Please add the possibility to set a load balancer label using an annotation like "service.beta.kubernetes.io/vultr-loadbalancer-label", otherwise the load balancer is simply created with the ID as name

Hi! Is a CSI driver, either in the controller manager or separate, planned? Thanks!

Describe the bug
For some reason using described annotations makes my endpoints serve http instead of https, I don't have enough knowledge to explain/understand properly but using those as per the doc results in net::ERR_SSL_PROTOCOL_ERROR and let's encrypt throwing Server only speaks HTTP, not TLS

    service.beta.kubernetes.io/vultr-loadbalancer-protocol: "http"
    service.beta.kubernetes.io/vultr-loadbalancer-algorithm: "least_connections"
    service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-protocol: 'http'
    service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-path: '/health'
    service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-check-interval: '10'
    service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-response-timeout: '5'
    service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-unhealthy-threshold: '5'
    service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-healthy-threshold: '5'

To Reproduce
Use the caddy ingress helm-chart with the annotations above

Expected behavior
Not using the annotations make the endpoint work fine

Migrate the CCM over to GoVultr v2. This will introduce pagination, consistent typing, and allow us to remove a good chunk of code that was required for the CCM to work with v1 of the API.

Create documentation for how to use the CCM along with yaml files to easily deploy

Setup and configured e2e testing for this ccm

Describe the bug
A clear and concise description of what the bug is.

In cloud-controller-manager example the region value is mentioned in line 7:
"# Replace the api-key and region with proper values"
However, there's no setting to configure the value.

To Reproduce
Steps to reproduce the behavior:

1. Go to cloud-controller-manager.yml , line 7
2. There is no line in the file where region variable exist as opposed to the API key.

Expected behavior
Region value should exist in the file and should be replaced like the API key value.

Screenshots
Not required.

Desktop (please complete the following information where applicable:
Not required.

Additional context

None

Update the Kubernetes deps from 1.19.x to 1.20.x

Is your feature request related to a problem? Please describe.
Vultr load balancer allows you to specify "cloudflare" as the firewall source, but vke allows you to specify only cidr as the firewall source.
https://github.com/vultr/vultr-cloud-controller-manager/blob/v0.6.0/vultr/loadbalancers.go#L736

Describe the solution you'd like
Like the Vultr load balancer, allow cloudflare to be the source of vke firewall rules.

implement the ccm zones interface

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

Describe the bug
Apologies if this is not the correct place to log this, but I'm also logging it with ingress-nginx.
Had a load balancer completely fail today for no obvious reason, couldn't access the cluster, so I destroyed it and rebuilt it (it's using the Terraform condor plugin)
When bringing everything back up (same versions as prior to destroying it) I'm now getting the below error when trying to bring up a load balancer through ingress-nginx

Error syncing load balancer: failed to ensure load balancer: error getting the provider ID : providerID cannot be an empty string

The logs in the Vultr CCM pod are spamming this constantly

I0114 16:22:49.318052       1 event.go:291] "Event occurred" object="default/ingress-nginx-controller" kind="Service" apiVersion="v1" type="Normal" reason="EnsuringLoadBalancer" message="Ensuring load balancer"
E0114 16:22:49.466674       1 controller.go:275] error processing service default/ingress-nginx-controller (will retry): failed to ensure load balancer: error getting the provider ID  : providerID cannot be an empty string

Has anything changed that could cause this in the last 6 months? (that's how long it's been since I brought up the original cluster)
Or is there any way I can debug to find out what providerID is? (I've done lots of searching and cannot see any reference to it in either package)

To Reproduce
Steps to reproduce the behavior:

1. Bring up a kubernetes cluster in terraform using Condor
2. Install the Helm chart from ingress-nginx
   helm upgrade --install ingress-nginx ingress-nginx --repo https://kubernetes.github.io/ingress-nginx --namespace default --values=values.yml
3. Watch the services for ingress-nginx-controller - it will remain in the "Pending" state
4. See the event log says the given error message
5. Check the Vultr CCM pod, see the above error messages

Expected behavior
A load balancer to be provisioned

Screenshots
N/A

Desktop (please complete the following information where applicable:
N/A

Additional context

contents of values.yml in the reproduction steps:

controller:
  config:
    use-forwarded-headers: "true"
    compute-full-forwarded-for: "true"
    use-proxy-protocol: "true"
  service:
    annotations:
      service.beta.kubernetes.io/vultr-loadbalancer-proxy-protocol: "true"

Again, sorry if this is the wrong place to post this, please let me know if there's a better place to ask.

Is your feature request related to a problem? Please describe.

There are many scenarios when you might not want the Vultr CCM to create a loadbalancer. Even if you have a different k8s load balancing solution, the CCM will create a vultr loadbalancer in addition to the one you actually want.

An example use case is that Vultr has fantastic BGP support, and you may want to use metallb instead of a third party node balancer. In this case, you likely still want to have the other features of the CCM such as putting the node into the proper state for pod scheduling.

Describe the solution you'd like

A way to turn off load balancer creation. Either with an opt-out or opt-in service annotation, or even a global flag that can be set on the cluster.

Describe alternatives you've considered

The alternative is to just not run the CCM, which works okay, but isn't the ideal scenario.

Hi,

I had a question regarding Vultr in relation to on-demand pricing. How might one automatically adjust Vultr resource allocation to reflect actual demand, possibly making use of Kubernetes autoscaling to do so?

It seems like the node pool size is fixed, so the Kubernetes autoscaling won't affect the actual underlying resource allocation and the associated Vultr billing cost. I was hoping to simulate something a bit like AWS Lambda functions, where idle time is basically free.

Cheers!

I created a LB using a k8s service definition, however, if i set the annotation "service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-port" CCM complains about missing port in the service, even if it is set.

"Event occurred" object="ingress-nginx/ingress-nginx-lb-service" fieldPath="" kind="Service" apiVersion="v1" type="Warning" reason="SyncLoadBalancerFailed" message="Error syncing load balancer: failed to ensure load balancer: provided health check port 10254 does not exist for service ingress-nginx/ingress-nginx-lb-service"

But like you can see in this service definition, that port is configured

As workaround i now use TCP and the k8s standard port (which is in fact simply the Node port which is mapped to nginx port 80) but this is not a reliable configuration

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information where applicable:

• OS: [e.g. iOS]
• Language Version [e.g. PHP7, Go 1.12]
• Browser [e.g. stock browser, safari]
• Version [e.g. 22]

Additional context

Add any other context about the problem here.

Describe the bug
When creating a service of LoadBalancer type I would expect there would either be annotation I can pass or loadBalancerIP field to use previously reserved IP address.

To Reproduce
Steps to reproduce the behavior:
Create a service with field loadBalancerIP
Newly create IP is being assigned

Expected behavior
A clear and concise description of what you expected to happen.

Implement the ccm instances interface

Implement unit tests for

• instances.go
• zones.go
• loadbalancers.go

For standalone LBs, Vultr allows configuring PTR records for both IPv4 and IPv6. For LBs provisioned and managed by vultr-cloud-controller-manager, this capability should be surfaced via annotations.

For v4, this is a simple scalar value.

For v6, the console allows creating multiple addresses. As I'm new to Vultr, I'm not clear on the use case yet (because while creating PTRs for IPv6 addresses other than the one presented does properly resolve, it doesn't cause the LB to bind to this address), but a format similar to firewall-rules would make sense, where you have a semicolon delimited list defining multiple addresses. Each element of the list can be in the form <64-bit suffix>,<hostname> or, for the LB's primary assigned IP, simply <hostname>.

Thanks!

Implement the ccm LB interface. This will allow load balancers to be configured and deployed by the CCM

Describe the bug

Its not pushed to docker hub
Normal | BackOff (4) | 6 mins ago | Back-off pulling image "vultr/vultr-cloud-controller-manager:v0.9.0"

Expected behavior
image to be available on docker hub

Is your feature request related to a problem? Please describe.
The front end and back end protocols are always the same as defined at https://github.com/vultr/vultr-cloud-controller-manager/blob/master/vultr/loadbalancers.go#L603
In the Vultr Load Balancer, it is possible to use HTTPS on the LB Protocol and HTTP on the Instance Protocol.
I want to use SSL termination at the Vultr Load Balancer so my application doesn't have to care about the SSL certificates. It works on a manually created Load Balancer where the configuration is HTTPS on the LB Protocol and HTTP on the Instance Protocol.
Currently, the backend protocol is always HTTPS. Therefore, I have to use an additional NGINX reverse proxy to handle the HTTPS. It is unnecessary in my opinion.
Another solution is to use the NGINX ingress controller. That means I can't take advantage of the SSL Termination at the Load Balancer and my nodes have to perform the SSL termination.

Describe the solution you'd like
Works the same as Vultr Load Balancer (HTTPS on LB and HTTP on instance protocol)