diff --git a/docs/releases/1.26-NOTES.md b/docs/releases/1.26-NOTES.md index a22ad92c8f..1ba08ab0cd 100644 --- a/docs/releases/1.26-NOTES.md +++ b/docs/releases/1.26-NOTES.md @@ -14,6 +14,7 @@ This is a document to gather the release notes prior to the release. * Instance group images can now be dynamically fetched through an AWS SSM Parameter. +* The AWS Load Balancer, when enabled, will run on worker nodes if IRSA is enabled as of Kubernetes version 1.24. # Breaking changes diff --git a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 50edcb0522..9f6db8ece5 100644 --- a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -890,11 +890,16 @@ spec: - --default-tags=KubernetesCluster=minimal.example.com - --aws-region=us-test-1 env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName - name: AWS_ROLE_ARN value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com - name: AWS_WEB_IDENTITY_TOKEN_FILE value: /var/run/secrets/amazonaws.com/token - image: amazon/aws-alb-ingress-controller:v2.4.3 + image: amazon/aws-alb-ingress-controller:v2.4.5 livenessProbe: failureThreshold: 2 httpGet: diff --git a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index af3dbd02b3..dab17ca7fd 100644 --- a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -47,7 +47,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: f3e44a9cd8ba1650b8dbebf5507d01e5c833d646d0c34ef099c052f7b379e072 + manifestHash: 19ea2082a06998052ce085e25c25a2434d0d284a73c8dcb908744727b84c8deb name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 50edcb0522..9f6db8ece5 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -890,11 +890,16 @@ spec: - --default-tags=KubernetesCluster=minimal.example.com - --aws-region=us-test-1 env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName - name: AWS_ROLE_ARN value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com - name: AWS_WEB_IDENTITY_TOKEN_FILE value: /var/run/secrets/amazonaws.com/token - image: amazon/aws-alb-ingress-controller:v2.4.3 + image: amazon/aws-alb-ingress-controller:v2.4.5 livenessProbe: failureThreshold: 2 httpGet: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index db3b9b8de3..9486c5fbd5 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -97,7 +97,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: f3e44a9cd8ba1650b8dbebf5507d01e5c833d646d0c34ef099c052f7b379e072 + manifestHash: 19ea2082a06998052ce085e25c25a2434d0d284a73c8dcb908744727b84c8deb name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 18678f4ad4..e3e774f30c 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -890,11 +890,16 @@ spec: - --default-tags=KubernetesCluster=minimal.example.com - --aws-region=us-test-1 env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName - name: AWS_ROLE_ARN value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com - name: AWS_WEB_IDENTITY_TOKEN_FILE value: /var/run/secrets/amazonaws.com/token - image: amazon/aws-alb-ingress-controller:v2.4.3 + image: amazon/aws-alb-ingress-controller:v2.4.5 livenessProbe: failureThreshold: 2 httpGet: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 886a59ab3e..00ce8dd6cd 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa23/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -104,7 +104,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 0c048675f400abb6108ed571576574a4f4138a70ee0917dcfc980764172a03d1 + manifestHash: 615a3bf4083d8d907e99738f5eb1cddafd5fae8c42b5cf02fcd574447bdc846b name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 18678f4ad4..a11229b540 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -857,7 +857,7 @@ metadata: name: aws-load-balancer-controller namespace: kube-system spec: - replicas: 1 + replicas: 2 selector: matchLabels: app.kubernetes.io/component: controller @@ -870,16 +870,6 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller kops.k8s.io/managed-by: kops spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists containers: - args: - --cluster-name=minimal.example.com @@ -890,11 +880,16 @@ spec: - --default-tags=KubernetesCluster=minimal.example.com - --aws-region=us-test-1 env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName - name: AWS_ROLE_ARN value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com - name: AWS_WEB_IDENTITY_TOKEN_FILE value: /var/run/secrets/amazonaws.com/token - image: amazon/aws-alb-ingress-controller:v2.4.3 + image: amazon/aws-alb-ingress-controller:v2.4.5 livenessProbe: failureThreshold: 2 httpGet: @@ -928,11 +923,6 @@ spec: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 - tolerations: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - key: node-role.kubernetes.io/master - operator: Exists topologySpreadConstraints: - labelSelector: matchLabels: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 58094df5cc..92e6023b4a 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -104,7 +104,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 0c048675f400abb6108ed571576574a4f4138a70ee0917dcfc980764172a03d1 + manifestHash: da760fddf2cf54757b8715a92146a7ce5f332199b885bd9b308645180ea215e1 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 18678f4ad4..a11229b540 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -857,7 +857,7 @@ metadata: name: aws-load-balancer-controller namespace: kube-system spec: - replicas: 1 + replicas: 2 selector: matchLabels: app.kubernetes.io/component: controller @@ -870,16 +870,6 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller kops.k8s.io/managed-by: kops spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists containers: - args: - --cluster-name=minimal.example.com @@ -890,11 +880,16 @@ spec: - --default-tags=KubernetesCluster=minimal.example.com - --aws-region=us-test-1 env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName - name: AWS_ROLE_ARN value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com - name: AWS_WEB_IDENTITY_TOKEN_FILE value: /var/run/secrets/amazonaws.com/token - image: amazon/aws-alb-ingress-controller:v2.4.3 + image: amazon/aws-alb-ingress-controller:v2.4.5 livenessProbe: failureThreshold: 2 httpGet: @@ -928,11 +923,6 @@ spec: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 - tolerations: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - key: node-role.kubernetes.io/master - operator: Exists topologySpreadConstraints: - labelSelector: matchLabels: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index cf9f5cd531..05725a08fb 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -104,7 +104,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 0c048675f400abb6108ed571576574a4f4138a70ee0917dcfc980764172a03d1 + manifestHash: da760fddf2cf54757b8715a92146a7ce5f332199b885bd9b308645180ea215e1 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 18678f4ad4..a11229b540 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -857,7 +857,7 @@ metadata: name: aws-load-balancer-controller namespace: kube-system spec: - replicas: 1 + replicas: 2 selector: matchLabels: app.kubernetes.io/component: controller @@ -870,16 +870,6 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller kops.k8s.io/managed-by: kops spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists containers: - args: - --cluster-name=minimal.example.com @@ -890,11 +880,16 @@ spec: - --default-tags=KubernetesCluster=minimal.example.com - --aws-region=us-test-1 env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName - name: AWS_ROLE_ARN value: arn:aws-test:iam::123456789012:role/aws-load-balancer-controller.kube-system.sa.minimal.example.com - name: AWS_WEB_IDENTITY_TOKEN_FILE value: /var/run/secrets/amazonaws.com/token - image: amazon/aws-alb-ingress-controller:v2.4.3 + image: amazon/aws-alb-ingress-controller:v2.4.5 livenessProbe: failureThreshold: 2 httpGet: @@ -928,11 +923,6 @@ spec: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 - tolerations: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - key: node-role.kubernetes.io/master - operator: Exists topologySpreadConstraints: - labelSelector: matchLabels: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 486d19b578..5be2b1598c 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -97,7 +97,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 0c048675f400abb6108ed571576574a4f4138a70ee0917dcfc980764172a03d1 + manifestHash: da760fddf2cf54757b8715a92146a7ce5f332199b885bd9b308645180ea215e1 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 015016f73b..57be71e405 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -889,7 +889,13 @@ spec: - --ingress-class=alb - --default-tags=KubernetesCluster=minimal.example.com - --aws-region=us-test-1 - image: amazon/aws-alb-ingress-controller:v2.4.3 + env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + image: amazon/aws-alb-ingress-controller:v2.4.5 livenessProbe: failureThreshold: 2 httpGet: diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index dbb24c5fbc..755f692292 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -97,7 +97,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 5b35b6eba1236bd63720efb533b04bad96eba1c7cb9f1289653a9738b3a2f5e1 + manifestHash: b2689c2b0412fca98856b0a86b757233c89b6fd65e45d3770f6ea2cc1e6bc710 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 015016f73b..57be71e405 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -889,7 +889,13 @@ spec: - --ingress-class=alb - --default-tags=KubernetesCluster=minimal.example.com - --aws-region=us-test-1 - image: amazon/aws-alb-ingress-controller:v2.4.3 + env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + image: amazon/aws-alb-ingress-controller:v2.4.5 livenessProbe: failureThreshold: 2 httpGet: diff --git a/tests/integration/update_cluster/many-addons/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 73fdd2321f..cdc35abf6c 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -97,7 +97,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 5b35b6eba1236bd63720efb533b04bad96eba1c7cb9f1289653a9738b3a2f5e1 + manifestHash: b2689c2b0412fca98856b0a86b757233c89b6fd65e45d3770f6ea2cc1e6bc710 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template b/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template index b91a1fdefb..33d64e2c0d 100644 --- a/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template +++ b/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template @@ -717,7 +717,7 @@ metadata: name: aws-load-balancer-controller namespace: kube-system spec: - replicas: {{ ControlPlaneControllerReplicas false }} + replicas: {{ ControlPlaneControllerReplicas (IsKubernetesGTE "1.24") }} selector: matchLabels: app.kubernetes.io/component: controller @@ -729,6 +729,7 @@ spec: app.kubernetes.io/name: aws-load-balancer-controller spec: nodeSelector: null + {{ if not (and UseServiceAccountExternalPermissions (IsKubernetesGTE "1.24")) }} affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -739,6 +740,7 @@ spec: - matchExpressions: - key: node-role.kubernetes.io/master operator: Exists + {{ end }} containers: - args: - --cluster-name={{ ClusterName }} @@ -748,7 +750,13 @@ spec: - --ingress-class=alb - "--default-tags={{ CloudLabels }}" - --aws-region={{ Region }} - image: amazon/aws-alb-ingress-controller:{{ or .AWSLoadBalancerController.Version "v2.4.3" }} + env: + - name: NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + image: amazon/aws-alb-ingress-controller:{{ or .AWSLoadBalancerController.Version "v2.4.5" }} livenessProbe: failureThreshold: 2 httpGet: @@ -779,11 +787,13 @@ spec: fsGroup: 1337 serviceAccountName: aws-load-balancer-controller terminationGracePeriodSeconds: 10 + {{ if not (and UseServiceAccountExternalPermissions (IsKubernetesGTE "1.24")) }} tolerations: - key: node-role.kubernetes.io/control-plane operator: Exists - key: node-role.kubernetes.io/master operator: Exists + {{ end }} topologySpreadConstraints: - maxSkew: 1 topologyKey: "topology.kubernetes.io/zone"