Allow the kubernetes.io/cluster tag to be either shared or owned

bigkraig · bigkraig · commit 16ed0cf02279 · 2018-07-12T19:02:57.000-07:00
diff --git a/docs/setup.md b/docs/setup.md
@@ -24,12 +24,12 @@ The controller determines subnets to deploy each ALB to based on an annotation o
 ##### Via tags on the subnets
 When subnet annotations are not present, the controller will attempt to choose the best subnets for deploying the ALBs. It uses the following tag criteria to determine the subnets it should use.
 
-* `kubernetes.io/cluster/$CLUSTER_NAME: = "shared"` `$CLUSTER_NAME` must match the `CLUSTER_NAME` environment variable on the controller.
+- `kubernetes.io/cluster/$CLUSTER_NAME` equal to `shared` or `owned`. `$CLUSTER_NAME` must match the `CLUSTER_NAME` environment variable on the controller.
 
 And one of the following:
 
-* `kubernetes.io/role/internal-elb: ""` For internal load balancers
-* `kubernetes.io/role/elb = ""` For internet-facing load balancers
+- `kubernetes.io/role/internal-elb: ""` For internal load balancers
+- `kubernetes.io/role/elb = ""` For internet-facing load balancers
 
 ### Security Group Selection
 
diff --git a/pkg/aws/albec2/ec2.go b/pkg/aws/albec2/ec2.go
@@ -30,8 +30,7 @@ const (
 	ManagedByKey     = "ManagedBy"
 	ManagedByValue   = "alb-ingress"
 
-	tagNameCluster  = "kubernetes.io/cluster"
-	tagValueCluster = "shared"
+	tagNameCluster = "kubernetes.io/cluster"
 
 	tagNameSubnetInternalELB = "kubernetes.io/role/internal-elb"
 	tagNameSubnetPublicELB   = "kubernetes.io/role/elb"
@@ -775,11 +774,11 @@ func ClusterSubnets(scheme *string, clusterName string, resources *albrgt.Resour
 
 	if len(useableSubnets) < 2 {
 		return nil, fmt.Errorf("Retrieval of subnets failed to resolve 2 qualified subnets. Subnets must "+
-			"contain the %s/%s tag with a value of %s and the %s tag signifying it should be used for ALBs "+
+			"contain the %s/%s tag with a value of shared or owned and the %s tag signifying it should be used for ALBs "+
 			"Additionally, there must be at least 2 subnets with unique availability zones as required by "+
 			"ALBs. Either tag subnets to meet this requirement or use the subnets annotation on the "+
 			"ingress resource to explicitly call out what subnets to use for ALB creation. The subnets "+
-			"that did resolve were %v.", tagNameCluster, clusterName, tagValueCluster, tagNameSubnetInternalELB,
+			"that did resolve were %v.", tagNameCluster, clusterName, tagNameSubnetInternalELB,
 			log.Prettify(useableSubnets))
 	}
 
diff --git a/pkg/aws/albrgt/rgt.go b/pkg/aws/albrgt/rgt.go
@@ -59,6 +59,10 @@ func (r *RGT) GetResources(clusterName *string) (*Resources, error) {
 					Key:    aws.String("kubernetes.io/role/internal-elb"),
 					Values: []*string{aws.String("")},
 				},
+				&resourcegroupstaggingapi.TagFilter{
+					Key:    aws.String("kubernetes.io/cluster/" + *clusterName),
+					Values: []*string{aws.String("owned"), aws.String("shared")},
+				},
 			},
 		},
 		&resourcegroupstaggingapi.GetResourcesInput{
@@ -70,6 +74,10 @@ func (r *RGT) GetResources(clusterName *string) (*Resources, error) {
 					Key:    aws.String("kubernetes.io/role/elb"),
 					Values: []*string{aws.String("")},
 				},
+				&resourcegroupstaggingapi.TagFilter{
+					Key:    aws.String("kubernetes.io/cluster/" + *clusterName),
+					Values: []*string{aws.String("owned"), aws.String("shared")},
+				},
 			},
 		},
 		&resourcegroupstaggingapi.GetResourcesInput{
@@ -79,7 +87,7 @@ func (r *RGT) GetResources(clusterName *string) (*Resources, error) {
 			TagFilters: []*resourcegroupstaggingapi.TagFilter{
 				&resourcegroupstaggingapi.TagFilter{
 					Key:    aws.String("kubernetes.io/cluster/" + *clusterName),
-					Values: []*string{aws.String("owned")},
+					Values: []*string{aws.String("owned"), aws.String("shared")},
 				},
 			},
 		},
