Skip to content

Commit 1eb38a0

Browse files
notjameskishorj
notjames
and
kishorj
authored
implement dnsPolicy in aws-load-balancer-controller chart (#2324)
* add ability to set dnsPolicy in deployment Signed-off-by: Jim Conner <[email protected]> * updated test.yaml Signed-off-by: Jim Conner <[email protected]> * leaving default for dnspolicy set to blank to let k8s determine best default setting if not set in values.yaml Signed-off-by: Jim Conner <[email protected]> * fixed up per review suggestions. Use "if-then" instead of "with" expression for evaluation. Update README.md to be "ClusterFirst" instead of "Default" for dnsPolicy row. Signed-off-by: Jim Conner <[email protected]> * Update helm/aws-load-balancer-controller/test.yaml Co-authored-by: Kishor Joshi <[email protected]>
1 parent f736deb commit 1eb38a0

File tree

5 files changed

+21
-3
lines changed

5 files changed

+21
-3
lines changed

helm/aws-load-balancer-controller/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
apiVersion: v2
22
name: aws-load-balancer-controller
33
description: AWS Load Balancer Controller Helm chart for Kubernetes
4-
version: 1.3.2
4+
version: 1.3.3
55
appVersion: v2.3.0
66
home: https://github.com/aws/eks-charts
77
icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png

helm/aws-load-balancer-controller/README.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -202,6 +202,7 @@ The default values set by the application itself can be confirmed [here](https:/
202202
| `livenessProbe` | Liveness probe settings for the controller | (see `values.yaml`) |
203203
| `env` | Environment variables to set for aws-load-balancer-controller pod | None |
204204
| `hostNetwork` | If `true`, use hostNetwork | `false` |
205+
| `dnsPolicy` | Set dnsPolicy if required | `ClusterFirst` |
205206
| `extraVolumeMounts` | Extra volume mounts for the pod | `[]` |
206207
| `extraVolumes` | Extra volumes for the pod | `[]` |
207208
| `defaultTags` | Default tags to apply to all AWS resources managed by this controller | `{}` |
@@ -212,4 +213,4 @@ The default values set by the application itself can be confirmed [here](https:/
212213
| `enableEndpointSlices` | If enabled, controller uses k8s EndpointSlices instead of Endpoints for IP targets | `false` |
213214
| `enableBackendSecurityGroup` | If enabled, controller uses shared security group for backend traffic | `true` |
214215
| `backendSecurityGroup` | Backend security group to use instead of auto created one if the feature is enabled | `` |
215-
| `disableRestrictedSecurityGroupRules` | If disabled, controller will not specify port range restriction in the backend security group rules | `false` |
216+
| `disableRestrictedSecurityGroupRules` | If disabled, controller will not specify port range restriction in the backend security group rules | `false` |

helm/aws-load-balancer-controller/templates/deployment.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,9 @@ spec:
4646
{{- if .Values.hostNetwork }}
4747
hostNetwork: true
4848
{{- end }}
49+
{{- if .Values.dnsPolicy }}
50+
dnsPolicy: {{ .Values.dnsPolicy }}
51+
{{- end }}
4952
containers:
5053
- name: {{ .Chart.Name }}
5154
args:

helm/aws-load-balancer-controller/test.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -154,6 +154,13 @@ env:
154154
# recommended if using the Amazon VPC CNI plugin.
155155
hostNetwork: false
156156

157+
# Specifies the dnsPolicy that should be used for pods in the deployment
158+
#
159+
# This may need to be used to be changed given certain conditions. For instance, if one uses the cilium CNI
160+
# with certain settings, one may need to set `hostNetwork: true` and webhooks won't work unless `dnsPolicy`
161+
# is set to `ClusterFirstWithHostNet`. See https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
162+
dnsPolicy:
163+
157164
# extraVolumeMounts are the additional volume mounts. This enables setting up IRSA on non-EKS Kubernetes cluster
158165
extraVolumeMounts:
159166
- name: aws-iam-token

helm/aws-load-balancer-controller/values.yaml

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -184,6 +184,13 @@ env:
184184
# recommended if using the Amazon VPC CNI plugin.
185185
hostNetwork: false
186186

187+
# Specifies the dnsPolicy that should be used for pods in the deployment
188+
#
189+
# This may need to be used to be changed given certain conditions. For instance, if one uses the cilium CNI
190+
# with certain settings, one may need to set `hostNetwork: true` and webhooks won't work unless `dnsPolicy`
191+
# is set to `ClusterFirstWithHostNet`. See https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
192+
dnsPolicy:
193+
187194
# extraVolumeMounts are the additional volume mounts. This enables setting up IRSA on non-EKS Kubernetes cluster
188195
extraVolumeMounts:
189196
# - name: aws-iam-token
@@ -224,4 +231,4 @@ enableBackendSecurityGroup:
224231
backendSecurityGroup:
225232

226233
# disableRestrictedSecurityGroupRules specifies whether to disable creating port-range restricted security group rules for traffic
227-
disableRestrictedSecurityGroupRules:
234+
disableRestrictedSecurityGroupRules:

0 commit comments

Comments
 (0)