diff --git a/docs/deploy/configurations.md b/docs/deploy/configurations.md index a891e552b5..8a4c6b79ff 100644 --- a/docs/deploy/configurations.md +++ b/docs/deploy/configurations.md @@ -97,6 +97,7 @@ Currently, you can set only 1 namespace to watch in this flag. See [this Kuberne | kubeconfig | string | in-cluster config | Path to the kubeconfig file containing authorization and API server information | | leader-election-id | string | aws-load-balancer-controller-leader | Name of the leader election ID to use for this controller | | leader-election-namespace | string | | Name of the leader election ID to use for this controller | +| leader-election-lease-duration | duration | 15s | The duration that non-leader candidates will wait to force acquire leadership. | | load-balancer-class | string | service.k8s.aws/nlb | Name of the load balancer class specified in service `spec.loadBalancerClass` reconciled by this controller | | log-level | string | info | Set the controller log level - info, debug | | metrics-bind-addr | string | :8080 | The address the metric endpoint binds to | diff --git a/helm/aws-load-balancer-controller/templates/deployment.yaml b/helm/aws-load-balancer-controller/templates/deployment.yaml index da672ab34d..b44c06ce33 100644 --- a/helm/aws-load-balancer-controller/templates/deployment.yaml +++ b/helm/aws-load-balancer-controller/templates/deployment.yaml @@ -170,6 +170,9 @@ spec: {{- if .Values.loadBalancerClass }} - --load-balancer-class={{ .Values.loadBalancerClass }} {{- end }} + {{- if .Values.leaseDuration }} + - --leader-election-lease-duration={{ .Values.leaseDuration }} + {{- end }} {{- if or .Values.env .Values.envSecretName }} env: {{- if .Values.env}} diff --git a/helm/aws-load-balancer-controller/values.yaml b/helm/aws-load-balancer-controller/values.yaml index 96e0466e14..b400d7d12f 100644 --- a/helm/aws-load-balancer-controller/values.yaml +++ b/helm/aws-load-balancer-controller/values.yaml @@ -424,5 +424,8 @@ serviceTargetENISGTags: # Specifies the class of load balancer to use for services. This affects how services are provisioned if type LoadBalancer is used (default service.k8s.aws/nlb) loadBalancerClass: +# Specifies the duration that non-leader candidates will wait to force acquire leadership. (default 15s) +leaseDuration: 15s + # creator will disable helm default labels, so you can only add yours # creator: "me" diff --git a/pkg/config/runtime_config.go b/pkg/config/runtime_config.go index 9e42ba00f4..a41fbea714 100644 --- a/pkg/config/runtime_config.go +++ b/pkg/config/runtime_config.go @@ -18,27 +18,29 @@ import ( ) const ( - flagMetricsBindAddr = "metrics-bind-addr" - flagHealthProbeBindAddr = "health-probe-bind-addr" - flagWebhookBindPort = "webhook-bind-port" - flagEnableLeaderElection = "enable-leader-election" - flagLeaderElectionID = "leader-election-id" - flagLeaderElectionNamespace = "leader-election-namespace" - flagWatchNamespace = "watch-namespace" - flagSyncPeriod = "sync-period" - flagKubeconfig = "kubeconfig" - flagWebhookCertDir = "webhook-cert-dir" - flagWebhookCertName = "webhook-cert-file" - flagWebhookKeyName = "webhook-key-file" + flagMetricsBindAddr = "metrics-bind-addr" + flagHealthProbeBindAddr = "health-probe-bind-addr" + flagWebhookBindPort = "webhook-bind-port" + flagEnableLeaderElection = "enable-leader-election" + flagLeaderElectionID = "leader-election-id" + flagLeaderElectionNamespace = "leader-election-namespace" + flagLeaderElectionLeaseDuration = "leader-election-lease-duration" + flagWatchNamespace = "watch-namespace" + flagSyncPeriod = "sync-period" + flagKubeconfig = "kubeconfig" + flagWebhookCertDir = "webhook-cert-dir" + flagWebhookCertName = "webhook-cert-file" + flagWebhookKeyName = "webhook-key-file" - defaultKubeconfig = "" - defaultLeaderElectionID = "aws-load-balancer-controller-leader" - defaultLeaderElectionNamespace = "" - defaultWatchNamespace = corev1.NamespaceAll - defaultMetricsAddr = ":8080" - defaultHealthProbeBindAddress = ":61779" - defaultSyncPeriod = 10 * time.Hour - defaultWebhookBindPort = 9443 + defaultKubeconfig = "" + defaultLeaderElectionID = "aws-load-balancer-controller-leader" + defaultLeaderElectionNamespace = "" + defaultLeaderElectionLeaseDuration = 15 * time.Second + defaultWatchNamespace = corev1.NamespaceAll + defaultMetricsAddr = ":8080" + defaultHealthProbeBindAddress = ":61779" + defaultSyncPeriod = 10 * time.Hour + defaultWebhookBindPort = 9443 // High enough QPS to fit all expected use cases. QPS=0 is not set here, because // client code is overriding it. defaultQPS = 1e6 @@ -52,19 +54,20 @@ const ( // RuntimeConfig stores the configuration for the controller-runtime type RuntimeConfig struct { - APIServer string - KubeConfig string - WebhookBindPort int - MetricsBindAddress string - HealthProbeBindAddress string - EnableLeaderElection bool - LeaderElectionID string - LeaderElectionNamespace string - WatchNamespace string - SyncPeriod time.Duration - WebhookCertDir string - WebhookCertName string - WebhookKeyName string + APIServer string + KubeConfig string + WebhookBindPort int + MetricsBindAddress string + HealthProbeBindAddress string + EnableLeaderElection bool + LeaderElectionID string + LeaderElectionNamespace string + LeaderElectionLeaseDuration time.Duration + WatchNamespace string + SyncPeriod time.Duration + WebhookCertDir string + WebhookCertName string + WebhookKeyName string } // BindFlags binds the command line flags to the fields in the config object @@ -91,7 +94,8 @@ func (c *RuntimeConfig) BindFlags(fs *pflag.FlagSet) { fs.StringVar(&c.WebhookCertDir, flagWebhookCertDir, defaultWebhookCertDir, "WebhookCertDir is the directory that contains the webhook server key and certificate.") fs.StringVar(&c.WebhookCertName, flagWebhookCertName, defaultWebhookCertName, "WebhookCertName is the webhook server certificate name.") fs.StringVar(&c.WebhookKeyName, flagWebhookKeyName, defaultWebhookKeyName, "WebhookKeyName is the webhook server key name.") - + fs.DurationVar(&c.LeaderElectionLeaseDuration, flagLeaderElectionLeaseDuration, defaultLeaderElectionLeaseDuration, + "The duration that non-leader candidates will wait to force acquire leadership.") } // BuildRestConfig builds the REST config for the controller runtime @@ -122,6 +126,7 @@ func BuildRuntimeOptions(rtCfg RuntimeConfig, scheme *runtime.Scheme) ctrl.Optio LeaderElectionResourceLock: resourcelock.LeasesResourceLock, LeaderElectionID: rtCfg.LeaderElectionID, LeaderElectionNamespace: rtCfg.LeaderElectionNamespace, + LeaseDuration: &rtCfg.LeaderElectionLeaseDuration, Cache: cache.Options{ SyncPeriod: &rtCfg.SyncPeriod, },