azure: Fix Load balancer IP setup

Fixing the issue where the load balancer IP was not set in the range of the machine network CIDRs by setting it to the first IP in the CIDR range. Also extending this logic to non-existing vnet installs since the problem can happen even during normal installs.
openshift · Oct 28, 2024 · 212bb10 · 212bb10
1 parent 74ee94f
commit 212bb10
Showing 1 changed file with 34 additions and 10 deletions.
diff --git a/pkg/asset/manifests/azure/cluster.go b/pkg/asset/manifests/azure/cluster.go
@@ -104,6 +104,35 @@ func GenerateClusterAssets(installConfig *installconfig.InstallConfig, clusterID
 	}
 
 	virtualNetworkID := ""
+	lbip := capz.DefaultInternalLBIPAddress
+	machineCidr := installConfig.Config.MachineNetwork
+	// Check if default lbip is within machine network.
+	isInMachineCIDR := false
+	for _, cidrRange := range machineCidr {
+		_, ipnet, err := net.ParseCIDR(cidrRange.CIDR.String())
+		if err != nil {
+			return nil, fmt.Errorf("failed to get machine network CIDR: %w", err)
+		}
+		if ipnet.Contains(net.ParseIP(lbip)) {
+			isInMachineCIDR = true
+			break
+		}
+	}
+
+	// If not in machine network, assign the first IP in the CIDR to lbip.
+	if !isInMachineCIDR {
+		ip, ipnet, err := net.ParseCIDR(machineCidr[0].CIDR.String())
+		if err != nil {
+			return nil, fmt.Errorf("failed to get machine network CIDR: %w", err)
+		}
+		lbip = ip.Mask(ipnet.Mask).String()
+	}
+	apiServerLB.FrontendIPs = []capz.FrontendIP{{
+		Name: fmt.Sprintf("%s-internal-frontEnd", clusterID.InfraID),
+		FrontendIPClass: capz.FrontendIPClass{
+			PrivateIPAddress: lbip,
+		},
+	}}
 	if installConfig.Config.Azure.VirtualNetwork != "" {
 		client, err := installConfig.Azure.Client()
 		if err != nil {
@@ -117,16 +146,12 @@ func GenerateClusterAssets(installConfig *installconfig.InstallConfig, clusterID
 		if virtualNetwork != nil {
 			virtualNetworkID = *virtualNetwork.ID
 		}
-		lbip, err := getNextAvailableIP(ctx, installConfig)
+		lbip, err := getNextAvailableIP(ctx, installConfig, lbip)
 		if err != nil {
 			return nil, err
 		}
-		apiServerLB.FrontendIPs = []capz.FrontendIP{{
-			Name: fmt.Sprintf("%s-internal-frontEnd", clusterID.InfraID),
-			FrontendIPClass: capz.FrontendIPClass{
-				PrivateIPAddress: lbip,
-			},
-		},
+		apiServerLB.FrontendIPs[0].FrontendIPClass = capz.FrontendIPClass{
+			PrivateIPAddress: lbip,
 		}
 	}
 
@@ -255,9 +280,7 @@ func GenerateClusterAssets(installConfig *installconfig.InstallConfig, clusterID
 	}, nil
 }
 
-func getNextAvailableIP(ctx context.Context, installConfig *installconfig.InstallConfig) (string, error) {
-	lbip := capz.DefaultInternalLBIPAddress
-	machineCidr := installConfig.Config.MachineNetwork
+func getNextAvailableIP(ctx context.Context, installConfig *installconfig.InstallConfig, lbip string) (string, error) {
 	client, err := installConfig.Azure.Client()
 	if err != nil {
 		return "", fmt.Errorf("failed to get azure client: %w", err)
@@ -267,6 +290,7 @@ func getNextAvailableIP(ctx context.Context, installConfig *installconfig.Instal
 		return "", fmt.Errorf("failed to get azure virtual network client: %w", err)
 	}
 
+	machineCidr := installConfig.Config.MachineNetwork
 	availableIP, err := vClient.CheckIPAddressAvailability(ctx, installConfig.Config.Azure.NetworkResourceGroupName, installConfig.Config.Azure.VirtualNetwork, lbip)
 	if err != nil {
 		return "", fmt.Errorf("failed to get azure ip availability: %w", err)