Question 346273 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

Amazon web services – AWS ALB Ingress idle_timeout attribute doesn't work as expected

I have created an ingress with the following values. I need to upload big files. When I deploy this, it sets the load balancer idle timeout to 120 seconds. I want to set it to 1200. Even when I set this to a higher value from the UI, it goes back to 120 seconds after each deploy.

enter image description here

yaml:

ingress:
  enabled: enable
  className: alb
  annotations:
    alb.ingress.kubernetes.io/load-balancer-name: ssl-ingress
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]'
    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
    alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=1200
    alb.ingress.kubernetes.io/healthcheck-port: traffic-port
    alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5'
    alb.ingress.kubernetes.io/healthy-threshold-count: '2'
    alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'

Also I got following error on AWS ALB controller pod logs, I couldn’t find the target group, it simply doesn’t exist.:

{"level":"error","ts":"2024-01-31T15:34:24Z","msg":"Reconciler error","controller":"targetGroupBinding","controllerGroup":"elbv2.k8s.aws","controllerKind":"TargetGroupBinding","TargetGroupBinding":{"name":"k8s-test--d5f2ecdcad","namespace":"test"},"namespace":"test","name":"k8s-test--d5f2ecdcad","reconcileID":"90c34884-7389-4a6f-a14a-8c8cdc1ac917","error":"TargetGroupNotFound: Target groups ‘arn:aws:elasticloadbalancing:eu-central-1:**:targetgroup/k8s-test--d5f2ecdcad/837c1cc34395c35f’ not foundntstatus code: 400, request id: ad2b1d9a-6d60-4f1a-a588-2711da15dd03"}

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I was given 120 seconds while installing the alb-ingress helm chart. I upgraded the helm chart, and the issue was resolved.

    clusterName: ekstest

# the name of the IngressClass
ingressClass: alb

# works only if you have a working prometheus operator installed:
# https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack
serviceMonitor:
  enabled: false

# make sure to use OIDC for the following, or follow the instructions from here instead:
# https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/deploy/installation/#option-a-iam-roles-for-service-accounts-irsa
serviceAccount:
  create: false
  name: aws-load-balancer-controller

ingressClassParams:
  spec:
    scheme: internet-facing
    group:
      name: eks-alb-ingress
    loadBalancerAttributes:
      - key: deletion_protection.enabled
        value: "true" # deletion of all Ingress resources won't delete the ALB
      - key: idle_timeout.timeout_seconds
        value: "1200"
      - key: routing.http.drop_invalid_header_fields.enabled
        value: "true"
      - key: routing.http2.enabled
        value: "true"
      - key: routing.http.preserve_host_header.enabled
        value: "true"

  2. 0

    It is expected to get ALB parameters reverted. Cloud-controller manager reconcile these resources based on value written in etcd (what was defined in object).

    Make sure to update ALB parameters via annotation.

    The utilized annotation is correct which is “alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=1200”. However, provided error message is suggesting other issue.

    Try to fetch logs related to this annotation setup and let me take a look.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search