User Story

As a user I want to create a dual stack (IPv4/IPv6) network load balancer on AWS without relying on the AWS Load Balancer Controller (https://kubernetes-sigs.github.io/aws-load-balancer-controller)

Background

Customers have a growing need to provide IPv6 within their environments. On AWS, there is a load balancer controller that implements a number of fine grained controls including adding dual stack support; however, there is not support for creating a dual stack network load balancer within https://github.com/kubernetes/cloud-provider-aws.

Our customers would like to be able to configure dual stack network load balancers without installed the ALBC.

Steps

• Add support for the annotation {{service.beta.kubernetes.io/aws-load-balancer-type }}to the network load balancer implementation.
  • Valid values are "ipv4" (default) and "dualstack"
  • This will control the external accessibility of the load balancer, so that IPv4 and IPv6 traffic can both reach it.
  • IPv6 traffic to the target nodes will be handled in a separate story.
• Update controller to not operate on Services of type LoadBalancer if the field `.spec.loadBalancerClass` is set. This field is for explicitly using a load balancer implementation that lives outside the cloud provider. See https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class for more details.
• This is only for new clusters and load balancers, not upgrades.

Stakeholders

• <Who is interested in this/where did they request this>

Definition of Done

• Without installing the ALBC, a cluster provisioned on AWS should be able to create Services with the service.beta.kubernetes.io/aws-load-balancer-type annotation set to dualstack and both ipv4 and ipv6 traffic should reach it.
  • The generated Service should have two entries in .status.ingress, one for each IP family.

• Docs

• Document the annotation and valid values.

• Testing

• Add tests to confirm IPv6 traffic reaches the network load balancer.