[Feature]: Load balancers should honor selected subnet.
mzhaase opened this issue · comments
What whould you like to see?
Im creating two hcloud load balancers:
# module.kubernetes-cluster.hcloud_load_balancer_network.control-plane will be created
+ resource "hcloud_load_balancer_network" "control-plane" {
+ enable_public_interface = false
+ id = (known after apply)
+ ip = (known after apply)
+ load_balancer_id = (known after apply)
+ subnet_id = "xxx-10.0.128.0/19"
}
# module.kubernetes-cluster.hcloud_load_balancer_network.worker will be created
+ resource "hcloud_load_balancer_network" "worker" {
+ enable_public_interface = true
+ id = (known after apply) + ip = (known after apply)
+ load_balancer_id = (known after apply)
+ subnet_id = "xxx-10.0.128.0/19"
}
Expectation: IPs of load balancers are within 10.0.128.0/19. They should be assigned this subnet.
Reality: Load balancers have random, non-deterministic IPs from any subnet. They are not necessarily assigned to the correct subnet.
Impact: Proper firewalling not possible.
Hey @mzhaase,
this is not supported in our API, the subnet_id field is basically just a workaround to get the dependency order correct in Terraform. If you want to assign the Load Balancer to the subnet, you will have to manually set an IP from the range.
At the core, this is the same issue as explained in #672.
I am going to keep this issue open for tracking the same problem with Load Balancers.