Skip to content

Commit

Permalink
Doc updates for mTLS feature and minor documentation bugs (#3547)
Browse files Browse the repository at this point in the history 
* Doc updates for mTLS feature and minor documentation bugs

* Addressing comment
  • Loading branch information
@shraddhabang
shraddhabang authored Jan 31, 2024
1 parent 4feff25 commit a95e471
Show file tree
Hide file tree
Showing 5 changed files with 94 additions and 57 deletions.
25 changes: 13 additions & 12 deletions docs/deploy/configurations.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,15 +161,16 @@ If running on EC2, the default values are obtained from the instance metadata se
### Feature Gates
They are a set of kye=value pairs that describe AWS load balance controller features. You can use it as flags `--feature-gates=key1=value1,key2=value2`
|Features-gate Supported Key | Type | Default Value | Description |
|---------------------------------------|---------------------------------|-----------------|-------------|
| ListenerRulesTagging | string | true | Enable or disable tagging AWS load balancer listeners and rules |
| WeightedTargetGroups | string | true | Enable or disable weighted target groups |
| ServiceTypeLoadBalancerOnly | string | false | If enabled, controller will be limited to reconciling service of type `LoadBalancer`|
| EndpointsFailOpen | string | true | Enable or disable allowing endpoints with `ready:unknown` state in the target groups. |
| EnableServiceController | string | true | Toggles support for `Service` type resources. |
| EnableIPTargetType | string | true | Used to toggle support for target-type `ip` across `Ingress` and `Service` type resources. |
| EnableRGTAPI | string | false | If enabled, the tagging manager will describe resource tags via RGT APIs, otherwise via ELB APIs. In order to enable RGT API, `tag:GetResources` is needed in controller IAM policy. |
| SubnetsClusterTagCheck | string | true | Enable or disable the check for `kubernetes.io/cluster/${cluster-name}` during subnet auto-discovery |
| NLBHealthCheckAdvancedConfiguration | string | true | Enable or disable advanced health check configuration for NLB, for example health check timeout |
| ALBSingleSubnet | string | false | If enabled, controller will allow using only 1 subnet for provisioning ALB, which need to get whitelisted by ELB in advance |
|Features-gate Supported Key | Type | Default Value | Description |
|---------------------------------------|---------------------------------|---------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ListenerRulesTagging | string | true | Enable or disable tagging AWS load balancer listeners and rules |
| WeightedTargetGroups | string | true | Enable or disable weighted target groups |
| ServiceTypeLoadBalancerOnly | string | false | If enabled, controller will be limited to reconciling service of type `LoadBalancer` |
| EndpointsFailOpen | string | true | Enable or disable allowing endpoints with `ready:unknown` state in the target groups. |
| EnableServiceController | string | true | Toggles support for `Service` type resources. |
| EnableIPTargetType | string | true | Used to toggle support for target-type `ip` across `Ingress` and `Service` type resources. |
| EnableRGTAPI | string | false | If enabled, the tagging manager will describe resource tags via RGT APIs, otherwise via ELB APIs. In order to enable RGT API, `tag:GetResources` is needed in controller IAM policy. |
| SubnetsClusterTagCheck | string | true | Enable or disable the check for `kubernetes.io/cluster/${cluster-name}` during subnet auto-discovery |
| NLBHealthCheckAdvancedConfiguration | string | true | Enable or disable advanced health check configuration for NLB, for example health check timeout |
| ALBSingleSubnet | string | false | If enabled, controller will allow using only 1 subnet for provisioning ALB, which need to get whitelisted by ELB in advance |
| NLBSecurityGroup | string | true | Enable or disable all NLB security groups actions including frontend sg creation, backend sg creation, and backend sg modifications |
2 changes: 1 addition & 1 deletion docs/deploy/installation.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,7 @@ We recommend using the Helm chart to install the controller. The chart supports
### Install `cert-manager`
```
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.5.4/cert-manager.yaml
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.12.3/cert-manager.yaml
```
### Apply YAML
Expand Down
Loading

0 comments on commit a95e471

Please sign in to comment.