diff --git a/modules/private-clusters-setting-api-private.adoc b/modules/private-clusters-setting-api-private.adoc index 55c20a50066a..5cec5fb0c352 100644 --- a/modules/private-clusters-setting-api-private.adoc +++ b/modules/private-clusters-setting-api-private.adoc @@ -31,8 +31,58 @@ you can reconfigure the API server to use only the private zone. .Procedure +. In the web portal or console for your cloud provider, take the following actions: + +.. Locate and delete the appropriate load balancer component: +ifndef::cpmso-using-azure[] +*** {aws-short} clusters: Delete the external load balancer. The API DNS entry in the private zone already points to the internal load balancer, which uses an identical configuration, so you do not need to modify the internal load balancer. +endif::cpmso-using-azure[] +ifndef::cpmso-using-aws[] +*** {azure-short}: Delete the following resources: + ** The `api-v4` rule for the public load balancer. + ** The `frontendIPConfiguration` parameter that is associated with the `api-v4` rule for the public load balancer. + ** The public IP that is specified in the `frontendIPConfiguration` parameter. + +.. {azure-short} clusters: Configure the Ingress Controller endpoint publishing scope to `Internal`. +For more information, see "Configuring the Ingress Controller endpoint publishing scope to Internal". ++ +[IMPORTANT] +==== +If you configure the Ingress Controller endpoint publishing scope to `Internal` and there are no existing inbound rules in the public load balancer, you must create an outbound rule explicitly to provide outbound traffic for the backend address pool. + +For more information, see the Microsoft Azure documentation about adding outbound rules. +==== + +endif::cpmso-using-aws[] + +.. Delete the +ifdef::cpmso-using-aws[`api.$clustername.$yourdomain`] +ifdef::post-install[`api.$clustername.$yourdomain` or] +ifndef::cpmso-using-aws[`api.$clustername`] +DNS entry in the public zone. + +ifdef::cpmso-using-aws[] +. Remove the external load balancers by deleting the following indicated lines in the control plane machine set custom resource: ++ +[source,yaml] +---- +# ... +providerSpec: + value: +# ... + loadBalancers: + - name: lk4pj-ext # <1> + type: network # <2> + - name: lk4pj-int + type: network +# ... +---- +<1> Delete the `name` value for the external load balancer, which ends in `-ext`. +<2> Delete the `type` value for the external load balancer. +endif::cpmso-using-aws[] + ifdef::post-install[] -. AWS clusters: Remove the external load balancers: +. {aws-short} clusters: Remove the external load balancers: + [IMPORTANT] ====