test: Add E2E test for zone-redundant load balancers

bryan-cox · bryan-cox · commit e29bc2e7014a · 2025-10-24T13:12:35.000-04:00
Add dedicated end-to-end test to verify zone-redundant load balancer
functionality in real Azure environments.

The test:
- Creates a cluster with zone-redundant load balancers configured
- Uses the apiserver-ilb flavor with zones set to 1,2,3
- Verifies zones are correctly set in AzureCluster spec
- Validates Azure resources have zones on frontend IP configurations
- Tests all three load balancer types:
  - API Server Load Balancer (internal)
  - Node Outbound Load Balancer
  - Control Plane Outbound Load Balancer

This is an optional test that validates the complete feature works
end-to-end by creating actual Azure infrastructure and verifying
the zone configuration.
diff --git a/test/e2e/azure_test.go b/test/e2e/azure_test.go
@@ -27,6 +27,8 @@ import (
 	"strings"
 	"time"
 
+	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
+	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4"
 	"github.com/Azure/azure-service-operator/v2/pkg/common/config"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -37,6 +39,8 @@ import (
 	"sigs.k8s.io/cluster-api/test/framework/clusterctl"
 	"sigs.k8s.io/cluster-api/util"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	infrav1 "sigs.k8s.io/cluster-api-provider-azure/api/v1beta1"
 )
 
 var _ = Describe("Workload cluster creation", func() {
@@ -1427,5 +1431,154 @@ var _ = Describe("Workload cluster creation", func() {
 		})
 	})
 
+	Context("Creating a cluster with zone-redundant load balancers [OPTIONAL]", func() {
+		It("with zone-redundant API server, node outbound, and control plane outbound load balancers", func() {
+			clusterName = getClusterName(clusterNamePrefix, "lb-zones")
+
+			// Set up zone-redundant load balancer configuration
+			Expect(os.Setenv("EXP_APISERVER_ILB", "true")).To(Succeed())
+			Expect(os.Setenv("AZURE_INTERNAL_LB_PRIVATE_IP", "40.0.0.100")).To(Succeed())
+			Expect(os.Setenv("AZURE_VNET_CIDR", "40.0.0.0/8")).To(Succeed())
+			Expect(os.Setenv("AZURE_CP_SUBNET_CIDR", "40.0.0.0/16")).To(Succeed())
+			Expect(os.Setenv("AZURE_NODE_SUBNET_CIDR", "40.1.0.0/16")).To(Succeed())
+			Expect(os.Setenv("AZURE_LB_ZONES", "1,2,3")).To(Succeed())
+
+			clusterctl.ApplyClusterTemplateAndWait(ctx, createApplyClusterTemplateInput(
+				specName,
+				withFlavor("apiserver-ilb"),
+				withNamespace(namespace.Name),
+				withClusterName(clusterName),
+				withControlPlaneMachineCount(3),
+				withWorkerMachineCount(2),
+				withControlPlaneInterval(specName, "wait-control-plane-ha"),
+				withControlPlaneWaiters(clusterctl.ControlPlaneWaiters{
+					WaitForControlPlaneInitialized: EnsureControlPlaneInitialized,
+				}),
+				withPostMachinesProvisioned(func() {
+					EnsureDaemonsets(ctx, func() DaemonsetsSpecInput {
+						return DaemonsetsSpecInput{
+							BootstrapClusterProxy: bootstrapClusterProxy,
+							Namespace:             namespace,
+							ClusterName:           clusterName,
+						}
+					})
+				}),
+			), result)
+
+			By("Verifying load balancer zones are configured correctly in Azure", func() {
+				expectedZones := []string{"1", "2", "3"}
+
+				subscriptionID := getSubscriptionID(Default)
+				cred, err := azidentity.NewDefaultAzureCredential(nil)
+				Expect(err).NotTo(HaveOccurred())
+
+				mgmtClient := bootstrapClusterProxy.GetClient()
+				Expect(mgmtClient).NotTo(BeNil())
+
+				azureCluster := &infrav1.AzureCluster{}
+				err = mgmtClient.Get(ctx, client.ObjectKey{
+					Namespace: namespace.Name,
+					Name:      clusterName,
+				}, azureCluster)
+				Expect(err).NotTo(HaveOccurred())
+
+				resourceGroupName := azureCluster.Spec.ResourceGroup
+				Expect(resourceGroupName).NotTo(BeEmpty())
+
+				lbClient, err := armnetwork.NewLoadBalancersClient(subscriptionID, cred, nil)
+				Expect(err).NotTo(HaveOccurred())
+
+				// Verify API Server Load Balancer zones
+				if azureCluster.Spec.NetworkSpec.APIServerLB != nil {
+					Expect(azureCluster.Spec.NetworkSpec.APIServerLB.AvailabilityZones).To(Equal(expectedZones),
+						"APIServerLB should have zones configured in AzureCluster spec")
+
+					lbName := azureCluster.Spec.NetworkSpec.APIServerLB.Name
+					Eventually(func(g Gomega) {
+						lb, err := lbClient.Get(ctx, resourceGroupName, lbName, nil)
+						g.Expect(err).NotTo(HaveOccurred())
+						g.Expect(lb.Properties).NotTo(BeNil())
+						g.Expect(lb.Properties.FrontendIPConfigurations).NotTo(BeEmpty())
+
+						for _, frontendIP := range lb.Properties.FrontendIPConfigurations {
+							g.Expect(frontendIP.Zones).NotTo(BeNil(), "Frontend IP should have zones configured")
+							g.Expect(frontendIP.Zones).To(HaveLen(3), "Frontend IP should have 3 zones")
+
+							zonesMap := make(map[string]bool)
+							for _, zone := range frontendIP.Zones {
+								if zone != nil {
+									zonesMap[*zone] = true
+								}
+							}
+							for _, expectedZone := range expectedZones {
+								g.Expect(zonesMap[expectedZone]).To(BeTrue(), "Zone %s should be configured", expectedZone)
+							}
+						}
+					}, retryableOperationTimeout, retryableOperationSleepBetweenRetries).Should(Succeed())
+				}
+
+				// Verify Node Outbound Load Balancer zones
+				if azureCluster.Spec.NetworkSpec.NodeOutboundLB != nil {
+					Expect(azureCluster.Spec.NetworkSpec.NodeOutboundLB.AvailabilityZones).To(Equal(expectedZones),
+						"NodeOutboundLB should have zones configured in AzureCluster spec")
+
+					lbName := azureCluster.Spec.NetworkSpec.NodeOutboundLB.Name
+					Eventually(func(g Gomega) {
+						lb, err := lbClient.Get(ctx, resourceGroupName, lbName, nil)
+						g.Expect(err).NotTo(HaveOccurred())
+						g.Expect(lb.Properties).NotTo(BeNil())
+						g.Expect(lb.Properties.FrontendIPConfigurations).NotTo(BeEmpty())
+
+						for _, frontendIP := range lb.Properties.FrontendIPConfigurations {
+							g.Expect(frontendIP.Zones).NotTo(BeNil(), "Frontend IP should have zones configured")
+							g.Expect(frontendIP.Zones).To(HaveLen(3), "Frontend IP should have 3 zones")
+
+							zonesMap := make(map[string]bool)
+							for _, zone := range frontendIP.Zones {
+								if zone != nil {
+									zonesMap[*zone] = true
+								}
+							}
+							for _, expectedZone := range expectedZones {
+								g.Expect(zonesMap[expectedZone]).To(BeTrue(), "Zone %s should be configured", expectedZone)
+							}
+						}
+					}, retryableOperationTimeout, retryableOperationSleepBetweenRetries).Should(Succeed())
+				}
+
+				// Verify Control Plane Outbound Load Balancer zones
+				if azureCluster.Spec.NetworkSpec.ControlPlaneOutboundLB != nil {
+					Expect(azureCluster.Spec.NetworkSpec.ControlPlaneOutboundLB.AvailabilityZones).To(Equal(expectedZones),
+						"ControlPlaneOutboundLB should have zones configured in AzureCluster spec")
+
+					lbName := azureCluster.Spec.NetworkSpec.ControlPlaneOutboundLB.Name
+					Eventually(func(g Gomega) {
+						lb, err := lbClient.Get(ctx, resourceGroupName, lbName, nil)
+						g.Expect(err).NotTo(HaveOccurred())
+						g.Expect(lb.Properties).NotTo(BeNil())
+						g.Expect(lb.Properties.FrontendIPConfigurations).NotTo(BeEmpty())
+
+						for _, frontendIP := range lb.Properties.FrontendIPConfigurations {
+							g.Expect(frontendIP.Zones).NotTo(BeNil(), "Frontend IP should have zones configured")
+							g.Expect(frontendIP.Zones).To(HaveLen(3), "Frontend IP should have 3 zones")
+
+							zonesMap := make(map[string]bool)
+							for _, zone := range frontendIP.Zones {
+								if zone != nil {
+									zonesMap[*zone] = true
+								}
+							}
+							for _, expectedZone := range expectedZones {
+								g.Expect(zonesMap[expectedZone]).To(BeTrue(), "Zone %s should be configured", expectedZone)
+							}
+						}
+					}, retryableOperationTimeout, retryableOperationSleepBetweenRetries).Should(Succeed())
+				}
+			})
+
+			By("PASSED!")
+		})
+	})
+
 	// TODO: add a same test as above for a windows cluster
 })
