use feature flag to set default ILB

azure/scope/cluster.go

@@ -21,6 +21,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"hash/fnv"
+	"sigs.k8s.io/cluster-api-provider-azure/feature"
 	"sort"
 	"strconv"
 	"strings"
@@ -247,10 +248,45 @@ func (s *ClusterScope) PublicIPSpecs() []azure.ResourceSpecGetter {
 func (s *ClusterScope) LBSpecs() []azure.ResourceSpecGetter {
 	var specs []azure.ResourceSpecGetter
 	if s.ControlPlaneEnabled() {
-		specs = []azure.ResourceSpecGetter{
-			&loadbalancers.LBSpec{
-				// API Server LB
-				Name:                 s.APIServerLB().Name,
+		frontendLB := &loadbalancers.LBSpec{
+			// API Server LB
+			Name:                 s.APIServerLB().Name,
+			ResourceGroup:        s.ResourceGroup(),
+			SubscriptionID:       s.SubscriptionID(),
+			ClusterName:          s.ClusterName(),
+			Location:             s.Location(),
+			ExtendedLocation:     s.ExtendedLocation(),
+			VNetName:             s.Vnet().Name,
+			VNetResourceGroup:    s.Vnet().ResourceGroup,
+			SubnetName:           s.ControlPlaneSubnet().Name,
+			APIServerPort:        s.APIServerPort(),
+			Type:                 s.APIServerLB().Type,
+			SKU:                  s.APIServerLB().SKU,
+			Role:                 infrav1.APIServerRole,
+			BackendPoolName:      s.APIServerLB().BackendPool.Name,
+			IdleTimeoutInMinutes: s.APIServerLB().IdleTimeoutInMinutes,
+			AdditionalTags:       s.AdditionalTags(),
+		}
+
+		// get the internal LB IP and the public LB IP
+		apiServerFrontendLBIP := make([]infrav1.FrontendIP, 0)
+		if s.APIServerLB().FrontendIPs != nil {
+			for _, frontendIP := range s.APIServerLB().FrontendIPs {
+				// save the public IPs for the frontend LB
+				// or if the LB is of the type internal, save the only IP allowed for the frontend LB
+				if frontendIP.PublicIP != nil || frontendLB.Type == infrav1.Internal {
+					apiServerFrontendLBIP = append(apiServerFrontendLBIP, frontendIP)
+				}
+			}
+		}
+
+		// set the frontend IPs for the frontend LB and save the LB spec
+		frontendLB.FrontendIPConfigs = apiServerFrontendLBIP
+		specs = append(specs, frontendLB)
+
+		if s.APIServerLB().Type != infrav1.Internal && feature.Gates.Enabled(feature.APIServerILB) {
+			internalLB := &loadbalancers.LBSpec{
+				Name:                 s.APIServerLB().Name + "-internal",
 				ResourceGroup:        s.ResourceGroup(),
 				SubscriptionID:       s.SubscriptionID(),
 				ClusterName:          s.ClusterName(),
@@ -259,45 +295,26 @@ func (s *ClusterScope) LBSpecs() []azure.ResourceSpecGetter {
 				VNetName:             s.Vnet().Name,
 				VNetResourceGroup:    s.Vnet().ResourceGroup,
 				SubnetName:           s.ControlPlaneSubnet().Name,
-				FrontendIPConfigs:    s.APIServerLB().FrontendIPs,
 				APIServerPort:        s.APIServerPort(),
-				Type:                 s.APIServerLB().Type,
+				Type:                 infrav1.Internal,
 				SKU:                  s.APIServerLB().SKU,
-				Role:                 infrav1.APIServerRole,
-				BackendPoolName:      s.APIServerLB().BackendPool.Name,
+				Role:                 infrav1.APIServerRoleInternal,
+				BackendPoolName:      s.APIServerLB().BackendPool.Name + "-internal",
 				IdleTimeoutInMinutes: s.APIServerLB().IdleTimeoutInMinutes,
 				AdditionalTags:       s.AdditionalTags(),
-			},
-		}
-	}
+			}
 
-	if s.APIServerLB().Type != infrav1.Internal {
-		specs = append(specs, &loadbalancers.LBSpec{
-			Name:              s.APIServerLB().Name + "-internal",
-			ResourceGroup:     s.ResourceGroup(),
-			SubscriptionID:    s.SubscriptionID(),
-			ClusterName:       s.ClusterName(),
-			Location:          s.Location(),
-			ExtendedLocation:  s.ExtendedLocation(),
-			VNetName:          s.Vnet().Name,
-			VNetResourceGroup: s.Vnet().ResourceGroup,
-			SubnetName:        s.ControlPlaneSubnet().Name,
-			FrontendIPConfigs: []infrav1.FrontendIP{
+			// set the internal IP for the internal LB
+			internalLB.FrontendIPConfigs = []infrav1.FrontendIP{
 				{
-					Name: s.APIServerLB().Name + "-internal-frontEnd", // TODO: improve this name.
+					Name: s.APIServerLB().Name + "-internal-frontEnd",
 					FrontendIPClass: infrav1.FrontendIPClass{
 						PrivateIPAddress: infrav1.DefaultInternalLBIPAddress,
 					},
 				},
-			},
-			APIServerPort:        s.APIServerPort(),
-			Type:                 infrav1.Internal,
-			SKU:                  s.APIServerLB().SKU,
-			Role:                 infrav1.APIServerRoleInternal,
-			BackendPoolName:      s.APIServerLB().BackendPool.Name + "-internal",
-			IdleTimeoutInMinutes: s.APIServerLB().IdleTimeoutInMinutes,
-			AdditionalTags:       s.AdditionalTags(),
-		})
+			}
+			specs = append(specs, internalLB)
+		}
 	}
 
 	// Node outbound LB

azure/scope/machine.go

@@ -20,6 +20,7 @@ import (
 	"context"
 	"encoding/base64"
 	"encoding/json"
+	"sigs.k8s.io/cluster-api-provider-azure/feature"
 	"strings"
 
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
@@ -298,8 +299,10 @@ func (m *MachineScope) BuildNICSpec(nicName string, infrav1NetworkInterface infr
 				spec.InternalLBName = m.APIServerLBName()
 				spec.InternalLBAddressPoolName = m.APIServerLBPoolName()
 			} else {
-				spec.InternalLBName = m.APIServerLBName() + "-internal"
-				spec.InternalLBAddressPoolName = m.APIServerLBPoolName() + "-internal"
+				if feature.Gates.Enabled(feature.APIServerILB) {
+					spec.InternalLBName = m.APIServerLBName() + "-internal"
+					spec.InternalLBAddressPoolName = m.APIServerLBPoolName() + "-internal"
+				}
 				spec.PublicLBNATRuleName = m.Name()
 				spec.PublicLBAddressPoolName = m.APIServerLBPoolName()
 			}