Reputation: 1496
AWS all annotations not applied
I am using a yaml config to create a network load balancer in AWS using kubectl. The load balancer is created successfully and the target groups are attached correctly.
As the part of settings, I have passed annotations required for AWS, but all annotations are not applied when looking at the Load Balancer in aws console.
The name is not getting set and the load balancer logs are not enabled. I get a load balancer with random alphanumeric name.
apiVersion: v1
kind: Service
metadata:
name: test-nlb-service
annotations:
service.beta.kubernetes.io/aws-load-balancer-name: test-nlb # not set
service.beta.kubernetes.io/aws-load-balancer-type: nlb
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy: ELBSecurityPolicy-2016-08
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:eu-central-1:***********:certificate/*********************
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "tcp,http"
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: 443,8883
service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "environment=dev,app=test, name=test-nlb-dev"
service.beta.kubernetes.io/aws-load-balancer-access-log-enabled: "true" # not set
service.beta.kubernetes.io/aws-load-balancer-access-log-emit-interval: "15" # not set
service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-name: "random-bucket-name" # not set
service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-prefix: "random-bucket-name/dev/test-nlb-dev" # not set
labels:
app: test
spec:
ports:
- name: mqtt
protocol: TCP
port: 443
targetPort: 8080
- name: websocket
protocol: TCP
port: 8883
targetPort: 1883
type: LoadBalancer
selector:
app: test
If anyone can point what could be the issue here ? I am using kubectl v1.19 and Kubernetes v1.19
Upvotes: 5
Views: 2405
Answers (2)
Reputation: 5135
There are 2 Kubernetes Controllers that touch annotations of the form
service.beta.kubernetes.io/aws-load-balancer-*
One is built into kubernetes aws-cloud-controller-manager
(and runs on the EKS masters, so you can't see it.)
The other is a kubernetes add-on called aws-load-balancer-controller
(If you don't have this installed they'll be ignored, so basically if you install it per https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/deploy/installation/ your issue should be resolved.)
https://www.doit.com/demystifying-the-kubernetes-aws-lb-controller/
Explains the topic in depth, should be a good resource.
(disclaimer: I am the author of the linked article. Also fun fact, this and a few other posts inspired me to write it.)
Upvotes: 1
Reputation: 13300
I think this is a version problem. I assume you are running the in-tree cloud controller and not an external one (see here).
The annotation service.beta.kubernetes.io/aws-load-balancer-name is not present even in the master branch of kubernetes.
That does not explain why the other annotations do not work though. In fact here you can see what annotations are supported by kubernetes 1.19.12 and the others you mentioned are not working are listed in the sources.
You might find more information in the controller-manager logs.
My suggestion is to disable the in-tree cloud controller in controller manager and run the standalone version.
Upvotes: 3
Related Questions
- k8s service annotations not working on AWS LB
- Kubernetes annotations are not applied
- AWS EC2 unable to access EKS
- Kubectl is not working on AWS EC2 instance
- ALB Ingress Kubernetes security group annotation is not working
- AWS EKS kubectl - No resources found in default namespace
- AWS ALB not resolving
- K8s service type ELB stuck at inprogress
- aws load-balancer is not registered with instances
- Amazon Kubernetes AWS-EKS is not getting created properly or not synched with kubectl