Support LoadBalancerClass

[dronenb]

trafficstars

Title

Support LoadBalancerClass

Description

It is possible for clusters to have multiple implementations for Service of type: LoadBalancer. Kubernetes 1.24 and later have introduced the standard .spec.loadBalancerClass field in the service spec to be able to distinguish between the types of load balancing services available to the cluster, so that you can specify which load balancing class you would like to use. See here. I do not see any indication that this is presently supported in F5 CIS.

Actual Problem

If you have multiple load balancing classes, F5 CIS will not respect the .spec.loadBalancerClass field.

Solution Proposed

F5 CIS should have a config parameter to only watch services with the loadBalancerClass as specified in the param, and should default to the existing behavior of watching all load balancer classes.

[trinaths]

Created [CONTCNTR-4781] for internal tracking. @dronenb Please share RFE examples, CIS config to [email protected]

[mikeoleary]

@trinaths - I have a similar requirement for my customer.

My customer has a 3rd party application running in K8s and they deploy with helm. The application team is a different team than the BIG-IP team, which adds to some permissions around who can define what annotations and where.

As much as possible, the application team do not want to wander away from the recommended helm values, which includes a service of type LB. So they are using CIS in CRD mode, and creating a VS on BIG-IP. However, they run in Azure and an Azure LB is also created, despite not being used.

If CIS supported loadBalancerClass, I believe I could convince them to set this field and therefore CIS would create a BIG-IP VS, but Azure would not create an additional (and unused, costly) Azure LB.

[mdditt2000]

Resolved in CIS 2.18 - https://clouddocs.f5.com/containers/latest/reference/release-notes.html