-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
add security group option for network load balancer #1282
Comments
Hey @w0aw, thanks for bringing this up! I assume you're referring to the You're correct that it (and the ALB resource) is lacking a way to configure security groups for the NLB right now. I'm gonna work on prioritizing this. As a workaround you could use transformations (https://www.pulumi.com/docs/concepts/options/transformations/) to inject the |
hi @flostadler, thanks for resolving this issue. can you please confirm how long it will take to get merged and npm release? |
Since August 23 NLBs support Security Groups as well now (see [AWS blog post](https://aws.amazon.com/blogs/containers/network-load-balancers-now-support-security-groups/)). This change adds the parameter for configuring security groups to the NLB component. The one notable difference compared to the ALB component is that I refrained from adding the default security group. For NLBs security groups cannot be added if none are currently present, and cannot all be removed once added. Adding a default security group to NLBs would cause replacements during upgrades. Fixes #1282 Also re-enabled the LB upgrade tests and re-recorded them. They were failing because they were using invokes under the hood to get the default subnet. Invokes are not compatible with upgrade tests because they don't use the recorded calls and instead reach out to the cloud instead. Fixes #1265 & #1114
Hey @w0aw, I just merged this. If all goes according to plan the release should be done by the end of today. I'll give an update here once that's done |
@w0aw this got released just now as part of https://github.com/pulumi/pulumi-awsx/releases/tag/v2.10.0 |
Hello!
Issue details
i have an k3s cluster running on private subnet. with 2 k3s master nodes behind an NLB and now if i try to join a new worker node using NLB dns then it fails. like the dns resolves to some private ips which are not reachable and curretly i am using a single master node's private ip join new worker nodes. if somehow i can add a security group (that allow all ingress traffic from same vpc) then this issue can be solved.
Affected area/feature
thank you. i hope i am on right place
The text was updated successfully, but these errors were encountered: