From 90ba0f0deca685d0cc934c37b5510e363eb1798b Mon Sep 17 00:00:00 2001 From: Nawaz Hussain Khazielakha Date: Tue, 26 Nov 2024 10:51:28 -0800 Subject: [PATCH] use feature flag to set default ILB --- azure/scope/cluster.go | 119 +++++++++++++++++++++++++---------------- azure/scope/machine.go | 7 ++- 2 files changed, 77 insertions(+), 49 deletions(-) diff --git a/azure/scope/cluster.go b/azure/scope/cluster.go index dcbe671d650..58ae9a885a1 100644 --- a/azure/scope/cluster.go +++ b/azure/scope/cluster.go @@ -21,6 +21,7 @@ import ( "encoding/json" "fmt" "hash/fnv" + "sigs.k8s.io/cluster-api-provider-azure/feature" "sort" "strconv" "strings" @@ -247,57 +248,81 @@ func (s *ClusterScope) PublicIPSpecs() []azure.ResourceSpecGetter { func (s *ClusterScope) LBSpecs() []azure.ResourceSpecGetter { var specs []azure.ResourceSpecGetter if s.ControlPlaneEnabled() { - specs = []azure.ResourceSpecGetter{ - &loadbalancers.LBSpec{ - // API Server LB - Name: s.APIServerLB().Name, - ResourceGroup: s.ResourceGroup(), - SubscriptionID: s.SubscriptionID(), - ClusterName: s.ClusterName(), - Location: s.Location(), - ExtendedLocation: s.ExtendedLocation(), - VNetName: s.Vnet().Name, - VNetResourceGroup: s.Vnet().ResourceGroup, - SubnetName: s.ControlPlaneSubnet().Name, - FrontendIPConfigs: s.APIServerLB().FrontendIPs, - APIServerPort: s.APIServerPort(), - Type: s.APIServerLB().Type, - SKU: s.APIServerLB().SKU, - Role: infrav1.APIServerRole, - BackendPoolName: s.APIServerLB().BackendPool.Name, - IdleTimeoutInMinutes: s.APIServerLB().IdleTimeoutInMinutes, - AdditionalTags: s.AdditionalTags(), - }, - } - } - - if s.APIServerLB().Type != infrav1.Internal { - specs = append(specs, &loadbalancers.LBSpec{ - Name: s.APIServerLB().Name + "-internal", - ResourceGroup: s.ResourceGroup(), - SubscriptionID: s.SubscriptionID(), - ClusterName: s.ClusterName(), - Location: s.Location(), - ExtendedLocation: s.ExtendedLocation(), - VNetName: s.Vnet().Name, - VNetResourceGroup: s.Vnet().ResourceGroup, - SubnetName: s.ControlPlaneSubnet().Name, - FrontendIPConfigs: []infrav1.FrontendIP{ - { - Name: s.APIServerLB().Name + "-internal-frontEnd", // TODO: improve this name. - FrontendIPClass: infrav1.FrontendIPClass{ - PrivateIPAddress: infrav1.DefaultInternalLBIPAddress, - }, - }, - }, + frontendLB := &loadbalancers.LBSpec{ + // API Server LB + Name: s.APIServerLB().Name, + ResourceGroup: s.ResourceGroup(), + SubscriptionID: s.SubscriptionID(), + ClusterName: s.ClusterName(), + Location: s.Location(), + ExtendedLocation: s.ExtendedLocation(), + VNetName: s.Vnet().Name, + VNetResourceGroup: s.Vnet().ResourceGroup, + SubnetName: s.ControlPlaneSubnet().Name, APIServerPort: s.APIServerPort(), - Type: infrav1.Internal, + Type: s.APIServerLB().Type, SKU: s.APIServerLB().SKU, - Role: infrav1.APIServerRoleInternal, - BackendPoolName: s.APIServerLB().BackendPool.Name + "-internal", + Role: infrav1.APIServerRole, + BackendPoolName: s.APIServerLB().BackendPool.Name, IdleTimeoutInMinutes: s.APIServerLB().IdleTimeoutInMinutes, AdditionalTags: s.AdditionalTags(), - }) + } + + // get the internal LB IP and the public LB IP + // apiServerLBInternalIP := infrav1.FrontendIP{} + apiServerFrontendLBIP := make([]infrav1.FrontendIP, 0) + if s.APIServerLB().FrontendIPs != nil { + for _, frontendIP := range s.APIServerLB().FrontendIPs { + // save the public IPs for the frontend LB + // or if the LB is of the type internal, save the only IP allowed for the frontend LB + if frontendIP.PublicIP != nil || frontendLB.Type == infrav1.Internal { + apiServerFrontendLBIP = append(apiServerFrontendLBIP, frontendIP) + } + + //if frontendIP.PrivateIPAddress != "" { + // apiServerLBInternalIP = frontendIP + //} + } + } + + // set the frontend IPs for the frontend LB and save the LB spec + frontendLB.FrontendIPConfigs = apiServerFrontendLBIP + specs := append(specs, frontendLB) + + if feature.Gates.Enabled(feature.APIServerILB) { + if s.APIServerLB().Type != infrav1.Internal { + internalLB := &loadbalancers.LBSpec{ + Name: s.APIServerLB().Name + "-internal", + ResourceGroup: s.ResourceGroup(), + SubscriptionID: s.SubscriptionID(), + ClusterName: s.ClusterName(), + Location: s.Location(), + ExtendedLocation: s.ExtendedLocation(), + VNetName: s.Vnet().Name, + VNetResourceGroup: s.Vnet().ResourceGroup, + SubnetName: s.ControlPlaneSubnet().Name, + APIServerPort: s.APIServerPort(), + Type: infrav1.Internal, + SKU: s.APIServerLB().SKU, + Role: infrav1.APIServerRoleInternal, + BackendPoolName: s.APIServerLB().BackendPool.Name + "-internal", + IdleTimeoutInMinutes: s.APIServerLB().IdleTimeoutInMinutes, + AdditionalTags: s.AdditionalTags(), + } + + // set the internal IP for the internal LB + // internalLB.FrontendIPConfigs = []infrav1.FrontendIP{apiServerInternalLBIP} + internalLB.FrontendIPConfigs = []infrav1.FrontendIP{ + { + Name: s.APIServerLB().Name + "-internal-frontEnd", + FrontendIPClass: infrav1.FrontendIPClass{ + PrivateIPAddress: infrav1.DefaultInternalLBIPAddress, + }, + }, + } + specs = append(specs, internalLB) + } + } } // Node outbound LB diff --git a/azure/scope/machine.go b/azure/scope/machine.go index 971f5cf8696..e776c263e82 100644 --- a/azure/scope/machine.go +++ b/azure/scope/machine.go @@ -20,6 +20,7 @@ import ( "context" "encoding/base64" "encoding/json" + "sigs.k8s.io/cluster-api-provider-azure/feature" "strings" "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2" @@ -298,8 +299,10 @@ func (m *MachineScope) BuildNICSpec(nicName string, infrav1NetworkInterface infr spec.InternalLBName = m.APIServerLBName() spec.InternalLBAddressPoolName = m.APIServerLBPoolName() } else { - spec.InternalLBName = m.APIServerLBName() + "-internal" - spec.InternalLBAddressPoolName = m.APIServerLBPoolName() + "-internal" + if feature.Gates.Enabled(feature.APIServerILB) { + spec.InternalLBName = m.APIServerLBName() + "-internal" + spec.InternalLBAddressPoolName = m.APIServerLBPoolName() + "-internal" + } spec.PublicLBNATRuleName = m.Name() spec.PublicLBAddressPoolName = m.APIServerLBPoolName() }