Automated cherry pick of #1153: e2e/deps: enhance test scenarios with NLB #1161: e2e/loadbalancer: implement hairpin connection cases #1215: refact: e2e tests documenting hooks and enhance logging/steps #1217: e2e/debug: increase data collection on e2e failures #1214: doc/service: describe supported target group attributes#1318
Merged
k8s-ci-robot merged 9 commits intokubernetes:release-1.31from Jan 21, 2026
Conversation
This change enhance test scenarios by: - supporting more distributions which does not allow pods to bind on privileged ports (default behavior of libjig, see issue - refact tests to allow adding more cases - introduce tests to NLB, including advanced tests to validate the node selector annotation. AWS SDK is added to satisfy this validatoin.
Implementing the hairpin connection test cases, and exposing an issue on NLB with internal scheme which fails when the client is trying to access a service loadbalancer which is hosted in the same node. The hairpin connection is caused by the client IP preservation attribute is set to true (default), and the service does not provide an interface to prevent the issue. The e2e is expecting to pass to prevent permanent failures in CI, but it is tracked by an issue kubernetes#1160.
This change enhance the logging and ginkgo steps of the loadbalancer reachable e2e test cases. The Hooks, created to allow test case customization, is renamed and documented. Finally the configuration are encapsulated into a single structure to enhance parallel tests.
Document the new annotation for NLB to handle target group attributes, with examples and restrictions.
Implementing the hairpin connection test cases, and exposing an issue on NLB with internal scheme which fails when the client is trying to access a service loadbalancer which is hosted in the same node. The hairpin connection is caused by the client IP preservation attribute is set to true (default), and the service does not provide an interface to prevent the issue. The e2e is expecting to pass to prevent permanent failures in CI, but it is tracked by an issue kubernetes#1160.
Introduce pre-flight validations adding pre-flight checks for EnsureLoadBalancer with tasks to validate Service object constraints prior making calls to the provider. This aims to prevent changes to the resources when invalid configuration is provided. Currently only NLB target group attributes validations is added as part of this change. feat/tg-attr: support target group attrib annotation on NLB
Introduce the target group annotation[1] for all listeners on a Service type-loadBalancer NLB. [1] Annotation service.beta.kubernetes.io/aws-load-balancer-target-group-attributes The annotation provides a interface for users to opt into non-default configurations of a target group when creating or updating a Service. This change also provides a fix for a critical hairpin bug impacting NLB default configuration (using target type instance), which disables the 'preserve source ip configuration' attribute, leading to timeouts in such scenario.
k8s-ci-robot
added
the
do-not-merge/release-note-label-needed
k8s-ci-robot
added
cncf-cla: yes
k8s-ci-robot
added
the
lgtm
Member
Author
|
/test pull-cloud-provider-aws-e2e |
k8s-ci-robot
removed
the
lgtm
vitrixLab
reviewed
Jan 12, 2026
There was a problem hiding this comment.
Resolved merge conflicts by aligning e2e test helpers with the updated upstream signatures that now require context.Context.
Specifically:
- Added
context.TODO()to e2e helper calls (WaitForLoadBalancer,Run,UpdateService,TestReachableHTTP,WaitForLoadBalancerDestroy) to match current function signatures. - Removed duplicate variable declaration for
loadBalancerCreateTimeout. - Preserved existing test logic and behavior; changes are limited to signature compatibility and conflict cleanup only.
No functional changes to test semantics—this is a mechanical resolution to keep the cherry-picked commits compatible with release-1.31.
Backport upstream commits #1153, #1161, #1215, #1217, #1214 to release-1.31.
Conflict resolution details:
- Updated calls to match upstream API signatures that now require
context.Context, applyingcontext.TODO()where appropriate. - Removed duplicate variable declaration for
loadBalancerCreateTimeout. - No functional changes were introduced — existing test logic and behavior are preserved.
- All tests pass after resolving conflicts.
These changes ensure the cherry-picked fixes cleanly apply to the release-1.31 branch and maintain compatibility with upstream helper signatures.
Contributor
|
/triage accepted |
k8s-ci-robot
added
triage/accepted
Member
Author
|
/approve |
Contributor
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: elmiko, kmala, yue9944882 The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
Contributor
|
/lgtm |
k8s-ci-robot
added
the
lgtm
kmala
deleted the
automated-cherry-pick-of-#1153-#1161-#1215-#1217-#1214-upstream-release-1.31
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cherry pick of #1153 #1161 #1215 #1217 #1214 on release-1.31.
#1153: e2e/deps: enhance test scenarios with NLB
#1161: e2e/loadbalancer: implement hairpin connection cases
#1215: refact: e2e tests documenting hooks and enhance logging/steps
#1217: e2e/debug: increase data collection on e2e failures
#1214: doc/service: describe supported target group attributes
For details on the cherry pick process, see the cherry pick requests page.