Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature request]: Declarative defaults for subnets selected when there are multiple qualified #4046

Open
devopsjourney1 opened this issue Feb 12, 2025 · 4 comments · May be fixed by #4083
Open

[Feature request]: Declarative defaults for subnets selected when there are multiple qualified #4046

devopsjourney1 opened this issue Feb 12, 2025 · 4 comments · May be fixed by #4083
Assignees
@1mwataru
Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature.

Comments

@devopsjourney1
Copy link

devopsjourney1 commented Feb 12, 2025
edited
Loading

Describe the feature you are requesting

The ability the set default subnets that AWS Loadbalancer chooses, when there are multiple subnets to choose from.

Motivation

We have EKS clusters that span multiple subnets for different functions. e.g. Application, Database, Proxies etc. Most of our services are configured with an annotation, so they choose the correct subnet, but occasionally a service slips by without this annotation. This causes AWS loadbalancer controller to choose a subnet for the service in less then desirable fashion, as described here:
https://github.com/kubernetes-sigs/aws-load-balancer-controller/blob/57472c44170f0f75df67bb5b6e83b75a2db03231/docs/deploy/subnet_discovery.md?plain=1#L5C63-L6C25

Describe the proposed solution you'd like

Make it so we can configure a flag for "default" subnets that it selects. e.g. if you have the following subnets

subnet-a
subnet-b
subnet-c
subnet-d

you could choose subnet-c, subnet-d to be assigned as the subnets. Applications that would like to use subnet-a and subnet-b could do so by using the aws-load-balancer-subnets annotation

Describe alternatives you've considered

If this feature cannot be created, likely we will look into enforcing all service objects to declare the aws-load-balancer-subnets annotation via a policy tool like Kyverno

Contribution Intention (Optional)

-[ ] Yes, I am willing to contribute a PR to implement this feature
-[x] No, I cannot work on a PR at this time
@devopsjourney1 devopsjourney1 changed the title More control on the selected subnets [Feature request]: Declarative defaults for subnets selected when there are multiple qualified Feb 12, 2025
@shraddhabang
Copy link
Collaborator

@devopsjourney1 Hey thanks for reaching out to us. I think this is a fair ask. Any community contributions are welcome for this.

@shraddhabang shraddhabang added kind/feature Categorizes issue or PR as related to a new feature. good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. labels Feb 12, 2025
@1mwataru
Copy link

@shraddhabang (cc @devopsjourney1)

I'm planning to work on this Issue.

Currently, I'm thinking of adding a --default-subnets option where we can specify desired subnets in an array to meet this requirement.

I expect that this option may receive both public and private subnets, or sometimes just one AZ's subnets.
For these cases, I'm currently considering the following behavior:

  • Pick the appropriate subnets from --default-subnets based on whether the ELB scheme is internet-facing or internal

    • For internet-facing, select public subnets from those specified; for internal, pick private subnets

  • If only one AZ's subnets remains after the above selection, pick the remaining required subnets from tagged subnets in lexicographical order (same as current behavior)

Please let me know if you have any thoughts on the proposed behavior or if you have any better suggestions.
Also, could you please assign this to me?

@devopsjourney1
Copy link
Author

@shraddhabang (cc @devopsjourney1)

I'm planning to work on this Issue.

Currently, I'm thinking of adding a --default-subnets option where we can specify desired subnets in an array to meet this requirement.

I expect that this option may receive both public and private subnets, or sometimes just one AZ's subnets. For these cases, I'm currently considering the following behavior:

  • Pick the appropriate subnets from --default-subnets based on whether the ELB scheme is internet-facing or internal

    • For internet-facing, select public subnets from those specified; for internal, pick private subnets

  • If only one AZ's subnets remains after the above selection, pick the remaining required subnets from tagged subnets in lexicographical order (same as current behavior)

Please let me know if you have any thoughts on the proposed behavior or if you have any better suggestions. Also, could you please assign this to me?

This behavior would work for me. Thank you.

@1mwataru
Copy link

1mwataru commented Mar 3, 2025

/assign

@1mwataru 1mwataru linked a pull request Mar 10, 2025 that will close this issue
Open
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@1mwataru 1mwataru

Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: add --default-subnets option 1mwataru/aws-load-balancer-controller
3 participants
@shraddhabang @devopsjourney1 @1mwataru