CAPI Azure: gather bootstrap through LB

patrickdillon · patrickdillon · commit f2a205bc1654 · 2024-08-08T14:10:18.000-04:00
The Azure bootstrap node cannot have a public IP address, as
Azure does not allow a public IP when the VM is attached to a load
balancer with an outbound rule. Instead, CAPZ creates an inbound
nat rule to allow SSH access through the load balancer.

This commit encapsulates the logic for gathering the bootstrap
host address into its own function and adds a condition to use
the API LB hostname when the bootstrap node cannot have a public ip.

Fixes: OCPBUGS-37540
diff --git a/pkg/infrastructure/clusterapi/clusterapi.go b/pkg/infrastructure/clusterapi/clusterapi.go
@@ -482,22 +482,12 @@ func (i *InfraProvider) ExtractHostAddresses(dir string, config *types.InstallCo
 	manifestsDir := filepath.Join(dir, clusterapi.ArtifactsDir)
 	logrus.Debugf("Looking for machine manifests in %s", manifestsDir)
 
-	bootstrapFiles, err := filepath.Glob(filepath.Join(manifestsDir, "Machine\\-openshift\\-cluster\\-api\\-guests\\-*\\-bootstrap.yaml"))
-	if err != nil {
-		return fmt.Errorf("failed to list bootstrap manifests: %w", err)
-	}
-	logrus.Debugf("bootstrap manifests found: %v", bootstrapFiles)
-
-	if len(bootstrapFiles) != 1 {
-		return fmt.Errorf("wrong number of bootstrap manifests found: %v. Expected exactly one", bootstrapFiles)
-	}
-	addrs, err := extractIPAddress(bootstrapFiles[0])
+	addr, err := i.getBootstrapAddress(config, manifestsDir)
 	if err != nil {
-		return fmt.Errorf("failed to extract IP address for bootstrap: %w", err)
+		return fmt.Errorf("failed to get bootstrap address: %w", err)
 	}
-	logrus.Debugf("found bootstrap address: %s", addrs)
+	ha.Bootstrap = addr
 
-	ha.Bootstrap = prioritizeIPv4(config, addrs)
 	masterFiles, err := filepath.Glob(filepath.Join(manifestsDir, "Machine\\-openshift\\-cluster\\-api\\-guests\\-*\\-master\\-?.yaml"))
 	if err != nil {
 		return fmt.Errorf("failed to list master machine manifests: %w", err)
@@ -522,6 +512,30 @@ func (i *InfraProvider) ExtractHostAddresses(dir string, config *types.InstallCo
 	return nil
 }
 
+func (i *InfraProvider) getBootstrapAddress(config *types.InstallConfig, manifestsDir string) (string, error) {
+	// If the bootstrap node cannot have a public IP address, we
+	// SSH through the load balancer, as is this case on Azure.
+	if i.impl.PublicGatherEndpoint() == APILoadBalancer && config.Publish != types.InternalPublishingStrategy {
+		return fmt.Sprintf("api.%s", config.ClusterDomain()), nil
+	}
+
+	bootstrapFiles, err := filepath.Glob(filepath.Join(manifestsDir, "Machine\\-openshift\\-cluster\\-api\\-guests\\-*\\-bootstrap.yaml"))
+	if err != nil {
+		return "", fmt.Errorf("failed to list bootstrap manifests: %w", err)
+	}
+	logrus.Debugf("bootstrap manifests found: %v", bootstrapFiles)
+
+	if len(bootstrapFiles) != 1 {
+		return "", fmt.Errorf("wrong number of bootstrap manifests found: %v. Expected exactly one", bootstrapFiles)
+	}
+	addrs, err := extractIPAddress(bootstrapFiles[0])
+	if err != nil {
+		return "", fmt.Errorf("failed to extract IP address for bootstrap: %w", err)
+	}
+	logrus.Debugf("found bootstrap address: %s", addrs)
+	return prioritizeIPv4(config, addrs), nil
+}
+
 // IgnitionSecret provides the basic formatting for creating the
 // ignition secret.
 func IgnitionSecret(ign []byte, infraID, role string) *corev1.Secret {
