From 4d13479f9053c3b75ce64f8978db21440a3212f4 Mon Sep 17 00:00:00 2001
From: Leonard Cohnen <lc@edgeless.systems>
Date: Tue, 16 Jul 2024 13:27:42 +0200
Subject: [PATCH] k8s: use separate lb for K8s services on azure

---
 internal/constellation/helm/overrides.go               |  2 +-
 terraform/infrastructure/azure/main.tf                 | 10 ++--------
 .../infrastructure/azure/modules/scale_set/main.tf     |  1 +
 3 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/internal/constellation/helm/overrides.go b/internal/constellation/helm/overrides.go
index deb515909b9..fdadaac8870 100644
--- a/internal/constellation/helm/overrides.go
+++ b/internal/constellation/helm/overrides.go
@@ -243,7 +243,7 @@ func getCCMConfig(azureState state.Azure, serviceAccURI string) ([]byte, error)
 		ResourceGroup:               azureState.ResourceGroup,
 		LoadBalancerSku:             "standard",
 		SecurityGroupName:           azureState.NetworkSecurityGroupName,
-		LoadBalancerName:            azureState.LoadBalancerName,
+		LoadBalancerName:            "kubernetes-lb",
 		UseInstanceMetadata:         true,
 		VMType:                      "vmss",
 		Location:                    creds.Location,
diff --git a/terraform/infrastructure/azure/main.tf b/terraform/infrastructure/azure/main.tf
index 7338f86baa7..36ac2e548da 100644
--- a/terraform/infrastructure/azure/main.tf
+++ b/terraform/infrastructure/azure/main.tf
@@ -257,14 +257,8 @@ module "scale_set_group" {
   image_id                  = var.image_id
   network_security_group_id = azurerm_network_security_group.security_group.id
   subnet_id                 = azurerm_subnet.node_subnet.id
-  backend_address_pool_ids = each.value.role == "control-plane" ? [
-    azurerm_lb_backend_address_pool.all.id,
-    module.loadbalancer_backend_control_plane.backendpool_id
-    ] : [
-    azurerm_lb_backend_address_pool.all.id,
-    module.loadbalancer_backend_worker.backendpool_id
-  ]
-  marketplace_image = var.marketplace_image
+  backend_address_pool_ids  = each.value.role == "control-plane" ? [module.loadbalancer_backend_control_plane.backendpool_id] : []
+  marketplace_image         = var.marketplace_image
 }
 
 module "jump_host" {
diff --git a/terraform/infrastructure/azure/modules/scale_set/main.tf b/terraform/infrastructure/azure/modules/scale_set/main.tf
index 9bd3d6cb952..2d67c9444ff 100644
--- a/terraform/infrastructure/azure/modules/scale_set/main.tf
+++ b/terraform/infrastructure/azure/modules/scale_set/main.tf
@@ -119,6 +119,7 @@ resource "azurerm_linux_virtual_machine_scale_set" "scale_set" {
       instances,              # required. autoscaling modifies the instance count externally
       source_image_id,        # required. update procedure modifies the image id externally
       source_image_reference, # required. update procedure modifies the image reference externally
+      # network_interface[0].ip_configuration[0].load_balancer_backend_address_pool_ids
     ]
   }
 }