From 1be8be233f354ac79eff7726ef8bdc93d035d0ae Mon Sep 17 00:00:00 2001
From: John Gardiner Myers <jgmyers@proofpoint.com>
Date: Fri, 30 Dec 2022 13:07:57 -0800
Subject: [PATCH] Reduce use of cluster topology field

---
 pkg/model/awsmodel/network.go                         | 11 ++++++++---
 pkg/model/gcemodel/autoscalinggroup.go                |  2 +-
 .../integration/update_cluster/complex/kubernetes.tf  |  2 --
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/pkg/model/awsmodel/network.go b/pkg/model/awsmodel/network.go
index a52d1d5a17..b814f0d062 100644
--- a/pkg/model/awsmodel/network.go
+++ b/pkg/model/awsmodel/network.go
@@ -217,9 +217,14 @@ func (b *NetworkModelBuilder) Build(c *fi.CloudupModelBuilderContext) error {
 	infoByZone := make(map[string]*zoneInfo)
 
 	haveDualStack := map[string]bool{}
+	haveAnyPrivate := false
 	for _, subnetSpec := range b.Cluster.Spec.Networking.Subnets {
-		if subnetSpec.Type == kops.SubnetTypeDualStack {
+		switch subnetSpec.Type {
+		case kops.SubnetTypeDualStack:
 			haveDualStack[subnetSpec.Zone] = true
+			haveAnyPrivate = true
+		case kops.SubnetTypePrivate:
+			haveAnyPrivate = true
 		}
 	}
 
@@ -240,8 +245,8 @@ func (b *NetworkModelBuilder) Build(c *fi.CloudupModelBuilderContext) error {
 				tags[aws.TagNameSubnetPublicELB] = "1"
 
 				// AWS ALB contoller won't provision any internal ELBs unless this tag is set.
-				// So we add this to public subnets as well if we do not expect any private subnets.
-				if b.Cluster.Spec.Networking.Topology.Nodes == kops.TopologyPublic {
+				// So we add this to public subnets as well if we do not have any private subnets.
+				if !haveAnyPrivate {
 					tags[aws.TagNameSubnetInternalELB] = "1"
 				}
 
diff --git a/pkg/model/gcemodel/autoscalinggroup.go b/pkg/model/gcemodel/autoscalinggroup.go
index 27d538fafd..cc0413c695 100644
--- a/pkg/model/gcemodel/autoscalinggroup.go
+++ b/pkg/model/gcemodel/autoscalinggroup.go
@@ -92,7 +92,7 @@ func (b *AutoscalingGroupModelBuilder) buildInstanceTemplate(c *fi.CloudupModelB
 				Preemptible:          fi.PtrTo(fi.ValueOf(ig.Spec.GCPProvisioningModel) == "SPOT"),
 				GCPProvisioningModel: ig.Spec.GCPProvisioningModel,
 
-				HasExternalIP: fi.PtrTo(b.Cluster.Spec.Networking.Topology.ControlPlane == kops.TopologyPublic),
+				HasExternalIP: fi.PtrTo(subnet.Type == kops.SubnetTypePublic || subnet.Type == kops.SubnetTypeUtility),
 
 				Scopes: []string{
 					"compute-rw",
diff --git a/tests/integration/update_cluster/complex/kubernetes.tf b/tests/integration/update_cluster/complex/kubernetes.tf
index ab5d73e96f..c59736dabd 100644
--- a/tests/integration/update_cluster/complex/kubernetes.tf
+++ b/tests/integration/update_cluster/complex/kubernetes.tf
@@ -1163,7 +1163,6 @@ resource "aws_subnet" "us-east-1a-utility-complex-example-com" {
     "foo/bar"                                   = "fib+baz"
     "kubernetes.io/cluster/complex.example.com" = "owned"
     "kubernetes.io/role/elb"                    = "1"
-    "kubernetes.io/role/internal-elb"           = "1"
   }
   vpc_id = aws_vpc.complex-example-com.id
 }
@@ -1183,7 +1182,6 @@ resource "aws_subnet" "us-test-1a-complex-example-com" {
     "kops.k8s.io/instance-group/nodes"             = "true"
     "kubernetes.io/cluster/complex.example.com"    = "owned"
     "kubernetes.io/role/elb"                       = "1"
-    "kubernetes.io/role/internal-elb"              = "1"
   }
   vpc_id = aws_vpc.complex-example-com.id
 }