Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rollout clobbers pre-existing ALB annotations #1572

Closed
alkalinecoffee opened this issue Oct 8, 2021 · 0 comments
Closed

Rollout clobbers pre-existing ALB annotations #1572

alkalinecoffee opened this issue Oct 8, 2021 · 0 comments
Labels
bug Something isn't working
Milestone
v1.2

Comments

@alkalinecoffee
Copy link

alkalinecoffee commented Oct 8, 2021
edited
Loading

Summary

We have pre-existing annotations in place for our ALB listener rules, but argo appears to be clobbering those annotations so they never actually take effect.

Our service requires the use of sticky sessions. For enabling stickiness on targets, this is done by first setting this ingress annotation:

alb.ingress.kubernetes.io/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=60

But since both the canary and stable target groups are routed by the same listener rule, we need to also enable target group stickiness at the rule level by adding setting the TargetGroupStickinessConfig in the following annotation (as described here):

alb.ingress.kubernetes.io/actions.xvp-ping-api-dev-stable:
  "{\"ForwardConfig\":{\"TargetGroupStickinessConfig\":{\"DurationSeconds\":300,\"Enabled\":true},\"TargetGroups\":[{\"ServiceName\":\"xvp-ping-api-dev-canary\",\"ServicePort\":8080,\"Weight\":50},{\"ServiceName\":\"xvp-ping-api-dev-stable\",\"ServicePort\":8080,\"Weight\":50}]},\"Type\":\"forward\"}",

Without specifying the TargetGroupStickinessConfig in our annotation, we see the following error from the aws-load-balancer-controller when it tries to update the ALB rules:

InvalidLoadBalancerAction: You must enable group stickiness on a rule if you enabled target stickiness on one of its target groups

After some debugging, we can see in the controller logs that its trying to push the following payload to the ELB API:

{
  "type": "forward",
  "forwardConfig": {
    "targetGroups": [
      {
        "targetGroupARN": { "$ref": "#/resources/AWS::ElasticLoadBalancingV2::TargetGroup/xvp-ping-api-dev/xvp-ping-api-dev-alb-xvp-ping-api-dev-stable:8080/status/targetGroupARN" },
        "weight": 100
      },
      {
        "targetGroupARN": { "$ref": "#/resources/AWS::ElasticLoadBalancingV2::TargetGroup/xvp-ping-api-dev/xvp-ping-api-dev-alb-xvp-ping-api-dev-canary:8080/status/targetGroupARN" },
        "weight": 0
      }
    ]
  }
}

We can see in the above output that the TargetGroupStickinessConfig configuration we set in our annotation is missing. As it stands now, we're unable to enable sticky sessions with argo.

If I'm understanding the code here correctly, any pre-existing annotations are not considered when building the listener rule's forwardConfig. This value is explicitly set with target group values and nothing else.

Should this code be updated to more gracefully handle annotations with pre-existing values so they are not lost? Or perhaps a sort of template may be provided to use as a basis for building the ingress annotation?

Message from the maintainers:

Impacted by this bug? Give it a 👍. We prioritize the issues with the most 👍.
@alkalinecoffee alkalinecoffee added the bug Something isn't working label Oct 8, 2021
@harikrongali harikrongali added this to the v1.2 milestone Oct 12, 2021
@harikrongali harikrongali mentioned this issue Oct 12, 2021
Merged
6 tasks
@alexmt alexmt closed this as completed in 5e188f9 Dec 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
v1.2
Development

No branches or pull requests
2 participants
@alkalinecoffee @harikrongali