-
Feature Request
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
False
-
None
-
False
-
Not Selected
-
-
-
1. Proposed title of this feature request
OpenShift Ingress Controller API should support all AWS NLB/CLB options
2. What is the nature and description of the request?
Currently, open source versions of the Kubernetes Ingress controller (such as the AWS Load Balancer Controller or the Nginx Ingress Controller) supports multiple annotations, allowing for configuration of NLBs and CLBs to include (but not limited to)
- access control
- proxy protocol
- preservation of client IP addresses to be true or false
- proxyProtocol v2
- and much more.
Our own implementation of this lacks most of this functionality. We should expand our default ingress controller to support more of these features to allow customers flexibility without needing to turn to third party alternatives.
3. Why does the customer need this? (List the business requirements here)
ROSA customers are forced to use the OpenShift Ingress Operator for the default Ingress controller, so if they need to use additional options on an NLB they are required to create a second one, which increases cost for the user, and undermines the fully managed nature of ROSA and the benefits this brings.
Customers often fall back or insist on using alternative ingress controllers, such as Nginx, etc., but that would undermine the reasons to use OpenShift/ROSA.
4. List any affected packages or components.
Appendix:
- It appears we have added ad-hoc features for individual clouds, such as proxy protocol for IBM cloud: https://github.com/openshift/api/blob/master/operator/v1/types_ingress.go#L654
- Having a page similar to https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/service/annotations/ for all supported annotations on our ingress controller would be an excellent addition for our documentation
