fix loadbalancer update and add documentation

Author: Rahul Sharma

cloud/annotations/annotations.go

@@ -35,7 +35,6 @@ const (
 	AnnLinodeNodeIPSharingUpdated = "node.k8s.linode.com/ip-sharing-updated"
 
 	NodeBalancerBackendIPv4Range = "service.beta.kubernetes.io/linode-loadbalancer-backend-ipv4-range"
-	NodeBalancerBackendIPv6Range = "service.beta.kubernetes.io/linode-loadbalancer-backend-ipv6-range"
 
 	NodeBalancerBackendVPCName    = "service.beta.kubernetes.io/linode-loadbalancer-backend-vpc-name"
 	NodeBalancerBackendSubnetName = "service.beta.kubernetes.io/linode-loadbalancer-backend-subnet-name"

cloud/linode/loadbalancers.go

@@ -384,8 +384,14 @@ func (l *loadbalancers) updateNodeBalancer(
 		// Add all of the Nodes to the config
 		newNBNodes := make([]linodego.NodeBalancerConfigRebuildNodeOptions, 0, len(nodes))
 		subnetID := 0
-		if nb.GetCreateOptions().VPCs != nil {
-			subnetID = nb.GetCreateOptions().VPCs[0].SubnetID
+		_, ok := service.GetAnnotations()[annotations.NodeBalancerBackendIPv4Range]
+		if ok {
+			id, err := l.getSubnetIDForSVC(ctx, service)
+			if err != nil {
+				sentry.CaptureError(ctx, err)
+				return fmt.Errorf("Error getting subnet ID for service %s: %v", service.Name, err)
+			}
+			subnetID = id
 		}
 		for _, node := range nodes {
 			newNodeOpts := l.buildNodeBalancerNodeConfigRebuildOptions(node, port.NodePort, subnetID)
@@ -774,6 +780,9 @@ func (l *loadbalancers) addTLSCert(ctx context.Context, service *v1.Service, nbC
 	return nil
 }
 
+// getSubnetIDForSVC returns the subnet ID for the service's VPC and subnet.
+// By default, first VPCName and SubnetName are used to calculate subnet id for the service.
+// If the service has annotations specifying VPCName and SubnetName, they are used instead.
 func (l *loadbalancers) getSubnetIDForSVC(ctx context.Context, service *v1.Service) (int, error) {
 	if Options.VPCNames == "" {
 		return 0, fmt.Errorf("CCM not configured with VPC, cannot create NodeBalancer with specified annotation")

docs/configuration/annotations.md

@@ -32,6 +32,9 @@ For implementation details, see:
 | `tags` | string | | A comma separated list of tags to be applied to the NodeBalancer instance |
 | `firewall-id` | string | | An existing Cloud Firewall ID to be attached to the NodeBalancer instance. See [Firewall Setup](firewall.md) |
 | `firewall-acl` | string | | The Firewall rules to be applied to the NodeBalancer. See [Firewall Configuration](#firewall-configuration) |
+| `backend-ipv4-range` | string | | The IPv4 range from VPC subnet to be applied to the NodeBalancer backend. See [Nodebalancer VPC Configuration](#nodebalancer-vpc-configuration) |
+| `backend-vpc-name` | string | | VPC which is connected to the NodeBalancer backend. See [Nodebalancer VPC Configuration](#nodebalancer-vpc-configuration) |
+| `backend-subnet-name` | string | | Subnet within VPC which is connected to the NodeBalancer backend. See [Nodebalancer VPC Configuration](#nodebalancer-vpc-configuration) |
 
 ### Port Specific Configuration
 
@@ -104,6 +107,15 @@ metadata:
       }
 ```
 
+### Nodebalancer VPC Configuration
+```yaml
+metadata:
+  annotations:
+    service.beta.kubernetes.io/linode-loadbalancer-backend-ipv4-range: "10.100.0.0/30"
+    service.beta.kubernetes.io/linode-loadbalancer-vpc-name: "vpc1"
+    service.beta.kubernetes.io/linode-loadbalancer-subnet-name: "subnet1"
+```
+
 For more examples and detailed configuration options, see:
 - [LoadBalancer Configuration](loadbalancer.md)
 - [Firewall Configuration](firewall.md)

docs/configuration/loadbalancer.md

@@ -120,10 +120,10 @@ metadata:
 
 ## BGP-based IP Sharing Implementation
 
-BGP-based IP sharing provides a more cost-effective solution for multiple LoadBalancer services. For detailed setup instructions, see [Cilium BGP Documentation](https://docs.cilium.io/en/stable/network/bgp-control-plane/).
+BGP-based IP sharing provides a more cost-effective solution for multiple LoadBalancer services. For detailed setup instructions, see [Cilium BGP Documentation](https://docs.cilium.io/en/stable/network/bgp-control-plane/bgp-control-plane/).
 
 ### Prerequisites
-- [Cilium CNI](https://docs.cilium.io/en/stable/network/bgp-control-plane/) with BGP control plane enabled
+- [Cilium CNI](https://docs.cilium.io/en/stable/network/bgp-control-plane/bgp-control-plane/) with BGP control plane enabled
 - Additional IP provisioning enabled on your account (contact [Linode Support](https://www.linode.com/support/))
 - Nodes labeled for BGP peering
 
@@ -150,6 +150,27 @@ kubectl label node my-node cilium-bgp-peering=true
 
 For more details, see [Environment Variables](environment.md#network-configuration).
 
+## Configuring NodeBalancers directly with VPC
+NodeBalancers can be configured to have VPC specific ips configured as backend nodes. It requires:
+1. VPC with a subnet and Linodes in VPC
+2. Each NodeBalancer created within that VPC needs a free /30 or bigger subnet from the subnet to which Linodes are connected
+
+Specify NodeBalancer backend ipv4 range when creating service:
+```yaml
+metadata:
+  annotations:
+    service.beta.kubernetes.io/linode-loadbalancer-backend-ipv4-range: "10.100.0.0/30"
+```
+
+By default, CCM uses first VPC and Subnet name configured with it to attach NodeBalancers to that VPC subnet. To overwrite those, use:
+```yaml
+metadata:
+  annotations:
+    service.beta.kubernetes.io/linode-loadbalancer-backend-ipv4-range: "10.100.0.4/30"
+    service.beta.kubernetes.io/linode-loadbalancer-vpc-name: "vpc1"
+    service.beta.kubernetes.io/linode-loadbalancer-subnet-name: "subnet1"
+```
+
 ## Advanced Configuration
 
 ### Using Existing NodeBalancers
@@ -201,6 +222,6 @@ metadata:
 - [Environment Variables](environment.md)
 - [Route Configuration](routes.md)
 - [Linode NodeBalancer Documentation](https://www.linode.com/docs/products/networking/nodebalancers/)
-- [Cilium BGP Documentation](https://docs.cilium.io/en/stable/network/bgp-control-plane/)
+- [Cilium BGP Documentation](https://docs.cilium.io/en/stable/network/bgp-control-plane/bgp-control-plane/)
 - [Basic Service Examples](../examples/basic.md)
 - [Advanced Configuration Examples](../examples/advanced.md)