Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(elasticloadbalancingv2): alb dualstack without public ipv4 #30248

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

feat(elasticloadbalancingv2): alb dualstack without public ipv4 #30248

wants to merge 7 commits into from

Conversation

mazyu36
Copy link
Contributor

@mazyu36 mazyu36 commented May 17, 2024
edited

Issue # (if applicable)

Closes #30256.

Reason for this change

ALB supported a new dual-stack ALB without public IPv4.

https://aws.amazon.com/jp/about-aws/whats-new/2024/05/application-load-balancer-ipv6-internet-clients/

Description of changes

Add IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4

Description of how you validated changes

Add unit tests & integ tests

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@aws-cdk-automation aws-cdk-automation requested a review from a team May 17, 2024 01:26
@github-actions github-actions bot added p2 valued-contributor [Pilot] contributed between 6-12 PRs to the CDK labels May 17, 2024
@mazyu36 mazyu36 marked this pull request as ready for review May 17, 2024 04:11
@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label May 17, 2024
@watany-dev
Copy link
Contributor

To cdkteam, why not keep the IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4 identifier but add the IpAddressType.IPV6 alias? This is essentially easy to understand.

@go-to-k go-to-k mentioned this pull request May 17, 2024
Open
2 tasks
pahud
pahud reviewed May 17, 2024
View reviewed changes
packages/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-load-balancer.ts
@@ -186,6 +186,11 @@ export class ApplicationLoadBalancer extends BaseLoadBalancer implements IApplic
});

this.ipAddressType = props.ipAddressType ?? IpAddressType.IPV4;

if (props.ipAddressType === IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4 && !props.internetFacing) {
throw new Error('dual-stack without public IPv4 address can only be used with internet-facing scheme.');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do you have the link of the document about this restriction?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pahud
Thank you for your comment.
That restriction is not mentioned in the documentation, but it is stated on the management console.

image

If the internal scheme is selected, the "Dual-stack without public IPv4" option disappears and cannot be configured.

image

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome!

pahud
pahud reviewed May 17, 2024
View reviewed changes
Copy link
Contributor

@pahud pahud left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DUAL_STACK_WITHOUT_PUBLIC_IPV4 supports ALB only, should we have a check that if the elbv2 with that ipAddressType is not ALB we should throw the error?

Should we add this in base-load-balancer.ts?

    // DUAL_STACK_WITHOUT_PUBLIC_IPV4 only available for ALB
    if (additionalProps.ipAddressType === IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4 &&
      additionalProps.type !== cxschema.LoadBalancerType.APPLICATION) {
      throw new Error(`'ipAddressType' DUAL_STACK_WITHOUT_PUBLIC_IPV4 can only be used with ALB, got ${additionalProps.type}`);
    }

@pahud
Copy link
Contributor

pahud commented May 17, 2024

To cdkteam, why not keep the IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4 identifier but add the IpAddressType.IPV6 alias? This is essentially easy to understand.

At this moment, CFN does not have ipv6 in its IpAddressType. I would avoid using that because it could mean something else when CFN adds that in the future.

@mazyu36
Copy link
Contributor Author

mazyu36 commented May 17, 2024

DUAL_STACK_WITHOUT_PUBLIC_IPV4 supports ALB only, should we have a check that if the elbv2 with that ipAddressType is not ALB we should throw the error?

Should we add this in base-load-balancer.ts?

    // DUAL_STACK_WITHOUT_PUBLIC_IPV4 only available for ALB
    if (additionalProps.ipAddressType === IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4 &&
      additionalProps.type !== cxschema.LoadBalancerType.APPLICATION) {
      throw new Error(`'ipAddressType' DUAL_STACK_WITHOUT_PUBLIC_IPV4 can only be used with ALB, got ${additionalProps.type}`);
    }

DUAL_STACK_WITHOUT_PUBLIC_IPV4 supports ALB only, should we have a check that if the elbv2 with that ipAddressType is not ALB we should throw the error?

Should we add this in base-load-balancer.ts?

    // DUAL_STACK_WITHOUT_PUBLIC_IPV4 only available for ALB
    if (additionalProps.ipAddressType === IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4 &&
      additionalProps.type !== cxschema.LoadBalancerType.APPLICATION) {
      throw new Error(`'ipAddressType' DUAL_STACK_WITHOUT_PUBLIC_IPV4 can only be used with ALB, got ${additionalProps.type}`);
    }

@pahud
Thank you. I also thought it would be better to have validation.
I have added the validation and a unit test.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 97a3b48
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@github-actions github-actions bot mentioned this pull request May 20, 2024
Closed
@urda
Copy link

urda commented May 20, 2024

Featured in the weekly roundup, adding this quickly will help teams drive lower costs.

@github-actions github-actions bot added effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. labels May 21, 2024
@github-actions github-actions bot mentioned this pull request Jun 1, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pahud pahud pahud left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2 pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. valued-contributor [Pilot] contributed between 6-12 PRs to the CDK
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

elbv2: IPv6 only support
5 participants
@mazyu36 @watany-dev @pahud @aws-cdk-automation @urda