Merge pull request #60959 from feiskyer/external-ip

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Set node external IP for azure node when disabling UseInstanceMetadata

**What this PR does / why we need it**:

This PR sets node external IP for azure node disabling UseInstanceMetadata.

It also adds a check of whether it is running locally when UseInstanceMetadata.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #60958

**Special notes for your reviewer**:

**Release note**:

```release-note
Set node external IP for azure node when disabling UseInstanceMetadata
```

pkg/cloudprovider/providers/azure/azure_backoff.go

@@ -113,19 +113,19 @@ func (az *Cloud) VirtualMachineClientListWithRetry() ([]compute.VirtualMachine,
 }
 
 // GetIPForMachineWithRetry invokes az.getIPForMachine with exponential backoff retry
-func (az *Cloud) GetIPForMachineWithRetry(name types.NodeName) (string, error) {
-	var ip string
+func (az *Cloud) GetIPForMachineWithRetry(name types.NodeName) (string, string, error) {
+	var ip, publicIP string
 	err := wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
 		var retryErr error
-		ip, retryErr = az.getIPForMachine(name)
+		ip, publicIP, retryErr = az.getIPForMachine(name)
 		if retryErr != nil {
 			glog.Errorf("backoff: failure, will retry,err=%v", retryErr)
 			return false, nil
 		}
 		glog.V(2).Info("backoff: success")
 		return true, nil
 	})
-	return ip, err
+	return ip, publicIP, err
 }
 
 // CreateOrUpdateSGWithRetry invokes az.SecurityGroupsClient.CreateOrUpdate with exponential backoff retry

pkg/cloudprovider/providers/azure/azure_fakes.go

@@ -1126,16 +1126,16 @@ func (f *fakeVMSet) GetInstanceTypeByNodeName(name string) (string, error) {
 	return "", fmt.Errorf("unimplemented")
 }
 
-func (f *fakeVMSet) GetIPByNodeName(name, vmSetName string) (string, error) {
+func (f *fakeVMSet) GetIPByNodeName(name, vmSetName string) (string, string, error) {
 	nodes, found := f.NodeToIP[vmSetName]
 	if !found {
-		return "", fmt.Errorf("not found")
+		return "", "", fmt.Errorf("not found")
 	}
 	ip, found := nodes[name]
 	if !found {
-		return "", fmt.Errorf("not found")
+		return "", "", fmt.Errorf("not found")
 	}
-	return ip, nil
+	return ip, "", nil
 }
 
 func (f *fakeVMSet) GetPrimaryInterface(nodeName, vmSetName string) (network.Interface, error) {

pkg/cloudprovider/providers/azure/azure_instances.go

@@ -31,9 +31,39 @@ import (
 
 // NodeAddresses returns the addresses of the specified instance.
 func (az *Cloud) NodeAddresses(ctx context.Context, name types.NodeName) ([]v1.NodeAddress, error) {
+	addressGetter := func(nodeName types.NodeName) ([]v1.NodeAddress, error) {
+		ip, publicIP, err := az.GetIPForMachineWithRetry(nodeName)
+		if err != nil {
+			glog.V(2).Infof("NodeAddresses(%s) abort backoff", nodeName)
+			return nil, err
+		}
+
+		addresses := []v1.NodeAddress{
+			{Type: v1.NodeInternalIP, Address: ip},
+			{Type: v1.NodeHostName, Address: string(name)},
+		}
+		if len(publicIP) > 0 {
+			addresses = append(addresses, v1.NodeAddress{
+				Type:    v1.NodeExternalIP,
+				Address: publicIP,
+			})
+		}
+		return addresses, nil
+	}
+
 	if az.UseInstanceMetadata {
+		isLocalInstance, err := az.isCurrentInstance(name)
+		if err != nil {
+			return nil, err
+		}
+
+		// Not local instance, get addresses from Azure ARM API.
+		if !isLocalInstance {
+			return addressGetter(name)
+		}
+
 		ipAddress := IPAddress{}
-		err := az.metadata.Object("instance/network/interface/0/ipv4/ipAddress/0", &ipAddress)
+		err = az.metadata.Object("instance/network/interface/0/ipv4/ipAddress/0", &ipAddress)
 		if err != nil {
 			return nil, err
 		}
@@ -51,16 +81,7 @@ func (az *Cloud) NodeAddresses(ctx context.Context, name types.NodeName) ([]v1.N
 		return addresses, nil
 	}
 
-	ip, err := az.GetIPForMachineWithRetry(name)
-	if err != nil {
-		glog.V(2).Infof("NodeAddresses(%s) abort backoff", name)
-		return nil, err
-	}
-
-	return []v1.NodeAddress{
-		{Type: v1.NodeInternalIP, Address: ip},
-		{Type: v1.NodeHostName, Address: string(name)},
-	}, nil
+	return addressGetter(name)
 }
 
 // NodeAddressesByProviderID returns the node addresses of an instances with the specified unique providerID

pkg/cloudprovider/providers/azure/azure_routes.go

@@ -111,7 +111,7 @@ func (az *Cloud) CreateRoute(ctx context.Context, clusterName string, nameHint s
 	if err := az.createRouteTableIfNotExists(clusterName, kubeRoute); err != nil {
 		return err
 	}
-	targetIP, err := az.getIPForMachine(kubeRoute.TargetNode)
+	targetIP, _, err := az.getIPForMachine(kubeRoute.TargetNode)
 	if err != nil {
 		return err
 	}

pkg/cloudprovider/providers/azure/azure_standard.go

@@ -287,7 +287,7 @@ outer:
 	return -1, fmt.Errorf("SecurityGroup priorities are exhausted")
 }
 
-func (az *Cloud) getIPForMachine(nodeName types.NodeName) (string, error) {
+func (az *Cloud) getIPForMachine(nodeName types.NodeName) (string, string, error) {
 	return az.vmSet.GetIPByNodeName(string(nodeName), "")
 }
 
@@ -424,21 +424,37 @@ func (as *availabilitySet) GetPrimaryVMSetName() string {
 	return as.Config.PrimaryAvailabilitySetName
 }
 
-// GetIPByNodeName gets machine IP by node name.
-func (as *availabilitySet) GetIPByNodeName(name, vmSetName string) (string, error) {
+// GetIPByNodeName gets machine private IP and public IP by node name.
+func (as *availabilitySet) GetIPByNodeName(name, vmSetName string) (string, string, error) {
 	nic, err := as.GetPrimaryInterface(name, vmSetName)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}
 
 	ipConfig, err := getPrimaryIPConfig(nic)
 	if err != nil {
 		glog.Errorf("error: as.GetIPByNodeName(%s), getPrimaryIPConfig(%v), err=%v", name, nic, err)
-		return "", err
+		return "", "", err
+	}
+
+	privateIP := *ipConfig.PrivateIPAddress
+	publicIP := ""
+	if ipConfig.PublicIPAddress != nil && ipConfig.PublicIPAddress.ID != nil {
+		pipID := *ipConfig.PublicIPAddress.ID
+		pipName, err := getLastSegment(pipID)
+		if err != nil {
+			return "", "", fmt.Errorf("failed to publicIP name for node %q with pipID %q", name, pipID)
+		}
+		pip, existsPip, err := as.getPublicIPAddress(as.ResourceGroup, pipName)
+		if err != nil {
+			return "", "", err
+		}
+		if existsPip {
+			publicIP = *pip.IPAddress
+		}
 	}
 
-	targetIP := *ipConfig.PrivateIPAddress
-	return targetIP, nil
+	return privateIP, publicIP, nil
 }
 
 // getAgentPoolAvailabiliySets lists the virtual machines for the resource group and then builds

pkg/cloudprovider/providers/azure/azure_vmsets.go

@@ -34,8 +34,8 @@ type VMSet interface {
 	GetInstanceIDByNodeName(name string) (string, error)
 	// GetInstanceTypeByNodeName gets the instance type by node name.
 	GetInstanceTypeByNodeName(name string) (string, error)
-	// GetIPByNodeName gets machine IP by node name.
-	GetIPByNodeName(name, vmSetName string) (string, error)
+	// GetIPByNodeName gets machine private IP and public IP by node name.
+	GetIPByNodeName(name, vmSetName string) (string, string, error)
 	// GetPrimaryInterface gets machine primary network interface by node name and vmSet.
 	GetPrimaryInterface(nodeName, vmSetName string) (network.Interface, error)
 	// GetNodeNameByProviderID gets the node name by provider ID.

pkg/cloudprovider/providers/azure/azure_vmss.go

@@ -243,22 +243,24 @@ func (ss *scaleSet) GetPrimaryVMSetName() string {
 	return ss.Config.PrimaryScaleSetName
 }
 
-// GetIPByNodeName gets machine IP by node name.
-func (ss *scaleSet) GetIPByNodeName(nodeName, vmSetName string) (string, error) {
+// GetIPByNodeName gets machine private IP and public IP by node name.
+// TODO(feiskyer): Azure vmss doesn't support associating a public IP to single virtual machine yet,
+// fix this after it is supported.
+func (ss *scaleSet) GetIPByNodeName(nodeName, vmSetName string) (string, string, error) {
 	nic, err := ss.GetPrimaryInterface(nodeName, vmSetName)
 	if err != nil {
 		glog.Errorf("error: ss.GetIPByNodeName(%s), GetPrimaryInterface(%q, %q), err=%v", nodeName, nodeName, vmSetName, err)
-		return "", err
+		return "", "", err
 	}
 
 	ipConfig, err := getPrimaryIPConfig(nic)
 	if err != nil {
 		glog.Errorf("error: ss.GetIPByNodeName(%s), getPrimaryIPConfig(%v), err=%v", nodeName, nic, err)
-		return "", err
+		return "", "", err
 	}
 
 	targetIP := *ipConfig.PrivateIPAddress
-	return targetIP, nil
+	return targetIP, "", nil
 }
 
 // This returns the full identifier of the primary NIC for the given VM.