How to debug alb.ingress.kubernetes.io/group.name reconciliation when using EKS automode #4184
Description
Hi,
I'd just like some guidance as to how to debug why to Ingress resources aren't sharing the same ALB once annotated with alb.ingress.kubernetes.io/group.name
My annotations on the two ingresses are as follows
alb.ingress.kubernetes.io/actions.ssl-redirect: IDENTICAL
alb.ingress.kubernetes.io/certificate-arn: DIFFERENT
alb.ingress.kubernetes.io/group.name: restricted
alb.ingress.kubernetes.io/inbound-cidrs: IDENTICAL
alb.ingress.kubernetes.io/listen-ports: IDENTICAL
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/wafv2-acl-arn: IDENTICAL
As you see the only annotation that differs is alb.ingress.kubernetes.io/certificate-arn which I thought would be merged.
The ingresses are in different namespaces .
I haven't managed to find anything useful in Cloudwatch .
The rules in each ingress look like
rules:
- host: domain1.com
http:
paths:
- backend:
service:
name: api
port:
number: 8080
path: /*
pathType: ImplementationSpecific