Commit Graph

25 Commits

Author SHA1 Message Date
Ciprian Hacman e57cd534b5 Allow attaching same external target group to multiple instance groups 2020-12-03 06:59:59 +02:00
Christian Joun e91ed11449
Implement API load balancer class with NLB and ELB support on AWS (#9011)
* refactor TargetLoadBalancer to use DNSTarget interface instead of LoadBalancer

* add LoadBalancerClass fields into api

* make api machinery

* WIP: Implemented API loadbalancer class, allowing NLB and ELB support on AWS for new clusters.

* perform vendoring related tasks and apply fixes identified from hack/

dissallow spotinst + nlb
remove reflection in status_discovery.go
Add precreated additional security groups to the Master nodes in case of NLB
Remove support for attaching individual instances to NLB; only rely on ASG attachments
Don't specify Classic loadbalancer in GCE integration test

* add utility function to the kops model context to make LoadBalancer comparisons simpler

* use DNSTarget interface when locating DNSName of API ELB

* wip: create target group task

* Consolidate TargetGroup tasks

* Use context helper for determining api load balancer type to avoid nil pointers

* Update NLB creation to use target group ARN from separate task rather than creating a TG in-line

* Address staticcheck and bazel failures

* Removing NLB Attachment tasks because they're not used since we switched to defining them as a part of the ASGs

* Address PR review feedback

* Only set LB Class field for AWS clusters, fix nil pointer

* Move target group attributes from NLB task to TG task, removing unused attributes

* Add terraform and cloudformation support for NLBs, listeners, and target groups

* Update integration test for NLB support

* Fix NLB name format to pass terraform validation

* Preserve security group rule names when switching ELB to NLB to reduce destructive terraform changes

* Use elbv2 enums and address some TODOs

* Set healthcheck values in target group

* Find TG tags, fix NLB name detection

* Fix more spurious changes reported by lifecycle integration test

* Fix spotinst validation, more code cleanup

* Address more PR feedback

* ReconcileTargetGroups unit test + more code simplification

* Addressing PR feedback Renaming task 1. awstasks.LoadBalancer -> awstasks.ClassicLoadBalancer

* Addressing PR feedback Renaming task: ELBName() -> CLBName() / LinkToELB() -> LinkToCLB()

* Addressing PR feedback: Various text changes

* fix export of kubecfg

* address TargetGroup should have the same name as the NLB

* should address error when fetching tags due to missing ARN

* Update expected and crds

* Add feature table to NLB docs

* Address more feedback and remove some TODOs that arent applicable anymore

* Update spotinst validation error message

Co-authored-by: Peter Rifel <pgrifel@gmail.com>
2020-11-02 05:28:52 -08:00
Rodrigo Menezes 82d0ebdb56 Prevent unintended resource updates to LB attatchments 2020-10-26 17:29:07 -07:00
Nicolas Vanheuverzwijn 89d4fb757e feat: allow additional security groups on bastion ELB 2020-04-16 12:04:59 -04:00
mikesplain 9e55b8230a Update copyright notices
Also cleans some white spaces
2019-09-09 14:47:51 -04:00
xichengliudui 3cd5c71330 Using const() defines constants together (part:3) 2019-04-11 15:19:27 -04:00
mikesplain 14cbad9bc0 Fix tagging and remove tagging elbs 2019-03-29 13:29:11 -04:00
Liran Polak 9db3567cac fix: skip the load balancer attachment 2018-10-29 22:28:15 +02:00
Justin Santa Barbara 9a6653421c Support override security groups with bastion 2018-10-02 11:53:41 -07:00
Justin Santa Barbara 12873d3868 SecurityGroups: ensure owned security groups are tagged 2018-03-24 22:19:54 -04:00
chrislovecnm 4711d1596e update to imports that apimachinery is doing now automatically 2017-10-27 14:28:48 -06:00
chrislovecnm dc338c4829 Refactoring phases to work in sequence properly 2017-10-26 13:17:34 -06:00
Justin Santa Barbara 3dfe48e5ae Wiring up lifecycle 2017-07-15 22:03:54 -04:00
Justin Santa Barbara cb4641fea3 Code updates 2017-03-16 02:40:50 -04:00
Justin Santa Barbara 69c38f721e Switch how we build ELB names, but keep a feature flag 2017-03-09 09:18:31 -05:00
Justin Santa Barbara 724bd95e0b Use Name tag to match ELBs
Rather than using the LoadBalancerName to match, we match on the Name
tag.

Related to #2019
2017-03-09 09:18:31 -05:00
Kris Nova 336237e879 Bug fixes and bastion reworking 2017-01-05 07:45:52 -07:00
Justin Santa Barbara 9314575953 Working on expressing how we expose services like the API 2017-01-04 23:04:30 -05:00
Justin Santa Barbara 9545c5dbd7 Lock down bastion->master/nodes
Only open port 22 (SSH)

Fix #1312
2017-01-03 11:20:01 -05:00
Justin Santa Barbara 8ce09c65e9 Fixes per code review 2016-12-19 01:18:28 -05:00
Justin Santa Barbara 91b77ae11e Multi-version testing; fix few edge cases
By testing with data from various schema versions, we effectively check
that they are equivalent.

Also this uncovered a few places where we were not strictly ordering
things - add some sorts in there.
2016-12-18 23:14:29 -05:00
Justin Santa Barbara 4475d68c2e Remove dead code 2016-12-18 21:56:57 -05:00
Justin Santa Barbara ef6d1fddf5 Update tests for new TF output 2016-12-18 21:56:57 -05:00
Justin Santa Barbara 1ef2c367c1 Reintroduce subnet assignemnt logic 2016-12-18 21:56:57 -05:00
Justin Santa Barbara fed68310fa Schema v1alpha2
* Zones are now subnets
* Utility subnet is no longer part of Zone
* Bastion InstanceGroup type added instead
* Etcd clusters defined in terms of InstanceGroups, not zones
* AdminAccess split into SSHAccess & APIAccess
* Dropped unused Multizone flag
2016-12-18 21:56:57 -05:00