Enable Assignment of Predefined Static IPv4 Addresses for Control Plane and Worker Nodes

[biqas]

/kind feature

Description:

Currently, the Hetzner Cluster API (CAPI) provider automatically assigns primary IPv4 and IPv6 addresses to control plane and worker nodes during provisioning. There is no option to specify predefined static IPv4 addresses for these nodes. This limitation affects users who need specific IP addresses for integration with existing network infrastructures, DNS configurations, firewall rules, or compliance with organizational policies.

Proposed Feature:

Introduce the ability to assign predefined static IPv4 addresses to both control plane and worker nodes, independent of the load balancer configuration. This enhancement would provide users with greater control over their network setups and IP address management.

Example Configuration

Below is an example of how the configuration might look with the proposed feature:

apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: HetznerCluster
metadata:
  name: my-cluster
spec:
  controlPlaneEndpoint:
    host: "control-plane.somehost.com"
    port: 6443
  controlPlaneStaticIP:
    address: "203.0.113.10"  # Predefined static IPv4 address for control plane
  workerNodeStaticIPs:
    - name: "worker-node-1"
      address: "203.0.113.20"  # Predefined static IPv4 address for worker node 1
    - name: "worker-node-2"
      address: "203.0.113.21"  # Predefined static IPv4 address for worker node 2

Use Cases

• Controlled Network Environments: Environments where IP addresses are tightly controlled, such as corporate networks with strict security policies.
• Integration with External Services: Nodes need to communicate with external systems that require whitelisted IP addresses.
• Consistent Addressing for Monitoring and Logging: Consistent IP addresses facilitate easier monitoring, logging, and troubleshooting.

Environment:

• cluster-api-provider-hetzner version: 1.0.0
• Kubernetes version: Any

[guettli]

@biqas CAPH can only do things which are exposed via the Hetzner/HCloud API.

For Hcloud it is supported: IPv4 *PrimaryIP

For bare-metal servers it should work out of the box, because Caph does not create bm servers.
Caph uses the serverID from HetznerBareMetalHost. The customer can configure the bm server before using it.

Do you want that feature for hcloud, bm or both?

---

In general, we can do it.

We should try to understand [in-cluster IPAM provider for Cluster API ](https://github.com/kubernetes-sigs/cluster-api- ipam-provider-in-cluster) first.

Caph could do that somehow on its own, or use above IPAM provider.

@biqas what do you think about above IPAM provider?

[biqas]

Thank you for your prompt response and for considering this feature request.

Clarification on Requirements:

• Target Platform: I am looking to have this feature implemented for Hetzner Cloud (HCloud) instances.

IPAM Provider:
I believe that leveraging the in-cluster IPAM provider for Cluster API could be a viable solution. It appears to offer the flexibility needed for IP address management within the cluster. It may allow for dynamic assignment of predefined static IP addresses during node provisioning and could streamline the implementation process and align with Cluster API best practices.

Questions:

• Are there any known compatibility considerations when integrating the in-cluster IPAM provider with CAPH?
• What would be the expected effort to integrate this IPAM provider into CAPH? Do you have examples?