DocsICP FilingConsole
官方文档
首页

ALB Ingress Controller

更新时间:
复制 MD 格式
产品详情
我的收藏

ALB Ingress uses Alibaba Cloud Application Load Balancer (ALB) to provide a unified Ingress for services in a cluster. This topic describes the usage and release notes for the ALB Ingress Controller.

Usage

  • For more information about the ALB Ingress Controller, see ALB Ingress management.

  • To install the ALB Ingress Controller component, see Manage the ALB Ingress controller and Expose services with an ALB Ingress.

  • Due to security restrictions in ACK managed clusters, ACK managed clusters created after May 2024 no longer support the ALB Ingress Controller component v2.12.0-aliyun.1 or earlier. Upgrade to the latest version of the component promptly for continued support and stability.

Release notes

June 2026

Version

Date

Changes

Impact

v2.20.1

June 8, 2026

Optimizations:

  • Increased the wait time and retry count for asynchronous tasks.

Bug fixes:

  • Fixed a bug where clusters running version 1.20 or earlier failed to fall back from EndpointSlice to Endpoints for endpoint discovery.

No impact on services.

April 2026

Version

Release date

Changes

Impact

v2.20.0

April 16, 2026

New features:

  • You can now set accessLogRecordCustomizedHeadersEnabled to false by specifying accessLogRecordCustomizedHeadersAllowDisable: true in the logConfig of ListenerSpec.

  • The webhook now prevents the deletion of a Service or Secret used by an ALB Ingress.

  • A validation check is added to webhooks to ensure that when the path type is Prefix, the path cannot contain the wildcard character *.

Enhancements:

  • Reduces the controller memory footprint.

  • The controller now uses EndpointSlice instead of Endpoints for endpoint discovery by default.

  • Reduces the wait time for asynchronous server group tasks.

Bug fixes:

  • Fixes an issue where changes to the ALB resource group ID in AlbConfig did not take effect.

  • Fixes an issue where an invalid forwarding configuration for a custom forwarding rule could cause the controller to panic.

This upgrade has no impact on your workloads.

January 2026

Version

Release date

Changes

Impact

v2.19.1

February 12, 2026

Enhancements:

  • Added automatic retries for specific error codes when OpenAPI calls are throttled.

  • Added support for empty tag values and validation for duplicate tag keys.

Bug fixes:

  • Fixed a failure to retry when adding a ReadinessGate to a Pod during Ingress-triggered backend server group creation.

  • Fixed listener status query failures after a listener's log configuration was updated.

This upgrade does not impact your workloads.

January 2026

Version

Release date

Changes

Impact

v2.19.0

January 7, 2026

New features:

  • Supports hot reloading of the secret specified in defaultCertificate.

  • Supports configuring an ingress with rate limiting + fixed response/redirect + forward actions.

Enhancements:

  • Improved the error message that appears when listener creation fails due to an expired certificate.

  • Improved controller reconciliation performance.

  • Enhanced webhook validation to check the following:

    • The format of the SourceIP field in custom forwarding conditions.

    • Whether the AclType field is black or white.

    • Ingress backends that specify service.name without service.port.

  • The webhook now checks if an ingress is an ALB ingress.

Bug fixes:

  • Fixed an issue where tags were not removed from an ALB instance when the tags field was deleted from AlbConfig.

  • Fixed a rare controller panic on service deletion.

This upgrade has no impact on your workloads.

July 2025

Version

Release date

Description

Impact

v2.18.0-aliyun.1

July 4, 2025

  • Instance managed mode is enabled by default. The listener and forwarding rule configurations for ALB instances automatically created via an AlbConfig can no longer be manually modified in the ALB console. This restriction applies only to new ALB instances created after this upgrade; existing and reused instances are not affected.

  • You can now specify a default certificate in an AlbConfig by using the defaultCertificate field.

  • Optimized the priority sorting logic for forwarding rules and removed the global uniqueness requirement for the order field.

  • You can now use ECS metadata in hardening-only mode.

  • Fixed an issue where the controller could panic due to flow control when querying the asynchronous task API.

  • Fixed an issue where an ACL would apply to only one listener when HTTPS and QUIC listeners shared the same port.

  • The readinessGate now uses a fixed interval when waiting for unready pods.

  • Optimized the admission webhook's validation logic for forwarding rules that do not include a terminating action.

This upgrade will not affect your services.

March 2025

Version

Release date

Changes

Impact

v2.17.2-aliyun.1

March 31, 2025

  • Fixed a server group reconciliation failure that caused a port-not-found error when Ingress rules in multiple namespaces pointed to Services with the same name but different ports.

  • Fixed an invalid parameter error when querying IPv4 addresses in an IPv6 dual-stack cluster.

  • Increased the maximum number of security groups that can be added or removed in a single batch API call from 4 to 9.

  • Skipped API calls when no additional tags are required.

This upgrade does not affect your services.

v2.17.1-aliyun.1

March 18, 2025

  • Added support for Gateway API v1.1.0 and later.

This upgrade does not affect your services.

v2.16.0-aliyun.1

March 4, 2025

Important

Starting from this version, persistent connection is enabled by default for new server groups. Existing server groups are unaffected. Before upgrading, confirm if this change affects your services.

  • Enabled persistent connection by default for new server groups.

  • Listeners now support custom tags.

  • Added an option to disable the cross-Availability Zone feature for server groups.

  • Improved overall Service reconciliation performance.

  • Improved the timing of ReadinessGate status updates for Pods. The status is now updated only after all associated server groups have been successfully updated.

  • Canary releases now require two separate Ingresses or custom forwarding actions. If a canary annotation is incorrectly added to an Ingress, the system reports an error and retains the original forwarding rules.

This upgrade may affect your services. See the note above for details.

January 2025

Version

Release date

Changes

Impact

v2.15.2-aliyun.1

January 24, 2025

  • In a listener's XForwardedForConfig, you can configure XForwardedForProcessingMode to set the processing mode for the X-Forwarded-For header, and XForwardedForHostEnabled to enable the X-Forwarded-Host request header.

  • Fixed an issue where the component failed to start when ValidatingWebhookConfiguration did not exist.

  • Fixed an issue where Webhook validation failed when multiple values were configured for alb.ingress.kubernetes.io/healthcheck-httpcode.

  • Added a check for when a forwarding action does not contain the type FinalType.

  • Optimized the calculation method for clientToken during the creation of ALB instances.

This upgrade has no impact on your services.

v2.15.0-aliyun.1

January 6, 2025

  • Enabled ValidatingWebhook by default to validate AlbConfig and Ingress configurations.

  • Added support for AScript.

  • Added the option to set a fixed response for rate limiting.

  • Added support for using ssl-redirect and rate limiting simultaneously.

  • Added custom cookie support for server group session persistence.

  • Added support for configuring security groups for ALB instances created after 00:00:00 on February 25, 2025 (UTC+8).

  • Improved error messages for listener conflicts.

  • Added event notifications for TLS certificate mismatches in a forwarding rule.

  • Added validation for associated resources, such as bandwidth packages.

  • Added support for configuring certificates for the gRPC protocol in AlbConfig.

  • Fixed an issue where the tag feature in AlbConfig could not be used after the createdby tag feature was enabled.

  • Fixed persistent Service reconciliation errors in specific scenarios.

  • Fixed a component crash caused by an invalid AlbConfig configuration.

This upgrade has no impact on your services.

October 2024

Version

Release date

Description

Impact

v2.14.1-aliyun.1

October 12, 2024

  • Fixed an issue that caused HTTPS health check configuration to fail.

No impact on your workload.

September 2024

Version

Release date

Description

Impact

v2.14.0-aliyun.1

September 10, 2024

  • Adds gRPC support for server group health checks.

  • Adds support for slow start.

  • Adds support for connection draining.

  • Adds support for session persistence between server groups.

  • Fixes an issue where the ReadinessGate status was not updated correctly in some scenarios.

  • Improves error messages for Secret resources.

  • Optimizes the reconciliation logic for server groups in a configuring state.

  • Makes AlbConfig fields case-insensitive.

This upgrade does not affect your workloads.

July 2024

Version

Release date

Description

Impact

v2.13.2-aliyun.1

July 23, 2024

  • Fixed a controller crash caused by an invalid AlbConfig format.

  • Fixed incorrect weight settings when using both ECS and ECI endpoints in Flannel network mode.

No impact on workloads.

May 2024

Version

Release date

Changes

Impact

v2.13.1-aliyun.1

May 10, 2024

  • Added an event for when an AlbConfig is not associated with an Ingress.

  • Fixed an issue where weights could be assigned incorrectly after endpoint updates in the Flannel network plugin.

  • Fixed an issue where server group creation would fail if a namespace starts with a number or the namespace or service name is too long.

This upgrade does not affect your workloads.

February 2024

Version

Release date

Description

Impact

v2.12.0-aliyun.1

February 5, 2024

  • Added support for IP-type server groups via the alb.ingress.kubernetes.io/server-group-type: Ip annotation.

  • Added support for specifying a resource group for a server group via the alb.ingress.kubernetes.io/server-group-resource-group-id annotation.

  • The Flannel plugin now automatically configures the weight of each node based on the number of pods running on the node.

  • Added support for QPS throttling for custom forwarding rules.

  • The IP address allocation mode is no longer required when you create an ALB instance.

  • Added support for configuring trusted IP addresses for the X-Forwarded-For header.

  • Fixed an issue where some AlbConfig fields failed to take effect when changed from null to false.

This upgrade does not affect your workloads.

November 2023

Version

Release date

Description

Impact

v2.11.1-aliyun.1

November 20, 2023

Fixed a potential controller crash when no IngressClass was specified.

This upgrade is non-disruptive.

October 2023

Version

Release date

Changes

Impact

v2.11.0-aliyun.1

October 31, 2023

Important

Starting from v2.11.0-aliyun.1, the ALB Ingress controller no longer automatically updates port information in an AlbConfig. You must manually specify the port when you create an AlbConfig. For an example of creating an AlbConfig, see Expose services by using an ALB Ingress.

  • Added support for source IP rate limiting.

  • Added support for tracing.

  • Access logs now support custom headers.

  • Added support for mutual authentication.

  • Disabled automatic AlbConfig updates when an Ingress rule is updated.

  • Prevents deleting a listener from an AlbConfig if an Ingress rule still references it.

  • Optimized the resource deletion behavior when an ALB instance is reused.

  • Optimized the certificate association logic to support paginated certificates.

  • Fixed an issue with incorrect HTTP/2 configuration.

  • Fixed an issue where a misconfigured forwarding action could cause the controller to crash.

  • Fixed an issue where the controller did not promptly update backend server groups after a restart.

This upgrade does not impact your services.

August 2023

Version

Date

Description

Impact

v2.10.0-aliyun.1

August 15, 2023

  • Added a hash to Ingress and ALBConfig resources to prevent unexpected changes when the ALB Ingress Controller restarts.

  • Improved reporting for abnormal events.

  • Optimized reconciliation for scenarios that use reserved fields.

  • Fixed a cache synchronization issue upon Ingress resource deletion.

  • Fixed an issue that interrupted node event processing.

  • Optimized the server group synchronization logic.

This upgrade does not affect your workloads.

July 2023

Version

Release date

Description

Impact

v2.9.0-aliyun.1

July 11, 2023

  • Optimized Service reconciliation to prevent API throttling when handling multiple server groups concurrently.

  • Exposed Service reconciliation events.

  • ssl-redirect annotation usage optimization.

  • Filtered out ShangMi certificates during automatic certificate discovery.

  • Fixed cookieConfig reconciliation in custom forwarding rules.

  • Fixed a controller crash caused by an Ingress with the http field not configured.

  • Fixed configuration update failures when multiple Actions are configured for an Ingress.

This upgrade does not affect your workloads.

June 2023

Version

Date

Description

Impact

v2.8.3-aliyun.1

June 5, 2023

  • Fixed a bug that prevented server reconciliation from retrying.

  • Fixed a bug where keys for custom forwarding rules were ignored.

This upgrade does not affect your workloads.

May 2023

Version

Release date

Changes

Impact

v2.8.2-aliyun.1

May 25, 2023

  • Fixed an issue where forwarding rules could be deleted when a Pod restarts.

  • Removed the deletion logic for Internet Shared Bandwidth during reconciliation.

  • Temporarily disabled updates to the network type of an instance.

This upgrade has no impact on your workloads.

v2.8.1-aliyun.1

May 9, 2023

  • Managed components now use multiple replicas by default for high availability.

  • Added support for specifying a resource group when creating an ALB instance.

  • Added support for specifying multiple status codes for health checks.

  • Introduced consistent hashing for backend server groups.

  • Added support for the use-regex annotation.

  • Added support for specifying a single availability zone.

  • Added support for updating the network type of an instance.

  • Added support for associating an Internet Shared Bandwidth.

  • Optimized asynchronous API calls.

  • Improved error messages.

  • Resolved a console display inconsistency for the default certificate and prevented duplicate certificate settings.

This upgrade has no impact on your workloads.

March 2023

Version

Release date

Description

Impact

v2.7.0-aliyun.1

March 14, 2023

  • Streamlined the reconciliation process and rule priority to speed up rule synchronization.

  • Optimized event notifications.

  • Added direct reconciliation of Services to backend server groups.

  • Added direct ACL association by resource ID.

  • Added support for deploying HTTPS and QUIC on the same port.

  • Custom actions are now case-insensitive and support multiple server groups and rewrites.

  • Certificates configured in secrets now override those in an AlbConfig.

  • Removed hard-coded timeout values.

  • Fixed Gzip compression configuration errors.

This upgrade has no impact on your services.

December 2022

Version

Release date

Description

Impact

v2.6.0-aliyun.1

December 23, 2022

  • Adds support for custom tags on ALB resources.

  • Enhances event notifications.

  • Fixes blocked Ingress deletion by no longer adding a finalizer to Ingresses.

  • Fixes an issue with changing the IPv6 network type.

  • Fixes an issue that caused Ingress certificates to be repeatedly discovered.

  • Fixes incorrect tagging of backend server groups during a canary release.

This upgrade does not affect your workloads.

November 2022

Version

Release date

Description

Impact

v2.5.0-aliyun.1

November 23, 2022

  • Added secret certificate uploads.

  • Added custom headers and cookies.

  • Enabled ACL whitelist configuration.

  • Optimized listener processing by isolating listener errors from reconciliation. An error on a port 443 listener no longer affects reconciliation on port 80.

This upgrade does not affect your workloads.

August 2022

Version

Release date

Description

Impact

v2.4.0-aliyun.1

August 10, 2022

  • Added support for CORS.

  • Added support for persistent connections to backend servers.

  • Optimized the listener deletion logic.

This upgrade has no impact on workloads.

June 2022

Version

Release date

Description

Impact

v2.3.0-aliyun.1

June 23, 2022

No impact on your services.

April 2022

Version

Release date

Description

Impact

v2.2.0-aliyun.1

April 13, 2022

  • Adds support for rewrite, which is configurable by using annotations. For more information, see Configure rewrite.

  • Adds support for TCP health checks, which use SYN packets to verify that a server port is active. For more information, see Configure health checks.

  • You can now specify a TLS security policy for an HTTPS listener in an ALBConfig. For more information, see Specify a TLS security policy.

This upgrade does not impact your services.

Previous:NGINX Ingress controllerNext:CoreDNS