Skip to content

Releases: kubernetes-sigs/aws-load-balancer-controller

v2.4.2

25 May 00:41
@M00nF1sh M00nF1sh
v2.4.2
77370be
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.4.2

v2.4.2 (requires Kubernetes 1.19+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.4.2

Thanks to all our contributors! 😊

What's new

  • This is a version with minimal changes which merely upgrade the base container image and Golang version.

Changelog since v2.4.1

ECR images

  • 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 590381155156.dkr.ecr.eu-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.ap-northeast-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 877085696533.dkr.ecr.af-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.2
  • 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.4.2
  • 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.4.2

Contributors

M00nF1sh
Loading

v2.4.1

17 Mar 00:44
@kishorj kishorj
v2.4.1
c4471de
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.4.1

v2.4.1 (requires Kubernetes 1.19+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.4.1

Thanks to all our contributors! 😊

Action Required

🚨 🚨 🚨 The new HelmChart(version 1.4.1) and installation YAML for v2.4.1+ no longer contain the RBAC permission for controller to access Secret resources by default.

  • If you don't use the authentication via OIDC IDP feature for any Ingresses in cluster, no action is needed.
  • If you do use the authentication via OIDC IDP feature for any Ingress in cluster, you must grant the controller RBAC permission to access Secret resources been referenced. For backwards compatibility, the helm chart provides an option to grant controller RBAC permission to access all Secrets by explicitly setting --set clusterSecretsPermissions.allowAllSecrets=true. However, we recommend configuring separate namespaced Role/RoleBinding to grant controller access to your specific secret resources to strengthen security posture.

What's new

  1. Introduce a new featureGate named EndpointsFailOpen: Once enabled, when all eligible nodes get into "ready: unknown" state due to misconfiguration or outage, the controller will ensure fault-tolerance by registering nodes/pods in unknown state as targets to let load balancer still able to handle traffic. This featureGate is not enabled by default in this version and can be enabled via the controller flag --feature-gates=EndpointsFailOpen=true.
  2. The controller will no longer require permissions for all Secret resources. If the authentication via OIDC IDP feature is used, you must grant the controller RBAC permission to access the referenced Secret resources.

Bug fixes

  1. Fix issue with certificates reconcile so the controller can recover from TooManyCertificates error
  2. Fix race condition between pod readiness gate inject and ingress model update
  3. Restrict webhook server to TLS 1.3
  4. Monitor secrets only if necessary
  5. documentation changes

Changelog since v2.4.0

ECR images

  • 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 590381155156.dkr.ecr.eu-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.ap-northeast-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 877085696533.dkr.ecr.af-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.1
  • 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.4.1
  • 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.4.1

Contributors

olemarkus, adammw, and 5 other contributors
Loading

v2.4.0

16 Feb 19:07
@kishorj kishorj
v2.4.0
8ba92d6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.4.0

v2.4.0 (requires Kubernetes 1.19+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.4.0

Thanks to all our contributors! 😊

Note

This release uses the new Ingress API version networking.k8s.io/v1 available in kubernetes 1.19 and later releases. As a result, the v2.4.0 and later releases of the aws-load-balancer-controller will not support kubernetes 1.18 and older versions. If you are running the older k8s version, you can either upgrade your cluster or use the v2.3.x version of the controller.

IMPORTANT If you are upgrading the controller from a prior version to v2.4.0, please apply the entire manifest or use helm due to the webhook changes.

For convenience, the v2.4.0 release manifest and the helm chart creates an IngressClass resource named alb by default.

What's new

  1. Support for Ingress API version networking.k8s.io/v1
  2. Support for service spec.loadBalancerClass
  3. Option to disable security group rules management for NLB
  4. Merge tags between kubernetes ingress and services
  5. Helm chart create IngressClass and IngressClassParams by default
  6. Add servicemonitor to helm chart
  7. Helm chart keepTLSSecret is true by default
  8. Provide a new feature gate ServiceTypeLoadBalancerOnly which can optionally limit the controller to service of type LoadBalancer

Bug fixes

  1. Fix potentially slow resource reconciliation by caching AWS shield subscription state to mitigate API throttling issues
  2. Add default tags to the backend Security Group
  3. Ignore invalid ARN error while deleting TargetGroupBinding
  4. Documentation fixes

Changelog since v2.3.1

ECR images

  • 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 590381155156.dkr.ecr.eu-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.ap-northeast-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 877085696533.dkr.ecr.af-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.0
  • 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.4.0
  • 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.4.0

Contributors

orsenthil, stensonb, and 9 other contributors
Loading

v2.3.1

08 Dec 18:46
@kishorj kishorj
v2.3.1
1d492cb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.3.1

v2.3.1 (requires Kubernetes 1.16+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.3.1

Thanks to all our contributors! 😊

Action Required

N/A

What's new

  1. Support NLB IPv6 target groups
  2. Allow targetgroup endpoints outside the ELB VPC
  3. Add support for feature gates to enable/disable features
  4. Disable listener and listener rules tagging via ListenerRulesTagging feature gate
  5. Disable weighted target groups via WeightedTargetGroups feature gate

Bug fixes

  1. Fix restricted SG rules for named target port
  2. ALB COIP drift check logs drifts instead of error
  3. Remove ip-address-type dualstack annotation from 2048 example
  4. Webhook server use TLS 1.2 as the minimum version
  5. Fix listener utils error handling
  6. Documentation fixes

Changelog since v2.3.0

  • Update golang to 1.17 (#2401, @kishorj)
  • Set a namespace on the helm PodDisruptionBudget template(#2391, @Dutchy-)
  • implement dnsPolicy in aws-load-balancer-controller chart (#2324, @notjames)
  • chore: clarify how to get internal NLB (#2356, @froblesmartin)
  • fix listener utils error handling (#2397, @kishorj )
  • doc improvement for IAM policy restriction (#2390, @kishorj)
  • webhook server use TLS 1.2 as minimum version (#2394, @kishorj)
  • call subnet auto discovery when lb scheme changes (#2387, @oliviassss)
  • Minimalist IAM permissions for TargetGroupBinding [documentation] (#2385, @marcosdiez)
  • doc update for subnet auto-discovery (#2374, @oliviassss)
  • Add support for NLB IPv6 targets groups (#2332, @kishorj)
  • support IPv6 Pods during AZ detection (#2375, @M00nF1sh)
  • Adding supports for unweighted target group through feature gate and checking SSL policy availability. (#2380, @haouc)
  • doc: fix iam_policy.json url for v2.3.0 (#2378, @JeremJR)
  • NLB Instance mode guide referenced the wrong annotation (#2376, @TBBle)
  • add feature gate to enable or disable listener rules tagging (#2342, @oliviassss)
  • Allow TargetGroup endpoints outside the ELB VPC (#1862, @shoekstra)
  • Update anchor link of Nodeport from #nodeport to #type-nodeport (#2348, @sandipanpanda)
  • Whitespace changes for mkdocs rendering (#2333, @kishorj)
  • remove ip-address-type dualstack annotation from 2048 example (#2331, @kishorj)
  • make COIP drift check logs drifts instead of error out (#2329, @M00nF1sh)
  • Fix restricted SG rules for named target port (#2327, @kishorj)
  • Add documentation on how to add load balancer attributes to Ingress Class Params (#2321, @inih)
  • Update service annotations live docs (#2320, @kishorj)

ECR images

  • 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 590381155156.dkr.ecr.eu-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.ap-northeast-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 877085696533.dkr.ecr.af-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.3.1
  • 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.3.1
  • 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.3.1

Contributors

notjames, TBBle, and 11 other contributors
Loading

v2.3.0

21 Oct 00:04
@kishorj kishorj
v2.3.0
83a8c40
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.3.0

v2.3.0 (requires Kubernetes 1.16+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.3.0

Thanks to all our contributors! 😊

Action Required

  1. New IAM Permissions needed for IPv6 clusters: sample policy, sample policy for cn, sample policy for gov-cloud
  2. New RBAC permissions needed (included in latest yaml/helm chart)
  3. CRD/Webhook updates needed (included in latest yaml/helm chart)
  4. Included yaml manifests use cert-manager apiversion v1. You need to update cert-manager to v1.5.3 or later if you install via yaml manifests or enable cert-manager for helm chart

Additional Note

This release introduces optimized security group rules for ALB. The controller uses a shared security group across multiple ALBs in the cluster to allow access to your application pods. As a result, your existing ALBs get updated on controller upgrade. There is a possible time window during reconfiguration where your client traffic might get impacted. We recommend upgrading the controller during a maintenance window.

If you don't prefer the controller create an additional security group, you can either specify a backend security group via the --backend-security-group controller flag, or revert to the previous behavior by setting the controller flag --enable-backend-security-group to false. If you install the helm chart, you can set the desired configuration via enableBackendSecurityGroup and backendSecurityGroup values.

What's new

  1. Improved security groups handling
  2. ALB IPv6 target groups
  3. Helm v3 chart
  4. Support for Endpointslices
  5. Upgrade controller runtime, k8s dependencies
  6. Use admission/v1
  7. Update to use golang v1.16.3

Enhancements

  1. IngressClassParams support for load balancer attributes
  2. Specify NLB attributes via annotation, support for NLB deletion protection
  3. Restrict subnet auto-discovery to new LB creation for ALB/NLB
  4. Discover subnets based on available IP addresses
  5. Filter target group and load balancers by VPC ID
  6. Handling of deletion protection configured via annotation
  7. Custom AWS endpoints configuration
  8. Port range restriction for SG rules
  9. Discover AWS region from environment configuration
  10. Documentation changes

Helm chart

  1. Helm v3 chart
  2. Use pdb/v1 if available
  3. Reuse existing TLS secrets
  4. cert-manager apiversion v1
  5. optional serviceAnnotations
  6. specifying TLS certs/key for webhook

Changelog since v2.2.4

Read more

Contributors

Yasumoto, kirrmann, and 26 other contributors
Loading

v2.2.4

26 Aug 23:04
@M00nF1sh M00nF1sh
v2.2.4
c269d12
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.4

v2.2.4 (requires Kubernetes 1.16+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.2.4

Thanks to all our contributors! 😊

Action Required

N/A

Additional Notes:

  1. We switch to use a minimal base docker image that only contains necessary dependencies and don't have shell binaries.(prior to this release, AmazonLinux2 was used as base docker image)

Changelog since v2.2.3

ECR images

  • 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 590381155156.dkr.ecr.eu-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.ap-northeast-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 877085696533.dkr.ecr.af-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.4
  • 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.2.4
  • 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.2.4

Contributors

M00nF1sh
Loading

v2.2.3

05 Aug 01:29
@M00nF1sh M00nF1sh
v2.2.3
0521a6b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.3

v2.2.3 (requires Kubernetes 1.16+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.2.3

Thanks to all our contributors! 😊

Action Required

N/A

Additional Notes:

  1. This release is cut from our release-branch release-2.2 instead of main, which is based on v2.2.2 with a cherry-pick commit.

Changelog since v2.2.2

  • Bug Fix- fix the regression of IP mode support for fargate pods(#2158 , @M00nF1sh )

ECR images

  • 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 590381155156.dkr.ecr.eu-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.ap-northeast-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 877085696533.dkr.ecr.af-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.3
  • 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.2.3
  • 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.2.3

Contributors

M00nF1sh
Loading

v2.2.2

29 Jul 23:37
@M00nF1sh M00nF1sh
v2.2.2
84a207f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.2

v2.2.2 (requires Kubernetes 1.16+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.2.2

Thanks to all our contributors! 😊

Action Required

  • 🚨 This version doesn't work for Fargate pods with IP mode, use v2.2.3 instead

What's new

  1. "ip" TargetType now supports pods by ENI's IP address prefixes with VPC CNI plugin v1.9.0+. See here for more details

Additional Notes:

  1. This release is cut from our release-branch release-2.2 instead of main, which is based on v2.2.1 with a cherry-pick commit.

Changelog since v2.2.1

  • Improvement - add support for pods supported by IPv4Prefix on ENI (#2137 , @M00nF1sh )

ECR images

  • 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 590381155156.dkr.ecr.eu-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.ap-northeast-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 877085696533.dkr.ecr.af-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.2
  • 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.2.2
  • 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.2.2

Contributors

M00nF1sh
Loading

v2.2.1

25 Jun 23:06
@M00nF1sh M00nF1sh
v2.2.1
672488a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.1

v2.2.1 (requires Kubernetes 1.16+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.2.1

Thanks to all our contributors! 😊

Action Required

N/A

What's new

  1. New controller-level flag targetgroupbinding-max-exponential-backoff-delay for Maximum duration of exponential backoff for targetGroupBinding reconcile failures

Changelog since v2.2.0

  • Improvement - Enforce one target group per target group binding (#2098, @fawadkhaliq)
  • Improvement - Add max backoff flag for TargetGroupBinding reconciler (#2029, @eytan-avisror)
  • Improvement - New error generation/message when ServiceType is "ClusterIP" and LoadBalancerTargetType is "instance" (#2094, @harivall)
  • Improvement - Add MinLength validation to TargetGroupARN (#2035, @shuheiktgw)
  • Documentation - Add controller development docs (#2101, @fawadkhaliq)
  • Documentation - Fix annotation code block for load balancer name (#2096, @Pred05)
  • Documentation - Update example for latest api version (#2072, @tlliddle)
  • Documentation - Fix typo in installation instructions (#2063, @tomahawk-pilot)
  • Documentation - cosmetic changes to the NLB documentation (#2010, @kishorj)
  • Testing - fix ineffectual assignment to err (#2016, @zhouhao3)
  • Testing - Don't consider nodes with exclude-from-external-load-balancer eligible worker nodes in e2e (#2012, @olemarkus)
  • Development - cut v2.2.1 release (#2105, @M00nF1sh)
  • Development - Add lint and dry run checks for the Helm chart (#2099, @fawadkhaliq)
  • Development - Added issue and pull request templates (#2089, @fawadkhaliq)
  • Development - Add aws-load-balancer-controller Helm chart (#2088, @fawadkhaliq)
  • Development - fix docs theme with latest mkdocs-material & pin docs dev environment (#2023, @M00nF1sh)

ECR images

  • 013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 590381155156.dkr.ecr.eu-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.ap-northeast-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 877085696533.dkr.ecr.af-south-1.amazonaws.com/amazon/aws-load-balancer-controller:v2.2.1
  • 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.2.1
  • 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller:v2.2.1

Contributors

olemarkus, fawadkhaliq, and 9 other contributors
Loading

v2.2.0

14 May 23:04
@M00nF1sh M00nF1sh
v2.2.0
68c417a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.0

v2.2.0 (requires Kubernetes 1.16+)

Documentation

Image: docker.io/amazon/aws-alb-ingress-controller:v2.2.0

Thanks to all our contributors! 😊

Action Required

  1. New IAM Permissions needed: sample policy, sample policy for cn, sample policy for gov-cloud
  2. New RBAC permissions needed (included in latest yaml/helm chart)
  3. CRD/Webhook updates needed (included in latest yaml/helm chart)
  4. breaking change: NLB will be provisioned as internal by default. Annotation service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing need to be explicitly specified on the service to provision an internet-facing NLB. (existing NLBs managed by this controller are not affected).
  5. breaking change: Ingresses rules referencing non-existing Service/Action will be replaced by fixed 503 responses instead of preventing Ingress from reconcile.
  6. breaking change: Tags specified via --default-tags controller flag will takes highest priority.

What's new

  1. NLB Instance mode
  2. service.beta.kubernetes.io/aws-load-balancer-private-ipv4-addresses annotation to configure private static IPs for an internal NLB
  3. IngressClassParams CRD to restrict LoadBalancer settings across multiple Ingresses
  4. alb.ingress.kubernetes.io/ssl-redirect annotation to simplify HTTP-To-HTTPS redirect configuration
  5. Ingress PathType
  6. Resource Tagging for Listener and ListenerRules
  7. Ability to specify custom load balancer name for ALB/NLB
  8. Ability to select backend nodes by labels for Ingress/Service/TargetGroupBinding
  9. Ability to provision ALB on LocalZone
  10. Ability to opt-out management for certain tags via controller flags
  11. Ability to customize webhook's certificate locations via controller flags
  12. Ability to specify default SSL policy via controller flags

Enhancements

  1. Better handling for Ingress rules referencing non-existing Service.
  2. Use objectSelector for pod mutator webhook
  3. Upgraded to v1 API for webhook and CRD

Bug Fixes

  1. Fixed the default certificate selection for ALB/Ingress(#1836)
  2. Fixed issues around legacy readinessGate removal(#1782 )

Changelog since v2.1.3

Read more

Contributors

isqrd, rifelpet, and 16 other contributors
Loading