Skip to content

Commit

Permalink
Azure: Disable public IP on bootstrap and add outbound LB
Browse files Browse the repository at this point in the history
  • Loading branch information
jhixson74 committed May 3, 2024
1 parent ba4d1ba commit 5733fb9
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 6 deletions.
18 changes: 12 additions & 6 deletions pkg/asset/machines/azure/azuremachines.go
Original file line number Diff line number Diff line change
Expand Up @@ -178,12 +178,18 @@ func GenerateMachines(platform *azure.Platform, pool *types.MachinePool, userDat
},
},
Spec: capz.AzureMachineSpec{
VMSize: mpool.InstanceType,
Image: image,
FailureDomain: ptr.To(mpool.Zones[0]),
OSDisk: osDisk,
AdditionalTags: tags,
AllocatePublicIP: true,
VMSize: mpool.InstanceType,
Image: image,
FailureDomain: ptr.To(mpool.Zones[0]),
OSDisk: osDisk,
AdditionalTags: tags,
// Do not allocate a public IP since it isn't
// accessible as we are using an outbound LB for the
// control plane. This is temporary until we have a
// workaround for accessing SSH (Most likely port
// forwarding SSH off the LB until the bootstrap node
// is destroyed).
AllocatePublicIP: false,
AdditionalCapabilities: additionalCapabilities,
SecurityProfile: securityProfile,
},
Expand Down
4 changes: 4 additions & 0 deletions pkg/asset/manifests/azure/cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package azure
import (
"fmt"

"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/pkg/errors"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
Expand Down Expand Up @@ -101,6 +102,9 @@ func GenerateClusterAssets(installConfig *installconfig.InstallConfig, clusterID
Type: capz.Internal,
},
},
ControlPlaneOutboundLB: &capz.LoadBalancerSpec{
FrontendIPsCount: to.Ptr(int32(1)),
},
Subnets: capz.Subnets{
{
SubnetClassSpec: capz.SubnetClassSpec{
Expand Down

0 comments on commit 5733fb9

Please sign in to comment.