From 505b29458eec440585b636dd800b3df8077ba2c5 Mon Sep 17 00:00:00 2001
From: Leonard Cohnen <lc@edgeless.systems>
Date: Tue, 16 Jul 2024 13:27:42 +0200
Subject: [PATCH] k8s: use separate lb for K8s services on azure

---
 internal/constellation/helm/overrides.go |  2 +-
 terraform/infrastructure/azure/main.tf   | 24 ++----------------------
 2 files changed, 3 insertions(+), 23 deletions(-)

diff --git a/internal/constellation/helm/overrides.go b/internal/constellation/helm/overrides.go
index deb515909b9..fdadaac8870 100644
--- a/internal/constellation/helm/overrides.go
+++ b/internal/constellation/helm/overrides.go
@@ -243,7 +243,7 @@ func getCCMConfig(azureState state.Azure, serviceAccURI string) ([]byte, error)
 		ResourceGroup:               azureState.ResourceGroup,
 		LoadBalancerSku:             "standard",
 		SecurityGroupName:           azureState.NetworkSecurityGroupName,
-		LoadBalancerName:            azureState.LoadBalancerName,
+		LoadBalancerName:            "kubernetes-lb",
 		UseInstanceMetadata:         true,
 		VMType:                      "vmss",
 		Location:                    creds.Location,
diff --git a/terraform/infrastructure/azure/main.tf b/terraform/infrastructure/azure/main.tf
index 7338f86baa7..fbb4fdb1551 100644
--- a/terraform/infrastructure/azure/main.tf
+++ b/terraform/infrastructure/azure/main.tf
@@ -170,20 +170,6 @@ module "loadbalancer_backend_control_plane" {
   ports                          = local.ports
 }
 
-module "loadbalancer_backend_worker" {
-  source = "./modules/load_balancer_backend"
-
-  name                           = "${local.name}-worker"
-  loadbalancer_id                = azurerm_lb.loadbalancer.id
-  frontend_ip_configuration_name = azurerm_lb.loadbalancer.frontend_ip_configuration[0].name
-  ports                          = []
-}
-
-resource "azurerm_lb_backend_address_pool" "all" {
-  loadbalancer_id = azurerm_lb.loadbalancer.id
-  name            = "${var.name}-all"
-}
-
 resource "azurerm_virtual_network" "network" {
   name                = local.name
   resource_group_name = var.resource_group
@@ -257,14 +243,8 @@ module "scale_set_group" {
   image_id                  = var.image_id
   network_security_group_id = azurerm_network_security_group.security_group.id
   subnet_id                 = azurerm_subnet.node_subnet.id
-  backend_address_pool_ids = each.value.role == "control-plane" ? [
-    azurerm_lb_backend_address_pool.all.id,
-    module.loadbalancer_backend_control_plane.backendpool_id
-    ] : [
-    azurerm_lb_backend_address_pool.all.id,
-    module.loadbalancer_backend_worker.backendpool_id
-  ]
-  marketplace_image = var.marketplace_image
+  backend_address_pool_ids  = each.value.role == "control-plane" ? [module.loadbalancer_backend_control_plane.backendpool_id] : []
+  marketplace_image         = var.marketplace_image
 }
 
 module "jump_host" {