Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ Support additional security group ingress rules for all nodes #5224

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

✨ Support additional security group ingress rules for all nodes #5224

wants to merge 1 commit into from

Conversation

AndiDog
Copy link
Contributor

@AndiDog AndiDog commented Nov 22, 2024

What type of PR is this?

/kind feature

What this PR does / why we need it:

It was already possible to add rules for control plane nodes, but not for all nodes. Example use case: pod network is deployed on separate VPC/ENIs (e.g. via Cilium AWS ENI allocator) and therefore doesn't have the node security group which allows access to the kubelet API for metrics-server's scraping – that can now easily be allowed with custom rules.

Checklist:

  • squashed commits
  • includes documentation
  • includes emojis
  • adds unit tests
  • adds or updates e2e tests

Release note:

Support additional security group ingress rules for all nodes

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/feature Categorizes issue or PR as related to a new feature. labels Nov 22, 2024
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-priority size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Nov 22, 2024
@Ankitasw
Copy link
Member

Ankitasw commented Jan 3, 2025

/test pull-cluster-api-provider-aws-e2e

1 similar comment
@AndiDog
Copy link
Contributor Author

AndiDog commented Jan 3, 2025

/test pull-cluster-api-provider-aws-e2e

@AndiDog AndiDog force-pushed the additional-node-sg-ingress-rules branch from f852a0b to e223ac7 Compare January 22, 2025 16:38
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from andidog. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@AndiDog
Copy link
Contributor Author

AndiDog commented Jan 22, 2025

Rebased onto main.

/test pull-cluster-api-provider-aws-e2e

@AndiDog
Copy link
Contributor Author

AndiDog commented Jan 24, 2025

/test pull-cluster-api-provider-aws-e2e

fiunchinho
fiunchinho approved these changes Jan 28, 2025
View reviewed changes
Copy link
Contributor

@fiunchinho fiunchinho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fiunchinho fiunchinho fiunchinho approved these changes

@Ankitasw Ankitasw Awaiting requested review from Ankitasw

@damdo damdo Awaiting requested review from damdo

Assignees

@fiunchinho fiunchinho

Labels
cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-priority release-note Denotes a PR that will be considered when it comes time to generate release notes. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@AndiDog @Ankitasw @k8s-ci-robot @fiunchinho