From 75659b62807be5e46db6aa95e547897dbe0d6a81 Mon Sep 17 00:00:00 2001
From: Jesse Haka <haka.jesse@gmail.com>
Date: Mon, 22 Jan 2024 18:41:30 +0200
Subject: [PATCH] include kube-apiserver controlplane ports in dns=none

---
 pkg/model/openstackmodel/servergroup.go    |  2 +-
 upup/pkg/fi/cloudup/openstacktasks/port.go | 12 ++++++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/pkg/model/openstackmodel/servergroup.go b/pkg/model/openstackmodel/servergroup.go
index b568f938f7..94b0d4e499 100644
--- a/pkg/model/openstackmodel/servergroup.go
+++ b/pkg/model/openstackmodel/servergroup.go
@@ -201,7 +201,7 @@ func (b *ServerGroupModelBuilder) buildInstances(c *fi.CloudupModelBuilderContex
 		c.AddTask(portTask)
 
 		if b.Cluster.UsesNoneDNS() && ig.Spec.Role == kops.InstanceGroupRoleControlPlane {
-			portTask.ForAPIServer = true
+			portTask.WellKnownServices = append(portTask.WellKnownServices, wellknownservices.KubeAPIServer)
 		}
 
 		metaWithName := make(map[string]string)
diff --git a/upup/pkg/fi/cloudup/openstacktasks/port.go b/upup/pkg/fi/cloudup/openstacktasks/port.go
index f326fc43ab..4268b42b91 100644
--- a/upup/pkg/fi/cloudup/openstacktasks/port.go
+++ b/upup/pkg/fi/cloudup/openstacktasks/port.go
@@ -24,6 +24,7 @@ import (
 	secgroup "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/groups"
 	"github.com/gophercloud/gophercloud/openstack/networking/v2/ports"
 	"k8s.io/klog/v2"
+	"k8s.io/kops/pkg/wellknownservices"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/openstack"
 )
@@ -39,8 +40,11 @@ type Port struct {
 	AdditionalSecurityGroups []string
 	Lifecycle                fi.Lifecycle
 	Tags                     []string
-	ForAPIServer             bool
 	AllowedAddressPairs      []ports.AddressPair
+
+	// WellKnownServices indicates which services are supported by this resource.
+	// This field is internal and is not rendered to the cloud.
+	WellKnownServices []wellknownservices.WellKnownService
 }
 
 // GetDependencies returns the dependencies of the Port task
@@ -84,8 +88,8 @@ func (s *Port) FindAddresses(context *fi.CloudupContext) ([]string, error) {
 
 // GetWellKnownServices implements fi.HasAddress::GetWellKnownServices.
 // It indicates which services we support with this load balancer.
-func (s *Port) GetWellKnownServices() bool {
-	return s.ForAPIServer
+func (s *Port) GetWellKnownServices() []wellknownservices.WellKnownService {
+	return s.WellKnownServices
 }
 
 // getActualAllowedAddressPairs returns the actual allowed address pairs which kOps currently manages.
@@ -190,7 +194,7 @@ func newPortTaskFromCloud(cloud openstack.OpenstackCloud, lifecycle fi.Lifecycle
 		find.ID = actual.ID
 		actual.InstanceGroupName = find.InstanceGroupName
 		actual.AdditionalSecurityGroups = find.AdditionalSecurityGroups
-		actual.ForAPIServer = find.ForAPIServer
+		actual.WellKnownServices = find.WellKnownServices
 	}
 	return actual, nil
 }