search

aws / aws-application-networking-k8s

A Kubernetes controller for Amazon VPC Lattice
https://www.gateway-api-controller.eks.aws.dev/
Apache License 2.0
175 stars 50 forks source link

Add support for clusters running in private VPC #627

Closed aaroniscode closed 6 months ago

aaroniscode commented 7 months ago

NOTE: This is a draft PR for review by the team. If the design of the feature is approved, I will add any required tests.

What type of PR is this? feature

Which issue does this PR fix: no open Issue

What does this PR do / Why do we need it: Add support for clusters running in private VPC. Today the controller won't function in a fully private VPC as there is no PrivateLink support for the ResourceTagging API

If an issue # is not available please add repro steps and logs from aws-gateway-controller showing the issue: Create a private VPC (one that cannot access the Internet) and try to the Getting Started Guide

Testing done on this change: ran the controller locally and tested the Getting Started Guide

Automation added to e2e: none at this time

Will this PR introduce any new dependencies?: No

Will this break upgrades or downgrades. Has updating a running cluster been tested?: No breakage

Does this PR introduce any user-facing change?: Yes.

New `DISABLE_TAGGING_SERVICE_API` environment variable. If you are running a cluster in a Private VPC, this will allow Tag queries using the Lattice API which can be accessed using a PrivateLink endpoint.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

aaroniscode commented 6 months ago

@erikfuller I think the PR has addresses all your feedback and I appreciate the test guidance. Also rebased as there was a conflict.