AB#2261 Add loadbalancer for control-plane recovery (#151)

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-05-18 22:20:37 -04:00 · 2022-09-14 13:25:42 +02:00 · 2022-09-14 13:25:42 +02:00 · e367e1a68b
commit e367e1a68b
parent 273d89e002
16 changed files with 418 additions and 243 deletions
--- a/cli/internal/azure/loadbalancer.go
+++ b/cli/internal/azure/loadbalancer.go
@ -31,6 +31,7 @@ const (
 	coordHealthProbeName               = "coordHealthProbe"
 	debugdHealthProbeName              = "debugdHealthProbe"
 	konnectivityHealthProbeName        = "konnectivityHealthProbe"
+	recoveryHealthProbeName            = "recoveryHealthProbe"
 )

 // Azure returns a Azure representation of LoadBalancer.
@ -94,6 +95,13 @@ func (l LoadBalancer) Azure() armnetwork.LoadBalancer {
 						Port:     to.Ptr[int32](constants.KonnectivityPort),
 					},
 				},
+				{
+					Name: to.Ptr(recoveryHealthProbeName),
+					Properties: &armnetwork.ProbePropertiesFormat{
+						Protocol: to.Ptr(armnetwork.ProbeProtocolTCP),
+						Port:     to.Ptr[int32](constants.RecoveryPort),
+					},
+				},
 			},
 			LoadBalancingRules: []*armnetwork.LoadBalancingRule{
 				{
@ -212,6 +220,35 @@ func (l LoadBalancer) Azure() armnetwork.LoadBalancer {
 						},
 					},
 				},
+				{
+					Name: to.Ptr("recoveryLoadBalancerRule"),
+					Properties: &armnetwork.LoadBalancingRulePropertiesFormat{
+						FrontendIPConfiguration: &armnetwork.SubResource{
+							ID: to.Ptr("/subscriptions/" + l.Subscription +
+								"/resourceGroups/" + l.ResourceGroup +
+								"/providers/Microsoft.Network/loadBalancers/" + l.Name +
+								"/frontendIPConfigurations/" + frontEndIPConfigName),
+						},
+						FrontendPort: to.Ptr[int32](constants.RecoveryPort),
+						BackendPort:  to.Ptr[int32](constants.RecoveryPort),
+						Protocol:     to.Ptr(armnetwork.TransportProtocolTCP),
+						Probe: &armnetwork.SubResource{
+							ID: to.Ptr("/subscriptions/" + l.Subscription +
+								"/resourceGroups/" + l.ResourceGroup +
+								"/providers/Microsoft.Network/loadBalancers/" + l.Name +
+								"/probes/" + recoveryHealthProbeName),
+						},
+						DisableOutboundSnat: to.Ptr(true),
+						BackendAddressPools: []*armnetwork.SubResource{
+							{
+								ID: to.Ptr("/subscriptions/" + l.Subscription +
+									"/resourceGroups/" + l.ResourceGroup +
+									"/providers/Microsoft.Network/loadBalancers/" + l.Name +
+									"/backendAddressPools/" + backEndAddressPoolControlPlaneName),
+							},
+						},
+					},
+				},
 			},
 			OutboundRules: []*armnetwork.OutboundRule{
 				{