Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

delete.protection=true in NLB #3957

Open
mo-saeed opened this issue Nov 27, 2024 · 1 comment
Open

delete.protection=true in NLB #3957

mo-saeed opened this issue Nov 27, 2024 · 1 comment

Comments

@mo-saeed
Copy link

Right now I have ingress-nginx helm chart which uses aws load balancer controller annotations to spawn a AWS NLB and it works perfectly fine.

I have recently tried this annoation

            service.beta.kubernetes.io/aws-load-balancer-attributes: deletion_protection.enabled=true

which also works, incase by mistake I deleted the ingress-nginx service the K8s service will be protected and LB as well which is very good. the problem is the controller will not be able to reconcile this service anymore and will always show this error

2024-11-27T19:25:00.095334831Z {"level":"error","ts":"2024-11-27T19:25:00Z","msg":"Reconciler error","controller":"service","namespace":"infra-ingress","name":"ingress-nginx-controller","reconcileID":"312d073e-8780-4700-87f6-f563bd87578c","error":"deletion_protection is enabled, cannot delete the service: ingress-nginx-controller"}

Is there anyway to get aws loadbalancer controller to the first state where it can again reconcile the service as normal ?

if i changed this service.beta.kubernetes.io/aws-load-balancer-attributes: deletion_protection.enabled=true to false then it starts deleting the service with the associated LB which is a big problem in this case.

@zac-nixon
Copy link
Collaborator

It's not possible to reverse the deletion of the resource once it's initiated. The best we can support right with current Kubernetes limitations is to block deletion of your service until you migrate your infrastructure to a new service.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants