add support on NLB side

Author: oliviassss

controllers/service/service_controller.go

@@ -43,7 +43,7 @@ func NewServiceReconciler(cloud aws.Cloud, k8sClient client.Client, eventRecorde
 elbv2TaggingManager := elbv2.NewDefaultTaggingManager(cloud.ELBV2(), cloud.VpcID(), controllerConfig.FeatureGates, logger)
 serviceUtils := service.NewServiceUtils(annotationParser, serviceFinalizer, controllerConfig.ServiceConfig.LoadBalancerClass, controllerConfig.FeatureGates)
 modelBuilder := service.NewDefaultModelBuilder(annotationParser, subnetsResolver, vpcInfoProvider, cloud.VpcID(), trackingProvider,
-elbv2TaggingManager, controllerConfig.ClusterName, controllerConfig.DefaultTags, controllerConfig.ExternalManagedTags, controllerConfig.DefaultSSLPolicy, controllerConfig.FeatureGates.Enabled(config.EnableIPTargetType), serviceUtils)
+elbv2TaggingManager, controllerConfig.FeatureGates, controllerConfig.ClusterName, controllerConfig.DefaultTags, controllerConfig.ExternalManagedTags, controllerConfig.DefaultSSLPolicy, controllerConfig.FeatureGates.Enabled(config.EnableIPTargetType), serviceUtils)
 stackMarshaller := deploy.NewDefaultStackMarshaller()
 stackDeployer := deploy.NewDefaultStackDeployer(cloud, k8sClient, networkingSGManager, networkingSGReconciler, controllerConfig, serviceTagPrefix, logger)
 return &serviceReconciler{

pkg/networking/subnet_resolver.go

@@ -97,8 +97,8 @@ func WithSubnetsClusterTagCheck(SubnetsClusterTagCheck bool) SubnetsResolveOptio
 type SubnetsResolver interface {
 // ResolveViaDiscovery resolve subnets by auto discover matching subnets.
 // Discovery candidate includes all subnets within the clusterVPC. Additionally,
-// * for internet-facing Load Balancer, "kubernetes.io/role/elb" tag must presents.
-// * for internal Load Balancer, "kubernetes.io/role/internal-elb" tag must presents.
+// * for internet-facing Load Balancer, "kubernetes.io/role/elb" tag must be present.
+// * for internal Load Balancer, "kubernetes.io/role/internal-elb" tag must be present.
 // * if SubnetClusterTagCheck is enabled, subnets within the clusterVPC must contain no cluster tag at all
 // or contain the "kubernetes.io/cluster/<cluster_name>" tag for the current cluster
 // If multiple subnets are found for specific AZ, one subnet is chosen based on the lexical order of subnetID.

pkg/service/model_build_load_balancer.go

@@ -17,6 +17,7 @@ import (
 "github.com/aws/aws-sdk-go/service/ec2"
 "github.com/pkg/errors"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/annotations"
+"sigs.k8s.io/aws-load-balancer-controller/pkg/config"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/deploy/tracking"
 elbv2model "sigs.k8s.io/aws-load-balancer-controller/pkg/model/elbv2"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/networking"
@@ -282,11 +283,13 @@ func (t *defaultModelBuildTask) buildLoadBalancerSubnets(ctx context.Context, sc
 networking.WithSubnetsResolveLBType(elbv2model.LoadBalancerTypeNetwork),
 networking.WithSubnetsResolveLBScheme(scheme),
 networking.WithSubnetsResolveAvailableIPAddressCount(minimalAvailableIPAddressCount),
+networking.WithSubnetsClusterTagCheck(t.featureGates.Enabled(config.SubnetsClusterTagCheck)),
 )
 }
 return t.subnetsResolver.ResolveViaDiscovery(ctx,
 networking.WithSubnetsResolveLBType(elbv2model.LoadBalancerTypeNetwork),
 networking.WithSubnetsResolveLBScheme(scheme),
+networking.WithSubnetsClusterTagCheck(t.featureGates.Enabled(config.SubnetsClusterTagCheck)),
 )
 }
 

pkg/service/model_build_load_balancer_test.go

@@ -17,6 +17,7 @@ import (
 corev1 "k8s.io/api/core/v1"
 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/annotations"
+"sigs.k8s.io/aws-load-balancer-controller/pkg/config"
 elbv2deploy "sigs.k8s.io/aws-load-balancer-controller/pkg/deploy/elbv2"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/deploy/tracking"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/model/elbv2"
@@ -760,6 +761,7 @@ func Test_defaultModelBuilderTask_buildLoadBalancerSubnets(t *testing.T) {
 
 clusterName := "cluster-name"
 trackingProvider := tracking.NewDefaultProvider("ingress.k8s.aws", clusterName)
+featureGates := config.NewFeatureGates()
 
 builder := &defaultModelBuildTask{
 clusterName: clusterName,
@@ -769,6 +771,7 @@ func Test_defaultModelBuilderTask_buildLoadBalancerSubnets(t *testing.T) {
 subnetsResolver: subnetsResolver,
 trackingProvider: trackingProvider,
 elbv2TaggingManager: elbv2TaggingManager,
+featureGates: featureGates,
 }
 got, err := builder.buildLoadBalancerSubnets(context.Background(), tt.scheme)
 if tt.wantErr != nil {

pkg/service/model_builder.go

@@ -10,6 +10,7 @@ import (
 "github.com/aws/aws-sdk-go/service/ec2"
 corev1 "k8s.io/api/core/v1"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/annotations"
+"sigs.k8s.io/aws-load-balancer-controller/pkg/config"
 elbv2deploy "sigs.k8s.io/aws-load-balancer-controller/pkg/deploy/elbv2"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/deploy/tracking"
 "sigs.k8s.io/aws-load-balancer-controller/pkg/k8s"
@@ -35,14 +36,15 @@ type ModelBuilder interface {
 // NewDefaultModelBuilder construct a new defaultModelBuilder
 func NewDefaultModelBuilder(annotationParser annotations.Parser, subnetsResolver networking.SubnetsResolver,
 vpcInfoProvider networking.VPCInfoProvider, vpcID string, trackingProvider tracking.Provider,
-elbv2TaggingManager elbv2deploy.TaggingManager, clusterName string, defaultTags map[string]string,
+elbv2TaggingManager elbv2deploy.TaggingManager, featureGates config.FeatureGates, clusterName string, defaultTags map[string]string,
 externalManagedTags []string, defaultSSLPolicy string, enableIPTargetType bool, serviceUtils ServiceUtils) *defaultModelBuilder {
 return &defaultModelBuilder{
 annotationParser: annotationParser,
 subnetsResolver: subnetsResolver,
 vpcInfoProvider: vpcInfoProvider,
 trackingProvider: trackingProvider,
 elbv2TaggingManager: elbv2TaggingManager,
+featureGates: featureGates,
 serviceUtils: serviceUtils,
 clusterName: clusterName,
 vpcID: vpcID,
@@ -61,6 +63,7 @@ type defaultModelBuilder struct {
 vpcInfoProvider networking.VPCInfoProvider
 trackingProvider tracking.Provider
 elbv2TaggingManager elbv2deploy.TaggingManager
+featureGates config.FeatureGates
 serviceUtils ServiceUtils
 
 clusterName string
@@ -81,6 +84,7 @@ func (b *defaultModelBuilder) Build(ctx context.Context, service *corev1.Service
 vpcInfoProvider: b.vpcInfoProvider,
 trackingProvider: b.trackingProvider,
 elbv2TaggingManager: b.elbv2TaggingManager,
+featureGates: b.featureGates,
 serviceUtils: b.serviceUtils,
 enableIPTargetType: b.enableIPTargetType,
 
@@ -131,6 +135,7 @@ type defaultModelBuildTask struct {
 vpcInfoProvider networking.VPCInfoProvider
 trackingProvider tracking.Provider
 elbv2TaggingManager elbv2deploy.TaggingManager
+featureGates config.FeatureGates
 serviceUtils ServiceUtils
 enableIPTargetType bool
 

pkg/service/model_builder_test.go

@@ -2770,7 +2770,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
 } else {
 enableIPTargetType = *tt.enableIPTargetType
 }
-builder := NewDefaultModelBuilder(annotationParser, subnetsResolver, vpcInfoProvider, "vpc-xxx", trackingProvider, elbv2TaggingManager,
+builder := NewDefaultModelBuilder(annotationParser, subnetsResolver, vpcInfoProvider, "vpc-xxx", trackingProvider, elbv2TaggingManager, featureGates,
 "my-cluster", nil, nil, "ELBSecurityPolicy-2016-08", enableIPTargetType, serviceUtils)
 ctx := context.Background()
 stack, _, err := builder.Build(ctx, tt.svc)