Azure: Disable public IP on bootstrap and add outbound LB

openshift · Apr 25, 2024 · 7e7aace · 7e7aace
1 parent 67ccfeb
commit 7e7aace
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/pkg/asset/machines/azure/azuremachines.go b/pkg/asset/machines/azure/azuremachines.go
@@ -182,7 +182,7 @@ func GenerateMachines(platform *azure.Platform, pool *types.MachinePool, userDat
 			FailureDomain:          ptr.To(mpool.Zones[0]),
 			OSDisk:                 osDisk,
 			AdditionalTags:         tags,
-			AllocatePublicIP:       true,
+			AllocatePublicIP:       false,
 			AdditionalCapabilities: additionalCapabilities,
 			SecurityProfile:        securityProfile,
 		},

diff --git a/pkg/asset/manifests/azure/cluster.go b/pkg/asset/manifests/azure/cluster.go
@@ -3,6 +3,7 @@ package azure
 import (
 	"fmt"
 
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -77,6 +78,9 @@ func GenerateClusterAssets(installConfig *installconfig.InstallConfig, clusterID
 						Type: capz.Internal,
 					},
 				},
+				ControlPlaneOutboundLB: &capz.LoadBalancerSpec{
+					FrontendIPsCount: to.Ptr(int32(1)),
+				},
 				Subnets: capz.Subnets{
 					{
 						SubnetClassSpec: capz.SubnetClassSpec{