make internalLB IP configurable

kubernetes-sigs · Nov 26, 2024 · 9f43ff7 · 9f43ff7
1 parent 90ba0f0
commit 9f43ff7
Show file tree

Hide file tree

Showing 5 changed files with 535 additions and 54 deletions.
diff --git a/api/v1beta1/azurecluster_default.go b/api/v1beta1/azurecluster_default.go
@@ -18,6 +18,7 @@ package v1beta1
 
 import (
 	"fmt"
+	"sigs.k8s.io/cluster-api-provider-azure/feature"
 
 	"k8s.io/utils/ptr"
 )
@@ -245,6 +246,29 @@ func (c *AzureCluster) setAPIServerLBDefaults() {
 				},
 			}
 		}
+		// if the API Server ILB feature is enabled, we should create a default internal LB IP
+		if feature.Gates.Enabled(feature.APIServerILB) {
+			privateIPFound := false
+			for i := range lb.FrontendIPs {
+				if lb.FrontendIPs[i].FrontendIPClass.PrivateIPAddress != "" {
+					if lb.FrontendIPs[i].Name == "" {
+						lb.FrontendIPs[i].Name = generateFrontendIPConfigName(lb.Name) + "-internal-ip"
+					}
+					privateIPFound = true
+					break
+				}
+			}
+			// if no private IP is found, we should create a default internal LB IP
+			if !privateIPFound {
+				privateIP := FrontendIP{
+					Name: generateFrontendIPConfigName(lb.Name) + "-internal-ip",
+					FrontendIPClass: FrontendIPClass{
+						PrivateIPAddress: DefaultInternalLBIPAddress,
+					},
+				}
+				lb.FrontendIPs = append(lb.FrontendIPs, privateIP)
+			}
+		}
 	} else if lb.Type == Internal {
 		if lb.Name == "" {
 			lb.Name = generateInternalLBName(c.ObjectMeta.Name)

diff --git a/api/v1beta1/azurecluster_default_test.go b/api/v1beta1/azurecluster_default_test.go
@@ -18,7 +18,10 @@ package v1beta1
 
 import (
 	"encoding/json"
+	"k8s.io/component-base/featuregate"
+	featuregatetesting "k8s.io/component-base/featuregate/testing"
 	"reflect"
+	"sigs.k8s.io/cluster-api-provider-azure/feature"
 	"testing"
 
 	corev1 "k8s.io/api/core/v1"
@@ -1236,9 +1239,10 @@ func TestVnetPeeringDefaults(t *testing.T) {
 
 func TestAPIServerLBDefaults(t *testing.T) {
 	cases := []struct {
-		name    string
-		cluster *AzureCluster
-		output  *AzureCluster
+		name         string
+		featureGates map[featuregate.Feature]bool
+		cluster      *AzureCluster
+		output       *AzureCluster
 	}{
 		{
 			name: "no lb",
@@ -1375,16 +1379,243 @@ func TestAPIServerLBDefaults(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "no lb with APIServerILB feature gate enabled",
+			featureGates: map[featuregate.Feature]bool{
+				feature.APIServerILB: true,
+			},
+			cluster: &AzureCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					ControlPlaneEnabled: true,
+					NetworkSpec:         NetworkSpec{},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					ControlPlaneEnabled: true,
+					NetworkSpec: NetworkSpec{
+						APIServerLB: &LoadBalancerSpec{
+							Name: "cluster-test-public-lb",
+							FrontendIPs: []FrontendIP{
+								{
+									Name: "cluster-test-public-lb-frontEnd",
+									PublicIP: &PublicIPSpec{
+										Name:    "pip-cluster-test-apiserver",
+										DNSName: "",
+									},
+								},
+								{
+									Name: "cluster-test-public-lb-frontEnd-internal-ip",
+									FrontendIPClass: FrontendIPClass{
+										PrivateIPAddress: DefaultInternalLBIPAddress,
+									},
+								},
+							},
+							BackendPool: BackendPool{
+								Name: "cluster-test-public-lb-backendPool",
+							},
+							LoadBalancerClassSpec: LoadBalancerClassSpec{
+								SKU:                  SKUStandard,
+								Type:                 Public,
+								IdleTimeoutInMinutes: ptr.To[int32](DefaultOutboundRuleIdleTimeoutInMinutes),
+							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "internal lb with APIServerILB feature gate enabled",
+			featureGates: map[featuregate.Feature]bool{
+				feature.APIServerILB: true,
+			},
+			cluster: &AzureCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						APIServerLB: &LoadBalancerSpec{
+							LoadBalancerClassSpec: LoadBalancerClassSpec{
+								Type: Internal,
+							},
+						},
+					},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						APIServerLB: &LoadBalancerSpec{
+							FrontendIPs: []FrontendIP{
+								{
+									Name: "cluster-test-internal-lb-frontEnd",
+									FrontendIPClass: FrontendIPClass{
+										PrivateIPAddress: DefaultInternalLBIPAddress,
+									},
+								},
+							},
+							BackendPool: BackendPool{
+								Name: "cluster-test-internal-lb-backendPool",
+							},
+							LoadBalancerClassSpec: LoadBalancerClassSpec{
+								SKU:                  SKUStandard,
+								Type:                 Internal,
+								IdleTimeoutInMinutes: ptr.To[int32](DefaultOutboundRuleIdleTimeoutInMinutes),
+							},
+							Name: "cluster-test-internal-lb",
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "with custom backend pool name with APIServerILB feature gate enabled",
+			featureGates: map[featuregate.Feature]bool{
+				feature.APIServerILB: true,
+			},
+			cluster: &AzureCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						APIServerLB: &LoadBalancerSpec{
+							LoadBalancerClassSpec: LoadBalancerClassSpec{
+								Type: Internal,
+							},
+							BackendPool: BackendPool{
+								Name: "custom-backend-pool",
+							},
+						},
+					},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						APIServerLB: &LoadBalancerSpec{
+							FrontendIPs: []FrontendIP{
+								{
+									Name: "cluster-test-internal-lb-frontEnd",
+									FrontendIPClass: FrontendIPClass{
+										PrivateIPAddress: DefaultInternalLBIPAddress,
+									},
+								},
+							},
+							BackendPool: BackendPool{
+								Name: "custom-backend-pool",
+							},
+							LoadBalancerClassSpec: LoadBalancerClassSpec{
+								SKU:                  SKUStandard,
+								Type:                 Internal,
+								IdleTimeoutInMinutes: ptr.To[int32](DefaultOutboundRuleIdleTimeoutInMinutes),
+							},
+							Name: "cluster-test-internal-lb",
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "public lb with APIServerILB feature gate enabled and custom private IP belonging to default control plane CIDR",
+			featureGates: map[featuregate.Feature]bool{
+				feature.APIServerILB: true,
+			},
+			cluster: &AzureCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					ControlPlaneEnabled: true,
+					NetworkSpec: NetworkSpec{
+						APIServerLB: &LoadBalancerSpec{
+							Name: "cluster-test-public-lb",
+							FrontendIPs: []FrontendIP{
+								{
+									Name: "cluster-test-public-lb-frontEnd",
+									PublicIP: &PublicIPSpec{
+										Name:    "pip-cluster-test-apiserver",
+										DNSName: "",
+									},
+								},
+								{
+									Name: "my-internal-ip",
+									FrontendIPClass: FrontendIPClass{
+										PrivateIPAddress: "10.0.0.111",
+									},
+								},
+							},
+							LoadBalancerClassSpec: LoadBalancerClassSpec{
+								Type: Public,
+								SKU:  SKUStandard,
+							},
+						},
+					},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					ControlPlaneEnabled: true,
+					NetworkSpec: NetworkSpec{
+						APIServerLB: &LoadBalancerSpec{
+							Name: "cluster-test-public-lb",
+							FrontendIPs: []FrontendIP{
+								{
+									Name: "cluster-test-public-lb-frontEnd",
+									PublicIP: &PublicIPSpec{
+										Name:    "pip-cluster-test-apiserver",
+										DNSName: "",
+									},
+								},
+								{
+									Name: "my-internal-ip",
+									FrontendIPClass: FrontendIPClass{
+										PrivateIPAddress: "10.0.0.111",
+									},
+								},
+							},
+							BackendPool: BackendPool{
+								Name: "cluster-test-public-lb-backendPool",
+							},
+							LoadBalancerClassSpec: LoadBalancerClassSpec{
+								SKU:                  SKUStandard,
+								Type:                 Public,
+								IdleTimeoutInMinutes: ptr.To[int32](DefaultOutboundRuleIdleTimeoutInMinutes),
+							},
+						},
+					},
+				},
+			},
+		},
 	}
 
-	for _, c := range cases {
-		tc := c
-		t.Run(tc.name, func(t *testing.T) {
-			t.Parallel()
-			tc.cluster.setAPIServerLBDefaults()
-			if !reflect.DeepEqual(tc.cluster, tc.output) {
-				expected, _ := json.MarshalIndent(tc.output, "", "\t")
-				actual, _ := json.MarshalIndent(tc.cluster, "", "\t")
+	for _, testcase := range cases {
+		t.Run(testcase.name, func(t *testing.T) {
+			if testcase.featureGates != nil {
+				for featureKey, featureValue := range testcase.featureGates {
+					defer featuregatetesting.SetFeatureGateDuringTest(t, feature.Gates, featureKey, featureValue)()
+				}
+			}
+			testcase.cluster.setAPIServerLBDefaults()
+			if !reflect.DeepEqual(testcase.cluster, testcase.output) {
+				expected, _ := json.MarshalIndent(testcase.output, "", "\t")
+				actual, _ := json.MarshalIndent(testcase.cluster, "", "\t")
 				t.Errorf("Expected %s, got %s", string(expected), string(actual))
 			}
 		})