Skip to content

Loadbalancer member not created with subnet id #2790

New issue
New issue
Open
#2799
Open
Loadbalancer member not created with subnet id#2790
#2799
Labels
kind/bugCategorizes issue or PR as related to a bug.
@akrause2014

Description

@akrause2014
akrause2014
opened on Oct 20, 2025

/kind bug

What steps did you take and what happened:

Create a new cluster with a loadbalancer with a VIP subnet in one network while the cluster resides on another network with this configuration:

apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: OpenStackCluster
...
spec:
  apiServerLoadBalancer:
    enabled: true
    provider: ovn
    network:
      filter:
        name: network1
    subnets:
    - id: b9be113f-7c72-40a8-9a8f-51413a43a4f6
  ...
  network:
    filter:
      name: network2
  subnets:
  - id: 794735f4-6d6b-4b79-9784-2484d8f33109

Reconciling the loadbalancer for the control plane fails with a LoadBalancerMemberError with the following error:

Provider 'ovn' does not support a requested option: Subnet is required, or Loadbalancer associated with Pool must have a subnet, for Member creation with OVN Provider Driver if it is not the same as LB VIP subnet

I reproduced the error with this command:

$ openstack loadbalancer member create --address 10.2.0.222 --protocol-port 6443 82b18fb4-3c11-44dc-8b64-9f13af12b36f
Provider 'ovn' does not support a requested option: Subnet is required, or Loadbalancer associated with Pool must have a subnet, for Member creation with OVN Provider Driver if it is not the same as LB VIP subnet (HTTP 501) (Request-ID: req-76ddc667-989b-4c00-b659-98cd98c61ef1)

An OVN loadbalancer can have a VIP subnet that is in a different network than the pool members.
It is possible to add a new member by providing the subnet id:

$ openstack loadbalancer member create --address 10.2.0.222 --protocol-port 6443 --subnet-id 794735f4-6d6b-4b79-9784-2484d8f33109 82b18fb4-3c11-44dc-8b64-9f13af12b36f

The loadbalancer then connects to the Kubernetes control plane machine.

What did you expect to happen:

When registering a loadbalancer member the subnet id should be provided if the LB VIP subnet differs from the cluster subnet.

Anything else you would like to add:

I traced this to these lines:

https://github.com/kubernetes-sigs/cluster-api-provider-openstack/blob/main/pkg/cloud/services/loadbalancer/loadbalancer.go#L706-L711

The subnet id of the OpenstackMachine is available when this method is called.

Environment:

  • Cluster API Provider OpenStack version (Or git rev-parse HEAD if manually built): v0.12.5
  • Cluster-API version: v1.10.7
  • OpenStack version: 2024.1
  • Minikube/KIND version: N/A
  • Kubernetes version (use kubectl version): N/A
  • OS (e.g. from /etc/os-release): N/A

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.

    Type

    No type

    Projects

    CAPO Roadmap

    Status

    Inbox

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions