Annotation key can get more than 63 character which is not allowed in kubernetes

kubernetes-sigs / aws-load-balancer-controller

A Kubernetes controller for Elastic Load Balancers

https://kubernetes-sigs.github.io/aws-load-balancer-controller/

Apache License 2.0

3.84k stars 1.42k forks source link

Annotation key can get more than 63 character which is not allowed in kubernetes #3507

Closed frank-bee closed 3 hours ago

frank-bee commented 7 months ago

Describe the bug For very long service names (in our case generated ones), the annotation alb.ingress.kubernetes.io/conditions.<service name> gets too long (more than 63 characters).

Steps to reproduce Create an Ingress for long service name where the annotation key, e.g. alb.ingress.kubernetes.io/conditions.<service name> is more than 63 char.

Expected outcome It should be possible to create the annotation. E.g. the service name should be rather part of the value of an annotation.

Environment

AWS Load Balancer controller version v2.6
Kubernetes version 1.28
Using EKS (yes/no), if so version? yes

Additional Context: see also https://github.com/loft-sh/vcluster/issues/1385

M00nF1sh commented 7 months ago

@frank-bee I don't think there is a solution for this at this moment given the 63 char annotation limit is a hard limit by Kubernetes. Possible workarounds for now is

generate shorter service names
use other means to manage the alb/listener/targetGroups(e.g. cdk/aws API), and use the targetgroupbinding feature to managed the updates of targetGroups.

I can see one approaches to address this problem, and it can be a feature request

leverage IngressBackend.resource](https://kubernetes.io/docs/reference/kubernetes-api/service-resources/ingress-v1/#IngressBackend) to use a CRD to define additional path specific attributes(instead of annotation).

frank-bee commented 7 months ago

I think using IngressBackend.resource would be a little overkill. The ref. from Ingress To the service works fine , it is just about the AWS specific annotation. Why don't you use an annotation value to carry data? The annotation key could be something like 'service-ref-X', for example 'service-ref-1'.
The max. Length of keys should be predictable, which is not the case if data like the service name is carried. Somehow a design issue I find.

frank-bee commented 7 months ago

If working with json data in an annotation value, even all conditions and actions (at least) could be encapsulated in one single annotation. Would be also easier to read if it is a multiline string. Something similar is done for traffic splitting.

k8s-triage-robot commented 2 months ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Mark this issue as fresh with /remove-lifecycle stale
Close this issue with /close
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot commented 1 month ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Mark this issue as fresh with /remove-lifecycle rotten
Close this issue with /close
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot commented 3 hours ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Reopen this issue with /reopen
Mark this issue as fresh with /remove-lifecycle rotten
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

k8s-ci-robot commented 3 hours ago

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to [this](https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/3507#issuecomment-2251671144): >The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. > >This bot triages issues according to the following rules: >- After 90d of inactivity, `lifecycle/stale` is applied >- After 30d of inactivity since `lifecycle/stale` was applied, `lifecycle/rotten` is applied >- After 30d of inactivity since `lifecycle/rotten` was applied, the issue is closed > >You can: >- Reopen this issue with `/reopen` >- Mark this issue as fresh with `/remove-lifecycle rotten` >- Offer to help out with [Issue Triage][1] > >Please send feedback to sig-contributor-experience at [kubernetes/community](https://github.com/kubernetes/community). > >/close not-planned > >[1]: https://www.kubernetes.dev/docs/guide/issue-triage/ Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.