Comments (20)
@ykzj This is about Security Groups for nodes, which are being applied/managed by k8s to support loadBalancerSourceRanges
.
from cloud-provider-aws.
NLB is not supporting security group now.
from cloud-provider-aws.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
from cloud-provider-aws.
/remove-lifecycle stale
from cloud-provider-aws.
I'm also facing this. Moreover, I'm getting duplicate rules -- one set of rules for 0.0.0.0/0
and another identical set for my VPC CIDR.
What can I do to help troubleshoot?
EDIT: This appears to have corrected itself after I removed the service and the NLB and then re-created the service. I still have duplicates though.
from cloud-provider-aws.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
from cloud-provider-aws.
/remove-lifecycle stale
from cloud-provider-aws.
/assign
from cloud-provider-aws.
/priority important-soon
from cloud-provider-aws.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
from cloud-provider-aws.
/remove-lifecycle stale
from cloud-provider-aws.
I'm also being affected by this as the NLB needs to be recreated for the changes to take effect.
from cloud-provider-aws.
Facing the same issue. I have also tried to force a recreation of the NLB, but no luck on SG update
from cloud-provider-aws.
@larsrnielsen what's the k8s version used? the original issue should have already been addressed by https://github.com/kubernetes/kubernetes/pull/74692/files
from cloud-provider-aws.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
from cloud-provider-aws.
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten
from cloud-provider-aws.
/close
Please reopen this issue if its not fixed by kubernetes/kubernetes#74692
from cloud-provider-aws.
@nckturner: Closing this issue.
In response to this:
/close
Please reopen this issue if its not fixed by kubernetes/kubernetes#74692
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
from cloud-provider-aws.
I'm still facing this issue in k8s 1.24
Server Version: version.Info{Major:"1", Minor:"24+", GitVersion:"v1.24.10-eks-48e63af", GitCommit:"9176fb99b52f8d5ff73d67fea27f3a638f679f8a", GitTreeState:"clean", BuildDate:"2023-01-24T19:17:48Z", GoVersion:"go1.19.5", Compiler:"gc", Platform:"linux/amd64"}
We have a loadbalancer service where we set loadBalancerSourceRanges
, but the updates to this list don't propagate to the SG. Recreating the service is not an option for us, especially in production. Can we reopen this?
/reopen
from cloud-provider-aws.
@pasdam: You can't reopen an issue/PR unless you authored it or you are a collaborator.
In response to this:
I'm still facing this issue in k8s 1.24
Server Version: version.Info{Major:"1", Minor:"24+", GitVersion:"v1.24.10-eks-48e63af", GitCommit:"9176fb99b52f8d5ff73d67fea27f3a638f679f8a", GitTreeState:"clean", BuildDate:"2023-01-24T19:17:48Z", GoVersion:"go1.19.5", Compiler:"gc", Platform:"linux/amd64"}
We have a loadbalancer service where we set
loadBalancerSourceRanges
, but the updates to this list don't propagate to the SG. Recreating the service is not an option for us, especially in production. Can we reopen this?/reopen
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
from cloud-provider-aws.
Related Issues (20)
- Newly autoscaled worker-nodes not added to the targets of Network Loadbalancer. HOT 5
- Please ignore (created by mistake) HOT 3
- Fork the tagging controller into generic node customization controller HOT 3
- TalosOSv1.5.5: AWS CCM can't find the instance via the API so it can't configure the nodes in peer region HOT 5
- Website does not have the correct trademark disclaimer HOT 7
- GitHub repository does not link to the project website url HOT 5
- AWS CCM DockerFile build for more than one platform HOT 11
- cloud-provider-aws does not Prefer CLI Arguments for Configuring Kubernetes HOT 7
- Improve documentation HOT 6
- GitHub releases for latest tags missing HOT 5
- NLB does not map to manual EndpointSlice HOT 4
- label nodes with the name of the autoscaling group they belong to (if they belong to one) HOT 11
- Multiple ENIs is confusing cloud-provider-aws controller HOT 5
- Karpenter does not terminate instances in Pending state HOT 5
- DeviceIndex is not respected when processing multiple network interfaces on a node HOT 3
- Service controller doesn't populate TargetGroups HOT 1
- aws cloud controller manager is unable to manage the nodes in cluster HOT 5
- Switch to aws-sdk-go-v2 vendored library HOT 6
- Deprecate and remove AWS cloud-controller-manager Helm Chart HOT 15
- Support Region for DescribeInstance Call HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cloud-provider-aws.