From 37427194271b149343c1213c8728db2750a50fc2 Mon Sep 17 00:00:00 2001 From: Margo Crawford Date: Mon, 29 Mar 2021 13:40:22 -0700 Subject: [PATCH] Add annotation to make the idle timeout be over 1 hour rather than 1 minute - Note that 4000 seconds is the maximum value that AWS allows. --- internal/controller/impersonatorconfig/impersonator_config.go | 3 +++ .../controller/impersonatorconfig/impersonator_config_test.go | 1 + 2 files changed, 4 insertions(+) diff --git a/internal/controller/impersonatorconfig/impersonator_config.go b/internal/controller/impersonatorconfig/impersonator_config.go index 72cd4d68..ae99de98 100644 --- a/internal/controller/impersonatorconfig/impersonator_config.go +++ b/internal/controller/impersonatorconfig/impersonator_config.go @@ -441,6 +441,9 @@ func (c *impersonatorConfigController) ensureLoadBalancerIsStarted(ctx context.C Name: c.generatedLoadBalancerServiceName, Namespace: c.namespace, Labels: c.labels, + Annotations: map[string]string{ + "service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout": "4000", // AWS' default is to time out after 60 seconds idle. Prevent that. + }, }, } plog.Info("creating load balancer for impersonation proxy", diff --git a/internal/controller/impersonatorconfig/impersonator_config_test.go b/internal/controller/impersonatorconfig/impersonator_config_test.go index d785d67f..8b9b107b 100644 --- a/internal/controller/impersonatorconfig/impersonator_config_test.go +++ b/internal/controller/impersonatorconfig/impersonator_config_test.go @@ -882,6 +882,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { r.Equal(corev1.ServiceTypeLoadBalancer, createdLoadBalancerService.Spec.Type) r.Equal("app-name", createdLoadBalancerService.Spec.Selector["app"]) r.Equal(labels, createdLoadBalancerService.Labels) + r.Equal(map[string]string{"service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout": "4000"}, createdLoadBalancerService.Annotations) } var requireLoadBalancerWasDeleted = func(action coretesting.Action) {