CCM does not claim already created load balancer

[usernamenenad]

TL;DR

CCM config

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: hcloud-ccm
  namespace: argocd
  annotations:
    argocd.argoproj.io/sync-wave: "0"
spec:
  project: default
  source:
    repoURL: https://charts.hetzner.cloud
    chart: hcloud-cloud-controller-manager
    targetRevision: 1.23.0
    helm:
      values: |
        networking:
          enabled: true
          clusterCIDR: "10.42.0.0/16"
        env:
          HCLOUD_TOKEN:
            valueFrom:
              secretKeyRef:
                name: hcloud
                key: token
  destination:
    server: https://kubernetes.default.svc
    namespace: kube-system
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true

Istio Gateway

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: istio-gateway
  namespace: argocd
  annotations:
    argocd.argoproj.io/sync-wave: "3"
spec:
  project: default
  source:
    repoURL: https://istio-release.storage.googleapis.com/charts
    chart: gateway
    targetRevision: 1.22.0
    helm:
      skipSchemaValidation: true
      values: |
        service:
          annotations:
            load-balancer.hetzner.cloud/id: "5896630"
            load-balancer.hetzner.cloud/location: "nbg1"
            load-balancer.hetzner.cloud/use-private-ip: "true"
            load-balancer.hetzner.cloud/health-check-port: "15021"
            load-balancer.hetzner.cloud/health-check-protocol: "tcp"
        nodeSelector:
          node-role.kubernetes.io/control-plane: "true"
  destination:
    server: https://kubernetes.default.svc
    namespace: istio-system
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true

Even with annotating Gateway resource as load-balancer.hetzner.cloud/id: "5896630", it did not work.

Expected behavior

When a Istio Gateway resource is annotated with load-balancer.hetzner.cloud/id: "5896630", CCM should automatically pick it up and not try to create a new LoadBalancer.

Observed behavior

CCM tried to create a new load balancer.

Minimal working example

No response

Log output

Additional information

No response

[usernamenenad]

Idk if it's a known issue, but I'd also like to fix it 💯

[lukasmetzner]

service:
annotations:
load-balancer.hetzner.cloud/id: "5896630"
load-balancer.hetzner.cloud/location: "nbg1"
load-balancer.hetzner.cloud/use-private-ip: "true"
load-balancer.hetzner.cloud/health-check-port: "15021"
load-balancer.hetzner.cloud/health-check-protocol: "tcp"
nodeSelector:
node-role.kubernetes.io/control-plane: "true"

Hey @usernamenenad , can you please send me the output of a kubectl describe command on the created Service object.

[usernamenenad]

Unfortunately, we've mitigated it by letting it create a new LoadBalancer, so I am sadly not able to provide you any logs now :( I might be able to replicate the issue in a few days tho.

service:
annotations:
load-balancer.hetzner.cloud/id: "5896630"
load-balancer.hetzner.cloud/location: "nbg1"
load-balancer.hetzner.cloud/use-private-ip: "true"
load-balancer.hetzner.cloud/health-check-port: "15021"
load-balancer.hetzner.cloud/health-check-protocol: "tcp"
nodeSelector:
node-role.kubernetes.io/control-plane: "true"

Hey @usernamenenad , can you please send me the output of a kubectl describe command on the created Service object.

[lukasmetzner]

@usernamenenad Apologies, I also missed something in your manifests. To import a Hetzner Cloud Load Balancer you have to use the annotation load-balancer.hetzner.cloud/name and provide its name. As stated in our reference the annotation load-balancer.hetzner.cloud/id is read-only.