Skip to content

Releases: kubernetes-sigs/aws-load-balancer-controller

v1.1.5

14 Jan 11:33
@M00nF1sh M00nF1sh
v1.1.5
2560c81
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.5

Documentation
Image: docker.io/amazon/aws-alb-ingress-controller:v1.1.5

Changelog since v1.1.4

New Features

32587b3 advanced_routing/weighted_routing support

Other notable changes

25b9705 Rewrite GetClusterSubnets() using EC2 specific API (This enables the controller to run in pure-private VPC with privateLink. Note: this is not complete, there is still a dependency on RGT, so clean up in PurePrivate VPC don't work)
b58bba7 ignore fargate nodes for instance type (This allows instance target-type when both EC2 node and fargate node presents)
3226ff2 adding cache around wafAPI usage (This fix WAF throttling issues when there are frequently pod/node changes)
acdc3b2 docs(echoserver.md): fix typos
27884d4 docs: update example for ExternalDNS

Assets 2
Loading

v1.1.4

02 Dec 07:32
@M00nF1sh M00nF1sh
v1.1.4
b42cd80
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.4

Documentation
Image: docker.io/amazon/aws-alb-ingress-controller:v1.1.4

Note: This version supports EKS on Fargate with mode IP(alb.ingress.kubernetes.io/target-type: ip)
To run aws-alb-ingress-controller itself as an Fargate based pod:

  1. The --aws-vpc-id and --aws-region have to be specified in controller YAML.
  2. IAM for pods should be used to grant permission for the controller, Alternatively,AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY can be specified in controller YAML(not recommended for production)

Changelog since v1.1.3

New Features

9563e61 Allow load balancing algorithm to be specified
4d1f94c enhance ip mode for non-ec2 nodes

Others

9563e61 Allow load balancing algorithm to be specified
3d77b64 Merge pull request #1067 from tghaas/tghaas-doc-fix
5ce8ded Merge pull request #1079 from azweb76/patch-1
8b2d59c fix ingress example
e30318f fixup docs for load-balancer-attributes
97914ae docs: clarify security group name comes from tag

Assets 2
Loading

v1.1.3

16 Sep 18:26
@M00nF1sh M00nF1sh
v1.1.3
6101b02
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.3

Documentation
Image: docker.io/amazon/aws-alb-ingress-controller:v1.1.3

NOTE: This version is forward-compatible with V2 branch(versions above v1.2.0-alpha.1) and backward-compatible with older versions(versions below v1.1.3). The master branch will continue to be maintained and developed until V2 branch matures.

Changelog since v1.1.2

Action Required

  1. The SecurityGroup management for worker node have changed, please ensure there are only a single SecurityGroup on worker node ENIs or multiple SecurityGroups but only one of them are tagged with kubernetes.io/cluster/<cluster-name> (This should be default settings on various AWS based k8s installation and is same requirement by Kubernetes AWS cloudProvider). Migration will happen automatically if above requirement meets Details

New Features

  1. IPV6 CIDR are supported in alb.ingress.kubernetes.io/inbound-cidrs annotation
  2. Ability to specify AuthenticationRequestExtraParams
  3. Ability to do concurrent reconciliation
  4. Forward compatible with version above v1.2.0.alpha.1

Other notable changes

  1. Performance improvement for discover ACM certs

ff7724e upgrade aws-sdk to use iam-for-pods
32a6572 adding cache for cert discovery
d90c340 Update the Travis go version
55f9a02 tag aws resources with v2 style tags to enable migration to v2
f74c746 refactor security group handling to reuse worker node security group instead of creating new one
da9fad5 Switch to use new test framework
a7d83be Switch to use multi stage build for container Remove binary build in ci_e2e_test.sh
443f07d Seperate ipv6 permissions from ipv4
a37776d Added ipv6 suppport to SG
3d8cebe Address PR comments for ipv6 cidr
84daa82 Added support for IPv6 CIDRs in security groups
88f890e add flag to enable concurrent reconciliation.
24cfadd update(docs): fixed markdown code syntax
2cd600c update(docs): added additional instructions
299bb1a update(docs): added additional instructions
ffe4647 update(docs): added additional instructions
31a3bd2 update-docs(create-record-set)
1c72b93 AuthenticationRequestExtraParams authentication action
166df43 Add documentation about configuring WAF
05e6e06 make links relative
36d7920 fix broken link for cognito-ingress-template
4ca5606 add permission to use cognito
2402597 Fix panic when deleting an ALB with no default SG in the VPC
dacad85 enhance certificate auto-discover functionality 1. domains in SAN section of certificate will be matched too 2. If multiple certificate were found for a host, an error will be issued. 3. If none certificate were found for a host, an error will be issued.
28834c2 Add support for shared subnets
e7656b6 fix unit test
491164b Add idle_timeout.timeout_seconds annotation docs
58f6733 Fix extra hyphen in ingress-controller example
8065bb8 Scopes must be space-separated list
51dda47 Update ingress docs for authentication
6038b2d fixed formatting issues and added page to mkdocs.yml
0a74112 Added configuration page for ALB Ingress Controller with Cognito Auth

Assets 2
Loading

First alpha release for V2 branch

15 Jul 20:30
@M00nF1sh M00nF1sh
v1.2.0-alpha.1
06a8235
Compare
Choose a tag to compare
First alpha release for V2 branch Pre-release
Pre-release

The V2 branch contains massive refactor to support IngressGroup feature,

Docker Image: amazon/aws-alb-ingress-controller:v1.2.0-alpha.1
Instructions for install and IngressGroup feature: #914

Caution

  • Do not use this release in production yet.
  • This release is not backwards compatible with current v1.1.2 release(old ALB/TargetGroup for Ingress won't be reused), we'll release a glue version(likely v1.1.3) to enable seamless upgrades.
Assets 2
Loading

v1.1.2

01 Mar 02:26
@M00nF1sh M00nF1sh
v1.1.2
cc1c597
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.2

Documentation
Image: docker.io/amazon/aws-alb-ingress-controller:v1.1.2

Changelog since v1.1.1

Action Required

  1. New IAM permission needed: ec2:DescribeNetworkInterfaces (The full set of required IAM permission is available in iam-policy.json)

New Features

  1. Auto select certificates based on ingress hostname(#864) (note: HTTPS listener must be explicitly requested via alb.ingress.kubernetes.io/listen-ports to enable this feature)

Other notable changes

  1. Register out-of-vpc targets using 'all' AZ setting
  2. E2E framework & test cases for mode instance and mode IP
  3. Remove cache on AWS API calls
  4. Fix error msg for internet LB subnet tagging requirement
  5. Bug fix for hanging when delete managed securityGroup
  6. Bug fix for detect WAF Regional service availablity
  7. Doc update for cognito sample
  8. Doc improvement
  9. Doc improvement
  10. Doc improvement
Assets 2
Loading

v1.1.1

19 Jan 01:36
@M00nF1sh M00nF1sh
v1.1.1
87bef3e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.1

Documentation
Image: docker.io/amazon/aws-alb-ingress-controller:v1.1.1

Changelog since v1.1.0

Action Required

  1. If you manually added multiple certificates to ALB listeners before, you needs to add the additional certificate via alb.ingress.kubernetes.io/certificate-arn annotation(otherwise, these additional certificates will be removed during reconcile)
  2. Additional IAM Permission are needed:
  • elasticloadbalancing:AddListenerCertificates
  • elasticloadbalancing:RemoveListenerCertificates
  • elasticloadbalancing:DescribeListenerCertificates

New Features

  1. Support for multiple SSL certificates
  2. Installation via kustomize
Assets 2
Loading

v1.1.0

15 Jan 22:53
@M00nF1sh M00nF1sh
v1.1.0
72962fc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.0

Documentation
Image: docker.io/amazon/aws-alb-ingress-controller:v1.1.0

Changelog since v1.0.1

Action Required

N/A

New Features

  1. Support authentication via Cognito and OIDC, See docs here
  2. Support using existing targetGroup as backend, See docs here
  3. Support using named port to denote healthcheck port

Other notable changes

  1. Bug fix for disable access_log
  2. Bump aws-sdk-go version to v1.16.11 to support kube-aws-iam-controller
  3. Enhancement for host only condition
  4. Apply k8s standard package layout
  5. Doc enhancements for workthough
  6. Doc enhancements for helm
  7. Doc enhancements
  8. Doc enhancements
  9. Doc enhancements
Assets 2
Loading

v1.0.1

06 Dec 01:32
@M00nF1sh M00nF1sh
v1.0.1
ebac62d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.1

v1.0.1

Documentation

image: docker.io/amazon/aws-alb-ingress-controller:v1.0.1

Changelog since v1.0.0

Action Required

N/A

Other notable changes

Assets 2
Loading

v1.0.0

19 Nov 18:06
@M00nF1sh M00nF1sh
v1.0.0
60383d8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0

v1.0.0

Documentation

Docker Image: 894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-alb-ingress-controller:v1.0.0

Changelog since 1.0-beta.7

Action Required

  • change annotation security-group-inbound-cidr to inbound-cidr(#733, @M00nF1sh)
  • annotation ignore-host-header is removed. Please remove it from your ingress.(Host condition will only be applied if you have specified host in your ingress spec)
  • IAM policy have been changed. Please refer iam-policy.json
  • --ingress-class flag behavior has changed: (note: --ingress-class=alb is set in helm chart/example yaml by default)
    • new behavior:
      • If --ingress-class=xxx flag is set, only ingress with kubernetes.io/ingress.class: xxx annotation will be targeted.
      • If --ingress-class=xxx flag is not set, both ingress without kubernetes.io/ingress.class or with kubernetes.io/ingress.class: alb will be targeted.
    • old behavior:
      • If --ingress-class=xxx flag is set, and xxx is not alb, only ingress with kubernetes.io/ingress.class: xxx annotation will be targeted.
      • if --ingress-class flag is not set, or set as --ingress-class=alb, both ingress without kubernetes.io/ingress.class or with kubernetes.io/ingress.class: alb will be targeted.

Other notable changes

Assets 2
Loading

1.0-beta.7

27 Sep 00:05
@M00nF1sh M00nF1sh
1.0-beta.7
b2ff2d6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.0-beta.7 Pre-release
Pre-release

New Feature:

  1. ingress paths without backend is now default to 404(previously, it's default to the first backend available).
    An implicit of this is that path:/ need to be changed to path:/* to match all paths

Bug Fixes:

  1. http->https redirection now works
  2. Multiple ENI issue
  3. Multiple issues for IP target mode
  4. Annotation merging
  5. other issues

Refactor:

  1. caching/tracing for API calls are now implemented at AWS session level
  2. securityGroup handling is fully refactored
Assets 2
Loading