Merge branch 'kubernetes-sigs:main' into main

docs/guide/integrations/external_dns.md

@@ -3,7 +3,7 @@
 
 ## Prerequisites
 ### Role Permissions
-Adequate roles and policies must be configured in AWS and available to the node(s) running the external-dns. See https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md#iam-permissions.
+Adequate roles and policies must be configured in AWS and available to the node(s) running the external-dns. See [external-dns tutorial](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md#iam-permissions).
 
 ## Installation
 1. Download sample `external-dns` manifest
@@ -51,7 +51,6 @@ Adequate roles and policies must be configured in AWS and available to the node(
 
     ```yaml
     annotations:
-      kubernetes.io/ingress.class: alb
       alb.ingress.kubernetes.io/scheme: internet-facing
 
       # external-dns specific configuration for creating route53 record-set

helm/aws-load-balancer-controller/README.md

@@ -269,3 +269,4 @@ The default values set by the application itself can be confirmed [here](https:/
 | `enableServiceMutatorWebhook`                 | If `false`, disable the Service Mutator webhook which makes all new services of type LoadBalancer reconciled by the lb controller                                                                                                                                              | `true`                                           |
 | `autoscaling`                 | If `autoscaling.enabled=true`, enable the HPA on the controller mainly to survive load induced failure by the calls to the `aws-load-balancer-webhook-service`. Please keep in mind that the controller pods have `priorityClassName: system-cluster-critical`, enabling HPA may lead to the eviction of other low-priority pods in the node                                                                                                                                              | `false`                                           |
 | `serviceTargetENISGTags`                 | set of `key=value` pairs of AWS tags in addition to cluster name for finding the target ENI security group to which to add inbound rules from NLBs                                                                                                                                            | None                                          |
+| `loadBalancerClass`                   | Sets the AWS load balancer type to be used when the Kubernetes service requests an external load balancer                                                                                                                       | `service.k8s.aws/nlb`                                           |

helm/aws-load-balancer-controller/templates/deployment.yaml

@@ -162,6 +162,9 @@ spec:
         {{- if .Values.certDiscovery.allowedCertificateAuthorityARNs }}
         - --allowed-certificate-authority-arns={{ .Values.certDiscovery.allowedCertificateAuthorityARNs }}
         {{- end }}
+        {{- if .Values.loadBalancerClass }}
+        - --load-balancer-class={{ .Values.loadBalancerClass }}
+        {{- end }}
         {{- if or .Values.env .Values.envSecretName }}
         env:
         {{- if .Values.env}}

helm/aws-load-balancer-controller/values.yaml

@@ -391,3 +391,6 @@ enableServiceMutatorWebhook: true
 
 # serviceTargetENISGTags specifies AWS tags, in addition to the cluster tags, for finding the target ENI SG to which to add inbound rules from NLBs.
 serviceTargetENISGTags:
+
+# Specifies the class of load balancer to use for services. This affects how services are provisioned if type LoadBalancer is used (default service.k8s.aws/nlb)
+loadBalancerClass: