✨ elbv2/tg/api: expose API to customize LB/TG health check config

Expose the target health check attributes/API
allowing customizations for both API (default from LB),
and additional listeners, for each Load Balancer.

Considering the risk of wrong configurations, the The customization
for the target group attributes of API listener is limited to the
health check probe configurations (interval, timeout, threshold, etc).

The health check for the additional listeners can be customized,
including health check protocol, port, path, etc

Author: mtulio

api/v1beta1/awscluster_conversion.go

@@ -152,6 +152,7 @@ func restoreIPAMPool(restored, dst *infrav2.IPAMPool) {
 func restoreControlPlaneLoadBalancer(restored, dst *infrav2.AWSLoadBalancerSpec) {
 	dst.Name = restored.Name
 	dst.HealthCheckProtocol = restored.HealthCheckProtocol
+	dst.HealthCheck = restored.HealthCheck
 	dst.LoadBalancerType = restored.LoadBalancerType
 	dst.DisableHostsRewrite = restored.DisableHostsRewrite
 	dst.PreserveClientIP = restored.PreserveClientIP

api/v1beta1/zz_generated.conversion.go

@@ -220,6 +220,10 @@ type AWSLoadBalancerSpec struct {
 	// +optional
 	HealthCheckProtocol *ELBProtocol `json:"healthCheckProtocol,omitempty"`
 
+	// HealthCheck sets custom health check configuration to the API target group.
+	// +optional
+	HealthCheck *TargetGroupHealthCheckAPISpec `json:"healthCheck,omitempty"`
+
 	// AdditionalSecurityGroups sets the security groups used by the load balancer. Expected to be security group IDs
 	// This is optional - if not provided new security groups will be created for the load balancer
 	// +optional
@@ -257,11 +261,16 @@ type AdditionalListenerSpec struct {
 	// +kubebuilder:validation:Minimum=1
 	// +kubebuilder:validation:Maximum=65535
 	Port int64 `json:"port"`
+
 	// Protocol sets the protocol for the additional listener.
 	// Currently only TCP is supported.
 	// +kubebuilder:validation:Enum=TCP
 	// +kubebuilder:default=TCP
 	Protocol ELBProtocol `json:"protocol,omitempty"`
+
+	// HealthCheck sets the optional custom health check configuration to the API target group.
+	// +optional
+	HealthCheck *TargetGroupHealthCheckAdditionalSpec `json:"healthCheck,omitempty"`
 }
 
 // AWSClusterStatus defines the observed state of AWSCluster.

api/v1beta2/awscluster_types.go

@@ -104,12 +104,90 @@ var (
 
 // TargetGroupHealthCheck defines health check settings for the target group.
 type TargetGroupHealthCheck struct {
-	Protocol        *string `json:"protocol,omitempty"`
-	Path            *string `json:"path,omitempty"`
-	Port            *string `json:"port,omitempty"`
-	IntervalSeconds *int64  `json:"intervalSeconds,omitempty"`
-	TimeoutSeconds  *int64  `json:"timeoutSeconds,omitempty"`
-	ThresholdCount  *int64  `json:"thresholdCount,omitempty"`
+	Protocol                *string `json:"protocol,omitempty"`
+	Path                    *string `json:"path,omitempty"`
+	Port                    *string `json:"port,omitempty"`
+	IntervalSeconds         *int64  `json:"intervalSeconds,omitempty"`
+	TimeoutSeconds          *int64  `json:"timeoutSeconds,omitempty"`
+	ThresholdCount          *int64  `json:"thresholdCount,omitempty"`
+	UnhealthyThresholdCount *int64  `json:"unhealthyThresholdCount,omitempty"`
+}
+
+// TargetGroupHealthCheckAPISpec defines the optional health check settings for the API target group.
+type TargetGroupHealthCheckAPISpec struct {
+	// The approximate amount of time, in seconds, between health checks of an individual
+	// target.
+	// +kubebuilder:validation:Minimum=5
+	// +kubebuilder:validation:Maximum=300
+	// +optional
+	IntervalSeconds *int64 `json:"intervalSeconds,omitempty"`
+
+	// The amount of time, in seconds, during which no response from a target means
+	// a failed health check.
+	// +kubebuilder:validation:Minimum=2
+	// +kubebuilder:validation:Maximum=120
+	// +optional
+	TimeoutSeconds *int64 `json:"timeoutSeconds,omitempty"`
+
+	// The number of consecutive health check successes required before considering
+	// a target healthy.
+	// +kubebuilder:validation:Minimum=2
+	// +kubebuilder:validation:Maximum=10
+	// +optional
+	ThresholdCount *int64 `json:"thresholdCount,omitempty"`
+
+	// The number of consecutive health check failures required before considering
+	// a target unhealthy.
+	// +kubebuilder:validation:Minimum=2
+	// +kubebuilder:validation:Maximum=10
+	// +optional
+	UnhealthyThresholdCount *int64 `json:"unhealthyThresholdCount,omitempty"`
+}
+
+// TargetGroupHealthCheckAdditionalSpec defines the optional health check settings for the additional target groups.
+type TargetGroupHealthCheckAdditionalSpec struct {
+	// The protocol to use to health check connect with the target. When not specified the Protocol
+	// will be the same of the listener.
+	// +kubebuilder:validation:Enum=TCP;HTTP;HTTPS
+	// +optional
+	Protocol *string `json:"protocol,omitempty"`
+
+	// The port the load balancer uses when performing health checks for additional target groups. When
+	// not specified this value will be set for the same of listener port.
+	// +optional
+	Port *string `json:"port,omitempty"`
+
+	// The destination for health checks on the targets when using the protocol HTTP or HTTPS,
+	// otherwise the path will be ignored.
+	// +optional
+	Path *string `json:"path,omitempty"`
+	// The approximate amount of time, in seconds, between health checks of an individual
+	// target.
+	// +kubebuilder:validation:Minimum=5
+	// +kubebuilder:validation:Maximum=300
+	// +optional
+	IntervalSeconds *int64 `json:"intervalSeconds,omitempty"`
+
+	// The amount of time, in seconds, during which no response from a target means
+	// a failed health check.
+	// +kubebuilder:validation:Minimum=2
+	// +kubebuilder:validation:Maximum=120
+	// +optional
+	TimeoutSeconds *int64 `json:"timeoutSeconds,omitempty"`
+
+	// The number of consecutive health check successes required before considering
+	// a target healthy.
+	// +kubebuilder:validation:Minimum=2
+	// +kubebuilder:validation:Maximum=10
+	// +optional
+	ThresholdCount *int64 `json:"thresholdCount,omitempty"`
+
+	// The number of consecutive health check failures required before considering
+	// a target unhealthy.
+	// +kubebuilder:validation:Minimum=2
+	// +kubebuilder:validation:Maximum=10
+	// +optional
+	UnhealthyThresholdCount *int64 `json:"unhealthyThresholdCount,omitempty"`
 }
 
 // TargetGroupAttribute defines attribute key values for V2 Load Balancer Attributes.

api/v1beta2/network_types.go

@@ -1462,6 +1462,9 @@ spec:
                                     timeoutSeconds:
                                       format: int64
                                       type: integer
+                                    unhealthyThresholdCount:
+                                      format: int64
+                                      type: integer
                                   type: object
                                 vpcId:
                                   type: string
@@ -1678,6 +1681,9 @@ spec:
                                     timeoutSeconds:
                                       format: int64
                                       type: integer
+                                    unhealthyThresholdCount:
+                                      format: int64
+                                      type: integer
                                   type: object
                                 vpcId:
                                   type: string
@@ -3364,6 +3370,9 @@ spec:
                                     timeoutSeconds:
                                       format: int64
                                       type: integer
+                                    unhealthyThresholdCount:
+                                      format: int64
+                                      type: integer
                                   type: object
                                 vpcId:
                                   type: string
@@ -3580,6 +3589,9 @@ spec:
                                     timeoutSeconds:
                                       format: int64
                                       type: integer
+                                    unhealthyThresholdCount:
+                                      format: int64
+                                      type: integer
                                   type: object
                                 vpcId:
                                   type: string