Skip to content

Commit

Permalink
Improve documentations for tolerate-non-existent-backend-{service,act…
Browse files Browse the repository at this point in the history
…ion} (#3442)
  • Loading branch information
guessi authored Dec 12, 2023
1 parent f4ff5d2 commit 3c6281a
Show file tree
Hide file tree
Showing 4 changed files with 9 additions and 7 deletions.
6 changes: 3 additions & 3 deletions docs/deploy/configurations.md
Original file line number Diff line number Diff line change
Expand Up @@ -101,8 +101,8 @@ Currently, you can set only 1 namespace to watch in this flag. See [this Kuberne
|[sync-period](#sync-period) | duration | 10h0m0s | Period at which the controller forces the repopulation of its local object stores|
|targetgroupbinding-max-concurrent-reconciles | int | 3 | Maximum number of concurrently running reconcile loops for targetGroupBinding |
|targetgroupbinding-max-exponential-backoff-delay | duration | 16m40s | Maximum duration of exponential backoff for targetGroupBinding reconcile failures |
|tolerate-non-existent-backend-service | boolean | true | Whether to allow rules which refer to backend services that do not exist |
|tolerate-non-existent-backend-action | boolean | true | Whether to allow rules which refer to backend actions that do not exist |
|tolerate-non-existent-backend-service | boolean | true | Whether to allow rules which refer to backend services that do not exist (When enabled, it will return 503 error if backend service not exist) |
|tolerate-non-existent-backend-action | boolean | true | Whether to allow rules which refer to backend actions that do not exist (When enabled, it will return 503 error if backend action not exist) |
|watch-namespace | string | | Namespace the controller watches for updates to Kubernetes objects, If empty, all namespaces are watched. |
|webhook-bind-port | int | 9443 | The TCP port the Webhook server binds to |
|webhook-cert-dir | string | /tmp/k8s-webhook-server/serving-certs | The directory that contains the server key and certificate |
Expand Down Expand Up @@ -139,7 +139,7 @@ By default, the controller assumes sole ownership of the WAF addons associated t
And the users should disable them accordingly if they want a third party like AWS Firewall Manager to associate or remove the WAF-ACL of the ALBs.
Once disabled, the controller shall not take any actions on the waf addons of the provisioned ALBs.

### throttle config
### throttle config

Controller uses the following default throttle config:

Expand Down
2 changes: 2 additions & 0 deletions helm/aws-load-balancer-controller/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -233,6 +233,8 @@ The default values set by the application itself can be confirmed [here](https:/
| `watchNamespace` | Namespace the controller watches for updates to Kubernetes objects, If empty, all namespaces are watched | None |
| `disableIngressClassAnnotation` | Disables the usage of kubernetes.io/ingress.class annotation | None |
| `disableIngressGroupNameAnnotation` | Disables the usage of alb.ingress.kubernetes.io/group.name annotation | None |
| `tolerateNonExistentBackendService` | whether to allow rules that reference a backend service that does not exist. (When enabled, it will return 503 error if backend service not exist) | `true` |
| `tolerateNonExistentBackendAction` | whether to allow rules that reference a backend action that does not exist. (When enabled, it will return 503 error if backend action not exist) | `true` |
| `defaultSSLPolicy` | Specifies the default SSL policy to use for HTTPS or TLS listeners | None |
| `externalManagedTags` | Specifies the list of tag keys on AWS resources that are managed externally | `[]` |
| `livenessProbe` | Liveness probe settings for the controller | (see `values.yaml`) |
Expand Down
4 changes: 2 additions & 2 deletions helm/aws-load-balancer-controller/test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -209,10 +209,10 @@ disableIngressClassAnnotation:
# disableIngressGroupNameAnnotation disables the usage of alb.ingress.kubernetes.io/group.name annotation, false by default
disableIngressGroupNameAnnotation:

# tolerateNonExistentBackendService permits rules which specify backend services that don't exist, true by default
# tolerateNonExistentBackendService permits rules which specify backend services that don't exist, true by default (When enabled, it will return 503 error if backend service not exist)
tolerateNonExistentBackendService:

# tolerateNonExistentBackendAction permits rules which specify backend actions that don't exist, true by default
# tolerateNonExistentBackendAction permits rules which specify backend actions that don't exist, true by default (When enabled, it will return 503 error if backend action not exist)
tolerateNonExistentBackendAction:

# defaultSSLPolicy specifies the default SSL policy to use for TLS/HTTPS listeners
Expand Down
4 changes: 2 additions & 2 deletions helm/aws-load-balancer-controller/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -227,10 +227,10 @@ disableIngressClassAnnotation:
# disableIngressGroupNameAnnotation disables the usage of alb.ingress.kubernetes.io/group.name annotation, false by default
disableIngressGroupNameAnnotation:

# tolerateNonExistentBackendService permits rules which specify backend services that don't exist, true by default
# tolerateNonExistentBackendService permits rules which specify backend services that don't exist, true by default (When enabled, it will return 503 error if backend service not exist)
tolerateNonExistentBackendService:

# tolerateNonExistentBackendAction permits rules which specify backend actions that don't exist, true by default
# tolerateNonExistentBackendAction permits rules which specify backend actions that don't exist, true by default (When enabled, it will return 503 error if backend action not exist)
tolerateNonExistentBackendAction:

# defaultSSLPolicy specifies the default SSL policy to use for TLS/HTTPS listeners
Expand Down

0 comments on commit 3c6281a

Please sign in to comment.