You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|default-tags | stringMap | | AWS Tags that will be applied to all AWS resources managed by this controller. Specified Tags takes highest priority |
76
76
|default-ssl-policy | string | ELBSecurityPolicy-2016-08 | Default SSL Policy that will be applied to all Ingresses or Services that do not have the SSL Policy annotation |
77
+
|default-tags | stringMap | | AWS Tags that will be applied to all AWS resources managed by this controller. Specified Tags takes highest priority |
77
78
|[disable-ingress-class-annotation](#disable-ingress-class-annotation) | boolean | false | Disable new usage of the `kubernetes.io/ingress.class` annotation |
78
79
|[disable-ingress-group-name-annotation](#disable-ingress-group-name-annotation) | boolean | false | Disallow new use of the `alb.ingress.kubernetes.io/group.name` annotation |
80
+
|disable-restricted-sg-rules | boolean | false | Disable the usage of restricted security group rules |
81
+
|enable-backend-security-group | boolean | true | Enable sharing of security groups for backend traffic |
82
+
|enable-endpoint-slices | boolean | false | Use EndpointSlices instead of Endpoints for pod endpoint and TargetGroupBinding resolution for load balancers with IP targets. |
79
83
|enable-leader-election | boolean | true | Enable leader election for the load balancer controller manager. Enabling this will ensure there is only one active controller manager |
80
84
|enable-pod-readiness-gate-inject | boolean | true | If enabled, targetHealth readiness gate will get injected to the pod spec for the matching endpoint pods |
|external-managed-tags | stringList | | AWS Tag keys that will be managed externally. Specified Tags are ignored during reconciliation |
85
89
|[feature-gates](#feature-gates) | stringMap | | A set of key=value pairs to enable or disable features |
90
+
|health-probe-bind-addr | string | :61779 | The address the health probes binds to |
86
91
|ingress-class | string | alb | Name of the ingress class this controller satisfies |
87
92
|ingress-max-concurrent-reconciles | int | 3 | Maximum number of concurrently running reconcile loops for ingress |
88
93
|kubeconfig | string | in-cluster config | Path to the kubeconfig file containing authorization and API server information |
@@ -94,7 +99,6 @@ Currently, you can set only 1 namespace to watch in this flag. See [this Kuberne
94
99
|sync-period | duration | 1h0m0s | Period at which the controller forces the repopulation of its local object stores|
95
100
|targetgroupbinding-max-concurrent-reconciles | int | 3 | Maximum number of concurrently running reconcile loops for targetGroupBinding |
96
101
|targetgroupbinding-max-exponential-backoff-delay | duration | 16m40s | Maximum duration of exponential backoff for targetGroupBinding reconcile failures |
97
-
|enable-endpoint-slices | boolean | false | Use EndpointSlices instead of Endpoints for pod endpoint and TargetGroupBinding resolution for load balancers with IP targets. |
98
102
|watch-namespace | string | | Namespace the controller watches for updates to Kubernetes objects, If empty, all namespaces are watched. |
99
103
|webhook-bind-port | int | 9443 | The TCP port the Webhook server binds to |
100
104
|webhook-cert-dir | string | /tmp/k8s-webhook-server/serving-certs | The directory that contains the server key and certificate |
0 commit comments