Skip to content

Commit

Permalink
Merge pull request #4840 from mtulio/CORS-3288-fix-lb-subnets
Browse files Browse the repository at this point in the history
🐛 fix: additional control plane LBs must use correct schema/subnets
  • Loading branch information
k8s-ci-robot authored Mar 6, 2024
2 parents 2289557 + 0714d36 commit baf8d59
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 3 deletions.
1 change: 1 addition & 0 deletions pkg/cloud/scope/cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -193,6 +193,7 @@ func (s *ClusterScope) ControlPlaneLoadBalancers() []*infrav1.AWSLoadBalancerSpe
}

// ControlPlaneLoadBalancerScheme returns the Classic ELB scheme (public or internal facing).
// Deprecated: This method is going to be removed in a future release. Use LoadBalancer.Scheme.
func (s *ClusterScope) ControlPlaneLoadBalancerScheme() infrav1.ELBScheme {
if s.ControlPlaneLoadBalancer() != nil && s.ControlPlaneLoadBalancer().Scheme != nil {
return *s.ControlPlaneLoadBalancer().Scheme
Expand Down
1 change: 1 addition & 0 deletions pkg/cloud/scope/elb.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ type ELBScope interface {
ControlPlaneLoadBalancer() *infrav1.AWSLoadBalancerSpec

// ControlPlaneLoadBalancerScheme returns the Classic ELB scheme (public or internal facing)
// Deprecated: This method is going to be removed in a future release. Use LoadBalancer.Scheme.
ControlPlaneLoadBalancerScheme() infrav1.ELBScheme

// ControlPlaneLoadBalancerName returns the Classic ELB name
Expand Down
11 changes: 8 additions & 3 deletions pkg/cloud/services/elb/loadbalancer.go
Original file line number Diff line number Diff line change
Expand Up @@ -250,7 +250,7 @@ func (s *Service) getAPIServerLBSpec(elbName string, lbSpec *infrav1.AWSLoadBala
// The load balancer APIs require us to only attach one subnet for each AZ.
subnets := s.scope.Subnets().FilterPrivate()

if s.scope.ControlPlaneLoadBalancerScheme() == infrav1.ELBSchemeInternetFacing {
if scheme == infrav1.ELBSchemeInternetFacing {
subnets = s.scope.Subnets().FilterPublic()
}

Expand Down Expand Up @@ -989,9 +989,14 @@ func (s *Service) getAPIServerClassicELBSpec(elbName string) (*infrav1.LoadBalan
}
securityGroupIDs = append(securityGroupIDs, s.scope.SecurityGroups()[infrav1.SecurityGroupAPIServerLB].ID)

scheme := infrav1.ELBSchemeInternetFacing
if controlPlaneLoadBalancer != nil && controlPlaneLoadBalancer.Scheme != nil {
scheme = *controlPlaneLoadBalancer.Scheme
}

res := &infrav1.LoadBalancer{
Name: elbName,
Scheme: s.scope.ControlPlaneLoadBalancerScheme(),
Scheme: scheme,
ClassicELBListeners: []infrav1.ClassicELBListener{
{
Protocol: infrav1.ELBProtocolTCP,
Expand Down Expand Up @@ -1044,7 +1049,7 @@ func (s *Service) getAPIServerClassicELBSpec(elbName string) (*infrav1.LoadBalan
// The load balancer APIs require us to only attach one subnet for each AZ.
subnets := s.scope.Subnets().FilterPrivate()

if s.scope.ControlPlaneLoadBalancerScheme() == infrav1.ELBSchemeInternetFacing {
if scheme == infrav1.ELBSchemeInternetFacing {
subnets = s.scope.Subnets().FilterPublic()
}

Expand Down

0 comments on commit baf8d59

Please sign in to comment.