Skip to content

KubevirtCluster: Allow setting controlPlaneEndpoint.port without requiring host #365

New issue
New issue
Open
Open
KubevirtCluster: Allow setting controlPlaneEndpoint.port without requiring host#365
Labels
kind/bugCategorizes issue or PR as related to a bug.
@broboa

Description

@broboa
broboa
opened on Jan 22, 2026

What steps did you take and what happened:

  1. Created a KubevirtCluster resource with spec.controlPlaneServiceTemplate configured
  2. The CAPK controller creates the control plane LoadBalancer service and automatically populates spec.controlPlaneEndpoint.host with the LoadBalancer IP and spec.controlPlaneEndpoint.port: 6443
  3. Attempted to set spec.controlPlaneEndpoint.port: 16443 in the initial cluster creation (to override the default port while keeping automatic IP discovery)
  4. Cluster creation fails with validation error: spec.controlPlaneEndpoint.host: Required value

The CRD schema marks both host and port as required fields, preventing users from setting only the port while allowing the controller to auto-discover the LoadBalancer IP.

What did you expect to happen:

The controller should allow setting spec.controlPlaneEndpoint.port independently while still auto-populating spec.controlPlaneEndpoint.host from the LoadBalancer service IP.

Anything else you would like to add:

Use case: We run HAProxy as a reverse proxy in front of the control plane API servers. The HAProxy service listens on port 16443 and proxies to the control plane VMs on port 6443. Both services share the same LoadBalancer IP using Cilium's IP sharing feature (lbipam.cilium.io/sharing-key annotation). The workload cluster kubeconfig needs to reference port 16443, but we want the controller to continue automatically discovering the shared LoadBalancer IP rather than hardcoding it.

Current behavior forces us to either:

  • Hardcode the LoadBalancer IP in spec.controlPlaneEndpoint.host (losing dynamic IP management), OR
  • Use the default port 6443 (preventing the HAProxy port override use case)

Enhancement idea: A separate field like spec.controlPlaneEndpointServiceRef could allow specifying which service the controller should read the LoadBalancer IP from, enabling more flexible load balancer configurations beyond the default control plane service.

Environment:

  • Cluster-api version: v1.12.2
  • Cluster-api-provider-kubevirt version: v0.11.1
  • Kubernetes version: v1.33.7
  • KubeVirt version: v1.7.0
  • OS: RHEL9

/kind bug

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions