Add field for additional LB ports to CP nodes

Signed-off-by: Danil-Grigorev <[email protected]>

Author: Danil-Grigorev

api/v1beta1/types.go

@@ -111,9 +111,22 @@ type NetworkSpec struct {
 	// +optional
 	ControlPlaneOutboundLB *LoadBalancerSpec `json:"controlPlaneOutboundLB,omitempty"`
 
+	// AdditionalControlPlaneLBPorts is the configuration for the additional inbound control-plane load balancer ports
+	// +optional
+	AdditionalControlPlaneLBPorts []LoadBalancerPort `json:"additionalControlPlaneLBPorts,omitempty"`
+
 	NetworkClassSpec `json:",inline"`
 }
 
+// LoadBalancerPort specifies additional port for the API server load balancer
+type LoadBalancerPort struct {
+	// Name for the additional port within LB definition
+	Name string `json:"name"`
+
+	// Port for the LB definition
+	Port int32 `json:"port"`
+}
+
 // VnetSpec configures an Azure virtual network.
 type VnetSpec struct {
 	// ResourceGroup is the name of the resource group of the existing virtual network

api/v1beta1/types_template.go

@@ -75,6 +75,10 @@ type NetworkTemplateSpec struct {
 	// This is different from APIServerLB, and is used only in private clusters (optionally) for enabling outbound traffic.
 	// +optional
 	ControlPlaneOutboundLB *LoadBalancerClassSpec `json:"controlPlaneOutboundLB,omitempty"`
+
+	// AdditionalControlPlaneLBPorts is the configuration for the additional inbound control-plane load balancer ports
+	// +optional
+	AdditionalControlPlaneLBPorts []LoadBalancerPort `json:"additionalControlPlaneLBPorts,omitempty"`
 }
 
 // GetSubnetTemplate returns the subnet template based on the subnet role.

api/v1beta1/zz_generated.deepcopy.go

@@ -266,6 +266,7 @@ func (s *ClusterScope) LBSpecs() []azure.ResourceSpecGetter {
 			BackendPoolName:      s.APIServerLB().BackendPool.Name,
 			IdleTimeoutInMinutes: s.APIServerLB().IdleTimeoutInMinutes,
 			AdditionalTags:       s.AdditionalTags(),
+			AdditionalPorts:      s.ControlPlaneAdditionalLBPorts(),
 		}
 
 		if s.APIServerLB().FrontendIPs != nil {
@@ -299,6 +300,7 @@ func (s *ClusterScope) LBSpecs() []azure.ResourceSpecGetter {
 			BackendPoolName:      s.APIServerLB().BackendPool.Name + "-internal",
 			IdleTimeoutInMinutes: s.APIServerLB().IdleTimeoutInMinutes,
 			AdditionalTags:       s.AdditionalTags(),
+			AdditionalPorts:      s.ControlPlaneAdditionalLBPorts(),
 		}
 
 		privateIPFound := false
@@ -771,6 +773,11 @@ func (s *ClusterScope) ControlPlaneOutboundLB() *infrav1.LoadBalancerSpec {
 	return s.AzureCluster.Spec.NetworkSpec.ControlPlaneOutboundLB
 }
 
+// ControlPlaneAdditionalLBPorts returns the additiona API server ports list.
+func (s *ClusterScope) ControlPlaneAdditionalLBPorts() []infrav1.LoadBalancerPort {
+	return s.AzureCluster.Spec.NetworkSpec.AdditionalControlPlaneLBPorts
+}
+
 // APIServerLBName returns the API Server LB name.
 func (s *ClusterScope) APIServerLBName() string {
 	apiServerLB := s.APIServerLB()

azure/scope/cluster.go

@@ -47,6 +47,7 @@ type LBSpec struct {
 	APIServerPort        int32
 	IdleTimeoutInMinutes *int32
 	AdditionalTags       map[string]string
+	AdditionalPorts      []infrav1.LoadBalancerPort
 }
 
 // ResourceName returns the name of the load balancer.
@@ -221,14 +222,14 @@ func getLoadBalancingRules(lbSpec LBSpec, frontendIDs []*armnetwork.SubResource)
 		if len(frontendIDs) != 0 {
 			frontendIPConfig = frontendIDs[0]
 		}
-		return []*armnetwork.LoadBalancingRule{
+		rules := []*armnetwork.LoadBalancingRule{
 			{
 				Name: ptr.To(lbRuleHTTPS),
 				Properties: &armnetwork.LoadBalancingRulePropertiesFormat{
 					DisableOutboundSnat:     ptr.To(true),
 					Protocol:                ptr.To(armnetwork.TransportProtocolTCP),
-					FrontendPort:            ptr.To[int32](lbSpec.APIServerPort),
-					BackendPort:             ptr.To[int32](lbSpec.APIServerPort),
+					FrontendPort:            ptr.To(lbSpec.APIServerPort),
+					BackendPort:             ptr.To(lbSpec.APIServerPort),
 					IdleTimeoutInMinutes:    lbSpec.IdleTimeoutInMinutes,
 					EnableFloatingIP:        ptr.To(false),
 					LoadDistribution:        ptr.To(armnetwork.LoadDistributionDefault),
@@ -242,6 +243,30 @@ func getLoadBalancingRules(lbSpec LBSpec, frontendIDs []*armnetwork.SubResource)
 				},
 			},
 		}
+
+		for _, port := range lbSpec.AdditionalPorts {
+			rules = append(rules, &armnetwork.LoadBalancingRule{
+				Name: ptr.To(port.Name),
+				Properties: &armnetwork.LoadBalancingRulePropertiesFormat{
+					DisableOutboundSnat:     ptr.To(true),
+					Protocol:                ptr.To(armnetwork.TransportProtocolTCP),
+					FrontendPort:            ptr.To(port.Port),
+					BackendPort:             ptr.To(port.Port),
+					IdleTimeoutInMinutes:    lbSpec.IdleTimeoutInMinutes,
+					EnableFloatingIP:        ptr.To(false),
+					LoadDistribution:        ptr.To(armnetwork.LoadDistributionDefault),
+					FrontendIPConfiguration: frontendIPConfig,
+					BackendAddressPool: &armnetwork.SubResource{
+						ID: ptr.To(azure.AddressPoolID(lbSpec.SubscriptionID, lbSpec.ResourceGroup, lbSpec.Name, lbSpec.BackendPoolName)),
+					},
+					Probe: &armnetwork.SubResource{
+						ID: ptr.To(azure.ProbeID(lbSpec.SubscriptionID, lbSpec.ResourceGroup, lbSpec.Name, httpsProbe)),
+					},
+				},
+			})
+		}
+
+		return rules
 	}
 	return []*armnetwork.LoadBalancingRule{}
 }

azure/services/loadbalancers/spec.go

@@ -658,6 +658,25 @@ spec:
                 description: NetworkSpec encapsulates all things related to Azure
                   network.
                 properties:
+                  additionalControlPlaneLBPorts:
+                    description: AdditionalControlPlaneLBPorts is the configuration
+                      for the additional inbound control-plane load balancer ports
+                    items:
+                      description: LoadBalancerPort specifies additional port for
+                        the API server load balancer
+                      properties:
+                        name:
+                          description: Name for the additional port within LB definition
+                          type: string
+                        port:
+                          description: Port for the LB definition
+                          format: int32
+                          type: integer
+                      required:
+                      - name
+                      - port
+                      type: object
+                    type: array
                   apiServerLB:
                     description: APIServerLB is the configuration for the control-plane
                       load balancer.

config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml

@@ -520,6 +520,27 @@ spec:
                         description: NetworkSpec encapsulates all things related to
                           Azure network.
                         properties:
+                          additionalControlPlaneLBPorts:
+                            description: AdditionalControlPlaneLBPorts is the configuration
+                              for the additional inbound control-plane load balancer
+                              ports
+                            items:
+                              description: LoadBalancerPort specifies additional port
+                                for the API server load balancer
+                              properties:
+                                name:
+                                  description: Name for the additional port within
+                                    LB definition
+                                  type: string
+                                port:
+                                  description: Port for the LB definition
+                                  format: int32
+                                  type: integer
+                              required:
+                              - name
+                              - port
+                              type: object
+                            type: array
                           apiServerLB:
                             description: APIServerLB is the configuration for the
                               control-plane load balancer.

config/crd/bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml

@@ -197,6 +197,9 @@ spec:
       name: my-vnet
       cidrBlocks:
         - 10.0.0.0/16
+    additionalControlPlaneLBPorts:
+      - name: RKE2
+        port: 9345
     subnets:
       - name: my-subnet-cp
         role: control-plane