-
Notifications
You must be signed in to change notification settings - Fork 84
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace NLBs on subnets change #610
base: master
Are you sure you want to change the base?
Conversation
289170c
to
d198079
Compare
d198079
to
86e397e
Compare
👍 |
Need to properly test it in a cluster before this is ready. |
15951e8
to
f6a593f
Compare
This change doesn't yet work correctly. The problem is that when subnets are changed then the existing NLB stacks are updated with new subnets which is not possible and leads to those stack going into Rollback, this way they can't be successfully decommissioned. Solution is to ensure that once an NLB stack is created the subnets are never changed on updates. I will work on this when I find the time 😅 |
f6a593f
to
65c2868
Compare
4e96ce2
to
b29c0d3
Compare
Signed-off-by: Mikkel Oscar Lyderik Larsen <mikkel.larsen@zalando.de>
Signed-off-by: Mikkel Oscar Lyderik Larsen <mikkel.larsen@zalando.de>
Signed-off-by: Mikkel Oscar Lyderik Larsen <mikkel.larsen@zalando.de>
b29c0d3
to
fceb0ed
Compare
This implements an implicit feature to migrate NLBs when the subnets specified for the NLB changes.
This is done because for NLBs you can't change the subnets once the NLB has been created. This is unlike ALBs where you can freely change the subnets (and wait up to a week for it to take affect 🤷). This enables simple migration between subnets with the assumption that it's no problem to replace an NLB with a new one.
The way this works is that during the sync it checks if the existing managed NLBs have the subnets in sync. If not the NLB stack is ignored and the ingresses that were previously mapped to the NLB stack will now be mapped to a new one. The old NLB stack will become "empty" and after 1 hour (default) it will be cleaned up.