Skip to content

Instantly share code, notes, and snippets.

@leoxlin

leoxlin/ALB-subnet-discovery.md

Last active August 6, 2024 16:32
Show Gist options
  • Save leoxlin/07d45c2589a8af38a963c813a2e855ea to your computer and use it in GitHub Desktop.
Save leoxlin/07d45c2589a8af38a963c813a2e855ea to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ALB-subnet-discovery.md

Is your feature request related to a problem?

The current reconcile system does not go through subnet auto-discovery after ALB creation. Due to an internal issue we had some subnets run out of IP addresses. According to the docs we saw that the controller only considers subnets with at least eight available IP addresses. This caused ALBs that were created during our internal issue to be missing AZs.

We tried to restart the aws-load-balancer-controller pod to trigger a reconcile but we found that the controller only ran auto-discovery when the the ALB is created.

We couldn't find a way to trigger a reconcile to fix this. Fortunately all of the ALBs created were in our staging environment so we were able to delete the ALB and have the controller recreate them. However we are concerned about the process of restoring this in production.

Describe the solution you'd like

  • We would like to see this behavior (subnet auto-discovery only happens on ALB create) documented in the subnet auto-discovery documentation.
  • We would like to see a native way to force auto-discovery to run on every reconcile. Perhaps, an annotation like alb.ingress.kubernetes.io/subnet-discovery-strategy=always|create

Describe alternatives you've considered

  • We deleted the ALB to get them to reconcile but we cannot use this option in production as it will result in downtime
  • We also considered modifying the created ALB manually but decided against that option

Versions

We run aws-load-balancer-controller 2.7.1 on our EKS cluster with K8S version 1.28

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment