diff --git a/stable/aws-load-balancer-controller/Chart.yaml b/stable/aws-load-balancer-controller/Chart.yaml index 40c596090..93d892dd6 100644 --- a/stable/aws-load-balancer-controller/Chart.yaml +++ b/stable/aws-load-balancer-controller/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 name: aws-load-balancer-controller description: AWS Load Balancer Controller Helm chart for Kubernetes -version: 1.8.4 -appVersion: v2.8.3 +version: 1.9.0 +appVersion: v2.9.0 home: https://github.com/aws/eks-charts icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/stable/aws-load-balancer-controller/README.md b/stable/aws-load-balancer-controller/README.md index 32c9c06db..180e50c08 100644 --- a/stable/aws-load-balancer-controller/README.md +++ b/stable/aws-load-balancer-controller/README.md @@ -223,6 +223,7 @@ The default values set by the application itself can be confirmed [here](https:/ | `ingressMaxConcurrentReconciles` | Maximum number of concurrently running reconcile loops for ingress | None | | `logLevel` | Set the controller log level - info, debug | None | | `metricsBindAddr` | The address the metric endpoint binds to | "" | +| `webhookConfig.disableIngressValidation` | Disables the validation of resources of kind Ingress | None | | `webhookBindPort` | The TCP port the Webhook server binds to | None | | `webhookTLS.caCert` | TLS CA certificate for webhook (auto-generated if not provided) | "" | | `webhookTLS.cert` | TLS certificate for webhook (auto-generated if not provided) | "" | @@ -242,9 +243,9 @@ The default values set by the application itself can be confirmed [here](https:/ | `defaultSSLPolicy` | Specifies the default SSL policy to use for HTTPS or TLS listeners | None | | `externalManagedTags` | Specifies the list of tag keys on AWS resources that are managed externally | `[]` | | `livenessProbe` | Liveness probe settings for the controller | (see `values.yaml`) | -| `env` | Environment variables to set for aws-load-balancer-controller pod | None | -| `envFrom` | Environment variables to set for aws-load-balancer-controller pod from configMap or Secret | None | -| `envSecretName` | AWS credentials as environment variables from Secret (Secret keys `key_id` and `access_key`). | None | +| `env` | Environment variables to set for aws-load-balancer-controller pod | None | +| `envFrom` | Environment variables to set for aws-load-balancer-controller pod from configMap or Secret | None | +| `envSecretName` | AWS credentials as environment variables from Secret (Secret keys `key_id` and `access_key`). | None | | `hostNetwork` | If `true`, use hostNetwork | `false` | | `dnsPolicy` | Set dnsPolicy if required | `ClusterFirst` | | `extraVolumeMounts` | Extra volume mounts for the pod | `[]` | diff --git a/stable/aws-load-balancer-controller/crds/crds.yaml b/stable/aws-load-balancer-controller/crds/crds.yaml index 3fcd14ea4..e2d92380b 100644 --- a/stable/aws-load-balancer-controller/crds/crds.yaml +++ b/stable/aws-load-balancer-controller/crds/crds.yaml @@ -84,6 +84,36 @@ spec: - dualstack - dualstack-without-public-ipv4 type: string + listeners: + description: Listeners define a list of listeners with their protocol, + port and attributes. + items: + properties: + listenerAttributes: + description: The attributes of the listener + items: + description: Attributes defines custom attributes on resources. + properties: + key: + description: The key of the attribute. + type: string + value: + description: The value of the attribute. + type: string + required: + - key + - value + type: object + type: array + port: + description: The port of the listener + format: int32 + type: integer + protocol: + description: The protocol of the listener + type: string + type: object + type: array loadBalancerAttributes: description: LoadBalancerAttributes define the custom attributes to LoadBalancers for all Ingress that that belong to IngressClass with diff --git a/stable/aws-load-balancer-controller/templates/deployment.yaml b/stable/aws-load-balancer-controller/templates/deployment.yaml index 70fe8d5ca..da672ab34 100644 --- a/stable/aws-load-balancer-controller/templates/deployment.yaml +++ b/stable/aws-load-balancer-controller/templates/deployment.yaml @@ -170,7 +170,7 @@ spec: {{- if .Values.loadBalancerClass }} - --load-balancer-class={{ .Values.loadBalancerClass }} {{- end }} - {{- if or .Values.env .Values.envSecretName .Values.envFrom }} + {{- if or .Values.env .Values.envSecretName }} env: {{- if .Values.env}} {{- range $key, $value := .Values.env }} @@ -178,9 +178,6 @@ spec: value: "{{ $value }}" {{- end }} {{- end }} - {{- if .Values.envFrom }} - {{ .Values.envFrom | toYaml | nindent 8 }} - {{- end }} {{- if .Values.envSecretName }} - name: AWS_ACCESS_KEY_ID valueFrom: @@ -196,6 +193,10 @@ spec: optional: true {{- end }} {{- end }} + {{- if .Values.envFrom }} + envFrom: + {{- toYaml .Values.envFrom | nindent 10 }} + {{- end }} securityContext: {{- toYaml .Values.securityContext | nindent 10 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" diff --git a/stable/aws-load-balancer-controller/templates/hpa.yaml b/stable/aws-load-balancer-controller/templates/hpa.yaml index 2ce96ef42..68689ba66 100644 --- a/stable/aws-load-balancer-controller/templates/hpa.yaml +++ b/stable/aws-load-balancer-controller/templates/hpa.yaml @@ -1,5 +1,5 @@ {{- if .Values.autoscaling.enabled }} -{{- if (semverCompare ">=1.23-0" .Capabilities.KubeVersion.GitVersion)}} +{{- if (semverCompare ">=1.23-0" .Capabilities.KubeVersion.Version)}} apiVersion: autoscaling/v2 {{- else }} apiVersion: autoscaling/v2beta2 @@ -31,4 +31,4 @@ spec: {{- if .Values.autoscaling.autoscaleBehavior }} behavior: {{ toYaml .Values.autoscaling.autoscaleBehavior | nindent 4 }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/stable/aws-load-balancer-controller/templates/webhook.yaml b/stable/aws-load-balancer-controller/templates/webhook.yaml index 666770d0d..504f08ccb 100644 --- a/stable/aws-load-balancer-controller/templates/webhook.yaml +++ b/stable/aws-load-balancer-controller/templates/webhook.yaml @@ -181,6 +181,7 @@ webhooks: resources: - targetgroupbindings sideEffects: None +{{- if not $.Values.webhookConfig.disableIngressValidation }} - clientConfig: {{ if not $.Values.enableCertManager -}} caBundle: {{ $tls.caCert }} @@ -205,6 +206,7 @@ webhooks: resources: - ingresses sideEffects: None +{{- end }} --- {{- if not $.Values.enableCertManager }} apiVersion: v1 diff --git a/stable/aws-load-balancer-controller/test.yaml b/stable/aws-load-balancer-controller/test.yaml index 0a7b76080..e0dc7ef98 100644 --- a/stable/aws-load-balancer-controller/test.yaml +++ b/stable/aws-load-balancer-controller/test.yaml @@ -6,7 +6,7 @@ replicaCount: 2 image: repository: public.ecr.aws/eks/aws-load-balancer-controller - tag: v2.8.3 + tag: v2.9.0 pullPolicy: IfNotPresent imagePullSecrets: [] diff --git a/stable/aws-load-balancer-controller/values.yaml b/stable/aws-load-balancer-controller/values.yaml index 2e84dcf52..1be4b62d2 100644 --- a/stable/aws-load-balancer-controller/values.yaml +++ b/stable/aws-load-balancer-controller/values.yaml @@ -8,7 +8,7 @@ revisionHistoryLimit: 10 image: repository: public.ecr.aws/eks/aws-load-balancer-controller - tag: v2.8.3 + tag: v2.9.0 pullPolicy: IfNotPresent runtimeClassName: "" @@ -201,6 +201,10 @@ logLevel: # The address the metric endpoint binds to. (default ":8080") metricsBindAddr: "" +webhookConfig: + # disableIngressValidation disables the validation of resources of kind Ingress, false by default + disableIngressValidation: + # The TCP port the Webhook server binds to. (default 9443) webhookBindPort: @@ -282,10 +286,9 @@ env: # envSecretName: aws-secret # Use envFrom to set environment variables from a Secret or ConfigMap -envFrom: - # valueFrom: - # - secretKeyRef: - # name: aws-load-balancer-controller +# envFrom: +# - secretRef: +# name: my-secret # Specifies if aws-load-balancer-controller should be started in hostNetwork mode. # This is required if using a custom CNI where the managed control plane nodes are unable to initiate