You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| `oci-load-balancer-internal` | Create an [internal load balancer][1]. Cannot be modified after load balancer creation. | `false` |
28
29
| `oci-load-balancer-shape` | A template that determines the load balancer's total pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Available shapes include `100Mbps`, `400Mbps`, `8000Mbps` and `flexible`. Use `oci lb shape list` to get the list of shapes supported on your account | `"100Mbps"` |
29
-
| `oci-load-balancer-shape-flex-min` | A template that determines the load balancer's minimum pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Only used when `oci-load-balancer-shape` is set to `flexible` | `N/A` |
30
-
| `oci-load-balancer-shape-flex-max` | A template that determines the load balancer's maximum pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Only used when `oci-load-balancer-shape` is set to `flexible` | `N/A` |
31
-
| `oci-load-balancer-subnet1` | The OCID of the one required regional subnet to attach the load balancer to OR The OCID of the first [subnet][2] of the two required Availability Domain specific subnets to attach the load balancer to. Must be in separate Availability Domains. | Value provided in config file |
32
-
| `oci-load-balancer-subnet2` | The OCID of the second [subnet][2] of the two required subnets to attach the load balancer to. Must be in separate Availability Domains. | Value provided in config file |
33
-
| `oci-load-balancer-health-check-retries` | The number of retries to attempt before a backend server is considered "unhealthy". | `3` |
34
-
| `oci-load-balancer-health-check-timeout` | The maximum time, in milliseconds, to wait for a reply to a [health check][6]. A [health check][6] is successful only if a reply returns within this timeout period. | `3000` |
35
-
| `oci-load-balancer-health-check-interval` | The interval between [health checks][6] requests, in milliseconds. | `10000` |
36
-
| `oci-load-balancer-connection-idle-timeout` | The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. | `300` for TCP listeners, `60` for HTTP listeners |
37
-
| `oci-load-balancer-security-list-management-mode` | Specifies the [security list mode](##security-list-management-modes) (`"All"`, `"Frontend"`,`"None"`) to configure how security lists are managed by the CCM. | `"All"`
38
-
| `oci-load-balancer-backend-protocol` | Specifies protocol on which the listener accepts connection requests. To get a list of valid protocols, use the [`ListProtocols`][5] operation. | `"TCP"`
39
-
| `oci-network-security-groups` | Specifies Network Security Groups' OCIDs to be associated with the loadbalancer. Please refer [here][8] for NSG details. | `N/A`
30
+
| `oci-load-balancer-shape-flex-min` | A template that determines the load balancer's minimum pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Only used when `oci-load-balancer-shape` is set to `flexible` | `N/A` |
31
+
| `oci-load-balancer-shape-flex-max` | A template that determines the load balancer's maximum pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Only used when `oci-load-balancer-shape` is set to `flexible` | `N/A` |
32
+
| `oci-load-balancer-subnet1` | The OCID of the one required regional subnet to attach the load balancer to OR The OCID of the first [subnet][2] of the two required Availability Domain specific subnets to attach the load balancer to. Must be in separate Availability Domains. | Value provided in config file |
33
+
| `oci-load-balancer-subnet2` | The OCID of the second [subnet][2] of the two required subnets to attach the load balancer to. Must be in separate Availability Domains. | Value provided in config file |
34
+
| `oci-load-balancer-health-check-retries` | The number of retries to attempt before a backend server is considered "unhealthy". | `3` |
35
+
| `oci-load-balancer-health-check-timeout` | The maximum time, in milliseconds, to wait for a reply to a [health check][6]. A [health check][6] is successful only if a reply returns within this timeout period. | `3000` |
36
+
| `oci-load-balancer-health-check-interval` | The interval between [health checks][6] requests, in milliseconds. | `10000` |
37
+
| `oci-load-balancer-connection-idle-timeout` | The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. | `300` for TCP listeners, `60` for HTTP listeners |
38
+
| `oci-load-balancer-security-list-management-mode` | Specifies the [security list mode](##security-list-management-modes) (`"All"`, `"Frontend"`,`"None"`) to configure how security lists are managed by the CCM. | `"All"` |
39
+
| `oci-load-balancer-backend-protocol` | Specifies protocol on which the listener accepts connection requests. To get a list of valid protocols, use the [`ListProtocols`][5] operation. | `"TCP"` |
40
+
| `loadbalancer-policy` | Specifies loadbalancer traffic policy for the loadbalancer. To get a list of valid policies, use the [`ListPolicies`][7] operation. | `"ROUND_ROBIN"` |
41
+
| `oci-network-security-groups` | Specifies Network Security Groups' OCIDs to be associated with the loadbalancer. Please refer [here][8] for NSG details. | `N/A`|
42
+
| `node-label-selector` | Specifies which nodes to add as a backend to the OCI Load Balancer and Network Load Balancer. | `N/A`|
40
43
41
44
Note:
42
45
- Only one annotation `oci-load-balancer-subnet1` should be passed if it is a regional subnet.
43
46
- `oci-network-security-groups`uses `oci.oraclecloud.com/` as prefix.
47
+
- `loadbalancer-policy`and `oci-network-security-groups` use `oci.oraclecloud.com/` as prefix.
44
48
## TLS-related
45
49
46
50
| Name | Description | Default |
@@ -49,11 +53,11 @@ Note:
49
53
| `oci-load-balancer-ssl-ports` | A `,` separated list of port number(s) for which to enable SSL termination. | `""` |
50
54
51
55
## Security List Management Modes
52
-
| Mode | Description |
53
-
|----| ----------- |
54
-
| `"All"` | CCM will manage all required security list rules for load balancer services |
56
+
| Mode | Description |
57
+
|--------------| ----------- |
58
+
| `"All"` | CCM will manage all required security list rules for load balancer services |
55
59
| `"Frontend"` | CCM will manage only security list rules for ingress to the load balancer. Requires that the user has setup a rule that allows inbound traffic to the appropriate ports for kube proxy health port, node port ranges, and health check port ranges. |
56
-
| `"None`" | Disables all security list management. Requires that the user has setup a rule that allows inbound traffic to the appropriate ports for kube proxy health port, node port ranges, and health check port ranges. *Additionally, requires the user to mange rules to allow inbound traffic to load balancers.* |
60
+
| `"None`" | Disables all security list management. Requires that the user has setup a rule that allows inbound traffic to the appropriate ports for kube proxy health port, node port ranges, and health check port ranges. *Additionally, requires the user to mange rules to allow inbound traffic to load balancers.* |
57
61
58
62
Note:
59
63
- If an invalid mode is passed in the annotation, then the default (`"All"`) mode is configured.
@@ -88,18 +92,18 @@ Note:
88
92
89
93
## Network Load Balancer Specific Annotations
90
94
91
-
| Name | Description | Default
92
-
| ----- | ----------- | -------
93
-
| `oci-network-load-balancer.oraclecloud.com/internal` | Create an [internal network load balancer][1]. Cannot be modified after load balancer creation. | `false`
94
-
| `oci-network-load-balancer.oraclecloud.com/subnet` | The OCID of the required regional or AD specific subnet to attach the network load balancer. | Value set for the cluster
95
-
| `oci-network-load-balancer.oraclecloud.com/oci-network-security-groups` | Specifies Network Security Groups' OCIDs to be associated with the network load balancer. | `""`
96
-
| `oci-network-load-balancer.oraclecloud.com/initial-freeform-tags-override` | Specifies one or multiple Freeform tags to apply to the OCI Network Load Balancer. | `""`
97
-
| `oci-network-load-balancer.oraclecloud.com/initial-defined-tags-override` | Specifies one or multiple Defined tags to apply to the OCI Network Load Balancer. | `""`
98
-
| `oci-network-load-balancer.oraclecloud.com/health-check-retries` | The number of retries to attempt before a backend server is considered "unhealthy". | `3`
99
-
| `oci-network-load-balancer.oraclecloud.com/health-check-timeout` | The maximum time, in milliseconds, to wait for a reply to a health check. A health check is successful only if a reply returns within this timeout period. | `3000 ms`
100
-
| `oci-network-load-balancer.oraclecloud.com/health-check-interval` | The interval between health checks requests, in milliseconds. | `3000 ms`
101
-
| `oci-network-load-balancer.oraclecloud.com/backend-policy` | The network load balancer policy for the backend set. Valid values: "TWO_TUPLE", "THREE_TUPLE", or "FIVE_TUPLE" | `"FIVE_TUPLE"`
102
-
| `oci-network-load-balancer.oraclecloud.com/security-list-management-mode` | Specifies the security list mode ("All", "Frontend","None") to configure how security lists are managed. | `"None"`
95
+
| Name | Description | Default|
96
+
| ----- | ----------- | ------- |
97
+
| `oci-network-load-balancer.oraclecloud.com/internal` | Create an [internal network load balancer][1]. Cannot be modified after load balancer creation. | `false`|
98
+
| `oci-network-load-balancer.oraclecloud.com/subnet` | The OCID of the required regional or AD specific subnet to attach the network load balancer. | Value set for the cluster|
99
+
| `oci-network-load-balancer.oraclecloud.com/oci-network-security-groups` | Specifies Network Security Groups' OCIDs to be associated with the network load balancer. | `""`|
100
+
| `oci-network-load-balancer.oraclecloud.com/initial-freeform-tags-override` | Specifies one or multiple Freeform tags to apply to the OCI Network Load Balancer. | `""`|
101
+
| `oci-network-load-balancer.oraclecloud.com/initial-defined-tags-override` | Specifies one or multiple Defined tags to apply to the OCI Network Load Balancer. | `""`|
102
+
| `oci-network-load-balancer.oraclecloud.com/health-check-retries` | The number of retries to attempt before a backend server is considered "unhealthy". | `3`|
103
+
| `oci-network-load-balancer.oraclecloud.com/health-check-timeout` | The maximum time, in milliseconds, to wait for a reply to a health check. A health check is successful only if a reply returns within this timeout period. | `3000 ms`|
104
+
| `oci-network-load-balancer.oraclecloud.com/health-check-interval` | The interval between health checks requests, in milliseconds. | `3000 ms`|
105
+
| `oci-network-load-balancer.oraclecloud.com/backend-policy` | The network load balancer policy for the backend set. Valid values: "TWO_TUPLE", "THREE_TUPLE", or "FIVE_TUPLE" | `"FIVE_TUPLE"`|
106
+
| `oci-network-load-balancer.oraclecloud.com/security-list-management-mode` | Specifies the security list mode ("All", "Frontend","None") to configure how security lists are managed. | `"None"`|
0 commit comments