aws-load-balancer-controller
aws-load-balancer-controller copied to clipboard
kubernetes-sigs
Cannot set the IPv6 addresses in dualstack mode during modification
Describe the bug
Changing the IP Address Type to dualstack (via annotation service.beta.kubernetes.io/aws-load-balancer-ip-address-type) with a provided list of IPv6 addresses (via annotation service.beta.kubernetes.io/aws-load-balancer-ipv6-addresses) is not being reflected (still using the randomly selected IP from IPv6 range). AWS Console gives the option to specify the IPv6 address. Creating instead of modifying the LoadBalancer, which works as expected.
Steps to reproduce
Initial Kubernetes service specification:
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io/aws-load-balancer-name: test
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*'
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
name: test
spec:
ports:
- name: http
port: 80
targetPort: http
- name: https
port: 443
targetPort: https
selector:
app.kubernetes.io/name: kubernetes-ingress
type: LoadBalancer
Migration to dualstack mode with specified IPv6 addresses
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io/aws-load-balancer-ip-address-type: dualstack
service.beta.kubernetes.io/aws-load-balancer-ipv6-addresses: <list of IPv6 addresses>
service.beta.kubernetes.io/aws-load-balancer-name: test
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*'
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-type: external
name: test
spec:
ports:
- name: http
port: 80
targetPort: http
- name: https
port: 443
targetPort: https
selector:
app.kubernetes.io/name: kubernetes-ingress
type: LoadBalancer
Expected outcome
IPv6 addresses specified in annotation service.beta.kubernetes.io/aws-load-balancer-ipv6-addresses should be taken in a dualstack mode.
Environment
- AWS Load Balancer controller version
2.8.0
- Kubernetes version
v1.27
- Using EKS (yes/no), if so version?
v1.27.13-eks-3af4770
Additional Context:
I haven't found any references during the update process to make it possible - https://github.com/kubernetes-sigs/aws-load-balancer-controller/blob/main/pkg/deploy/elbv2/load_balancer_manager.go#L88
Thanks for bringing this to our attention. We are currently working to reproduce this issue on our end
I can reproduce this issue. The reason the specified IPv6 address is not set because we are only checking subnetID to determine if we need to update SubnetMappings, we also need to check IPv6Address updates.
Hi @wweiwei-li , I would like to take this up if this is a good first issue for a newbie :)
Hey @witalisoft , I took another look at this issue. I think it is not a bug. Apologies for any confusion earlier.
You cannot change the IPv6 address for existing subnets. Otherwise, you will get an API error. AWS Console gives the option to specify the IPv6 address. I think that's because you are adding a new subnet. As for controller, if you add a new subnet, the subnet mapping will be updated as well since the SubnetIDs are changed (a new subnetID is added)
Please let me know if you have any questions.
Hello @wweiwei-li, you cannot change the address IPv6, when it is already been defined. The only option is to set the IPv6 address when changing the Load balancer IP address type ie. from IPv4 to dualstack, can this path be implemented ?
@witalisoft Yeah, I think allowing the setting of IPv6 address when changing Load balancer IP address type to dualstack is a valid case. I can work on a fix.
@wweiwei-li The PR was merged. Are there any blockers to close this issue?
@witalisoft Hey, No, we can close it. This PR was merged and will be included in an upcoming release. Thanks for waiting.