cloud-provider-aws icon indicating copy to clipboard operation
cloud-provider-aws copied to clipboard

Published 20 hours ago verified publisher icon kubernetes

Dual-Stack support for NLB

Open rastislavs opened this issue 2 years ago • 7 comments

What would you like to be added: Support for dual-stack NLB LoadBalancer services. Already asked for in https://github.com/kubernetes/cloud-provider-aws/issues/243 before, but it seems not implemented.

Why is this needed:

IPv4/IPv6 dual-stack feature is stable as of k8s 1.23. NLBs should be deployed with dual-stack / ipv6 enabled if indicated in spec.ipFamilyPolicy & spec.ipFamilies.

/kind feature

rastislavs avatar Aug 28 '22 20:08 rastislavs

@rastislavs: This issue is currently awaiting triage.

If cloud-provider-aws contributors determine this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

k8s-ci-robot avatar Aug 28 '22 20:08 k8s-ci-robot

I do not believe the NLB support in CCM will be worked on further. Instead AWS load balancer controller should be used to provision such NLBs.

olemarkus avatar Aug 31 '22 09:08 olemarkus

Actually, it looks like a very small change is needed. I am willing to contribute that if it still can be accepted.

rastislavs avatar Aug 31 '22 20:08 rastislavs

Sure.

olemarkus avatar Sep 01 '22 17:09 olemarkus

@rastislavs, we already support dual-stack NLB/ IPv6 clusters via the external AWS Load Balancer controller - https://github.com/kubernetes-sigs/aws-load-balancer-controller/. Is there any reason you are unable to use the external controller?

kishorj avatar Sep 01 '22 20:09 kishorj

Is there any reason you are unable to use the external controller?

One of the reasons may be the complexity / missing documentation on how does the Cloud-Provider-AWS relate and deploys together with the AWS-Load-Balancer-Controller, so that the two controllers do not interfere etc. Given the existence of the https://github.com/kubernetes/cloud-provider-aws/issues/203 it seems that I am not the only one who is missing this clarification in the docs / READMEs.

My point is that if somebody is running a k8s cluster with Cloud-Provider-AWS and the existing capabilities are in general sufficient for them, then they would expect dual-stack to work as well (as it is now GA in upstream k8s). The change for adding that support is not big at all: https://github.com/kubernetes/cloud-provider-aws/pull/497

rastislavs avatar Sep 07 '22 07:09 rastislavs

I think the confusion between LBC and CCM need to be resolved sometime soon. CCMs in general sort of requires a service controller, and if it's discouraged to use NLBs with the CCM service controller then perhaps LBC should be considered a part of CCM (at least the NLB part). And the CCM instructions should advice installing LBC or even bundle it.

This also takes care of an issue where CCM is required to provide load balancers for services that have no class defined, while many users would appreciate that LBC provides the default implementation.

olemarkus avatar Sep 07 '22 07:09 olemarkus

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Dec 06 '22 07:12 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot avatar Jan 05 '23 08:01 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

k8s-triage-robot avatar Feb 04 '23 08:02 k8s-triage-robot

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

k8s-ci-robot avatar Feb 04 '23 08:02 k8s-ci-robot

I think the confusion between LBC and CCM need to be resolved sometime soon. CCMs in general sort of requires a service controller, and if it's discouraged to use NLBs with the CCM service controller then perhaps LBC should be considered a part of CCM (at least the NLB part). And the CCM instructions should advice installing LBC or even bundle it.

I was likewise confused by this today. Should LBC be integrated into CCM? The LBC does both NLBs (for Services) and ALBs (for Ingresses), but many users will already be running a different Ingress controller, and just need the load balancer created.

I'd personally suggest the NLB functionality is moved out of the LBC into the CCM.

As an aside, there is also an ACK controller that creates/manages ELBs. AWS have far too many ways to manage the same resources.

james-callahan avatar Mar 05 '23 23:03 james-callahan