatically inferred.
enum:
- ipv4
- ipv6
type: string
networking: networking:
description: networking defines the networking rules to allow ELBV2 description: networking defines the networking rules to allow ELBV2 LoadBalancer to access targets in TargetGroup.
LoadBalancer to access targets in TargetGroup.
properties: properties:
ingress: ingress:
description: List of ingress rules to allow ELBV2 LoadBalancer description: List of ingress rules to allow ELBV2 LoadBalancer to access targets in TargetGroup.
to access targets in TargetGroup.
items: items:
description: NetworkingIngressRule defines a particular set description: NetworkingIngressRule defines a particular set of traffic that is allowed to access TargetGroup's targets.
of traffic that is allowed to access TargetGroup's targets.
properties: properties:
from: from:
description: List of peers which should be able to access description: List of peers which should be able to access the targets in TargetGroup. At least one NetworkingPeer should be specified.
the targets in TargetGroup. At least one NetworkingPeer
should be specified.
items: items:
description: NetworkingPeer defines the source/destination description: NetworkingPeer defines the source/destination peer for networking rules.
peer for networking rules.
properties: properties:
ipBlock: ipBlock:
description: IPBlock defines an IPBlock peer. If specified, description: IPBlock defines an IPBlock peer. If specified, none of the other fields can be set.
none of the other fields can be set.
properties: properties:
cidr: cidr:
description: CIDR is the network CIDR. Both IPV4 description: CIDR is the network CIDR. Both IPV4 or IPV6 CIDR are accepted.
or IPV6 CIDR are accepted.
type: string type: string
required: required:
- cidr - cidr
type: object type: object
securityGroup: securityGroup:
description: SecurityGroup defines a SecurityGroup description: SecurityGroup defines a SecurityGroup peer. If specified, none of the other fields can be set.
peer. If specified, none of the other fields can
be set.
properties: properties:
groupID: groupID:
description: GroupID is the EC2 SecurityGroupID. description: GroupID is the EC2 SecurityGroupID.
@ -415,27 +375,18 @@ spec:
type: object type: object
type: array type: array
ports: ports:
description: List of ports which should be made accessible description: List of ports which should be made accessible on the targets in TargetGroup. If ports is empty or unspecified, it defaults to all ports with TCP.
on the targets in TargetGroup. If ports is empty or unspecified,
it defaults to all ports with TCP.
items: items:
description: NetworkingPort defines the port and protocol description: NetworkingPort defines the port and protocol for networking rules.
for networking rules.
properties: properties:
port: port:
anyOf: anyOf:
- type: integer - type: integer
- type: string - type: string
description: The port which traffic must match. When description: The port which traffic must match. When NodePort endpoints(instance TargetType) is used, this must be a numerical port. When Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods. if port is unspecified, it defaults to all ports.
NodePort endpoints(instance TargetType) is used,
this must be a numerical port. When Port endpoints(ip
TargetType) is used, this can be either numerical
or named port on pods. if port is unspecified, it
defaults to all ports.
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
protocol: protocol:
description: The protocol which traffic must match. description: The protocol which traffic must match. If protocol is unspecified, it defaults to TCP.
If protocol is unspecified, it defaults to TCP.
enum: enum:
- TCP - TCP
- UDP - UDP
@ -449,32 +400,21 @@ spec:
type: array type: array
type: object type: object
nodeSelector: nodeSelector:
description: node selector for instance type target groups to only description: node selector for instance type target groups to only register certain nodes
register certain nodes
properties: properties:
matchExpressions: matchExpressions:
description: matchExpressions is a list of label selector requirements. description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
The requirements are ANDed.
items: items:
description: A label selector requirement is a selector that description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
contains values, a key, and an operator that relates the key
and values.
properties: properties:
key: key:
description: key is the label key that the selector applies description: key is the label key that the selector applies to.
to.
type: string type: string
operator: operator:
description: operator represents a key's relationship to description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string type: string
values: values:
description: values is an array of string values. If the description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items: items:
type: string type: string
type: array type: array
@ -486,16 +426,11 @@ spec:
matchLabels: matchLabels:
additionalProperties: additionalProperties:
type: string type: string
description: matchLabels is a map of {key,value} pairs. A single description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object type: object
type: object type: object
serviceRef: serviceRef:
description: serviceRef is a reference to a Kubernetes Service and description: serviceRef is a reference to a Kubernetes Service and ServicePort.
ServicePort.
properties: properties:
name: name:
description: Name is the name of the Service. description: Name is the name of the Service.
@ -511,12 +446,11 @@ spec:
- port - port
type: object type: object
targetGroupARN: targetGroupARN:
description: targetGroupARN is the Amazon Resource Name (ARN) for description: targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup.
the TargetGroup. minLength: 1
type: string type: string
targetType: targetType:
description: targetType is the TargetType of TargetGroup. If unspecified, description: targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred.
it will be automatically inferred.
enum: enum:
- instance - instance
- ip - ip
@ -658,6 +592,14 @@ rules:
verbs: verbs:
- patch - patch
- update - update
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- get
- list
- watch
- apiGroups: - apiGroups:
- elbv2.k8s.aws - elbv2.k8s.aws
resources: resources:
@ -803,7 +745,7 @@ spec:
- --ingress-class=alb - --ingress-class=alb
- "--default-tags={{ CloudLabels }}" - "--default-tags={{ CloudLabels }}"
- --aws-region={{ Region }} - --aws-region={{ Region }}
image: amazon/aws-alb-ingress-controller:{{ or .AWSLoadBalancerController.Version "v2.2.0" }} image: amazon/aws-alb-ingress-controller:{{ or .AWSLoadBalancerController.Version "v2.3.1" }}
livenessProbe: livenessProbe:
failureThreshold: 2 failureThreshold: 2
httpGet: httpGet:
@ -832,7 +774,6 @@ spec:
priorityClassName: system-cluster-critical priorityClassName: system-cluster-critical
nodeSelector: nodeSelector:
node-role.kubernetes.io/master: "" node-role.kubernetes.io/master: ""
priorityClassName: system-cluster-critical
securityContext: securityContext:
fsGroup: 1337 fsGroup: 1337
serviceAccountName: aws-load-balancer-controller serviceAccountName: aws-load-balancer-controller