resolve hairpinning

vultr/loadbalancers.go

@@ -4,6 +4,7 @@ package vultr
 import (
 	"context"
 	"fmt"
+	"github.com/asaskevich/govalidator"
 	"net"
 	"strconv"
 	"strings"
@@ -51,6 +52,9 @@ const (
 	// annoVultrLBBackendProtocol backend protocol
 	annoVultrLBBackendProtocol = "service.beta.kubernetes.io/vultr-loadbalancer-backend-protocol"
 
+	// annoVultrHostname is the hostname used for VLB to prevent hairpinning
+	annoVultrHostname = "service.beta.kubernetes.io/vultr-loadbalancer-hostname"
+
 	annoVultrHealthCheckPath               = "service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-path"
 	annoVultrHealthCheckProtocol           = "service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-protocol"
 	annoVultrHealthCheckPort               = "service.beta.kubernetes.io/vultr-loadbalancer-healthcheck-port"
@@ -116,11 +120,23 @@ func (l *loadbalancers) GetLoadBalancer(ctx context.Context, _ string, service *
 
 	enabledIPv6 := checkEnabledIPv6(service)
 	var ingress []v1.LoadBalancerIngress
+	hostname := lb.Label
+
+	// Check if hostname annotation is blank and set if not
+	if _, ok := service.Annotations[annoVultrHostname]; !ok {
+		if service.Annotations[annoVultrHostname] != "" {
+			if govalidator.IsDNSName(service.Annotations[annoVultrHostname]) {
+				hostname = service.Annotations[annoVultrHostname]
+			} else {
+				return nil, true, fmt.Errorf("hostname %s is not a valid DNS name", service.Annotations[annoVultrHostname])
+			}
+		}
+	}
 
-	ingress = append(ingress, v1.LoadBalancerIngress{Hostname: lb.Label, IP: lb.IPV4})
+	ingress = append(ingress, v1.LoadBalancerIngress{Hostname: hostname, IP: lb.IPV4})
 
 	if enabledIPv6 {
-		ingress = append(ingress, v1.LoadBalancerIngress{Hostname: lb.Label, IP: lb.IPV6})
+		ingress = append(ingress, v1.LoadBalancerIngress{Hostname: hostname, IP: lb.IPV6})
 	}
 
 	return &v1.LoadBalancerStatus{
@@ -194,10 +210,22 @@ func (l *loadbalancers) EnsureLoadBalancer(ctx context.Context, clusterName stri
 		enabledIPv6 := checkEnabledIPv6(service)
 		var ingress []v1.LoadBalancerIngress
 
-		ingress = append(ingress, v1.LoadBalancerIngress{Hostname: lb2.Label, IP: lb2.IPV4})
+		hostname := lb2.Label
+		// Check if hostname annotation is blank and set if not
+		if _, ok := service.Annotations[annoVultrHostname]; !ok {
+			if service.Annotations[annoVultrHostname] != "" {
+				if govalidator.IsDNSName(service.Annotations[annoVultrHostname]) {
+					hostname = service.Annotations[annoVultrHostname]
+				} else {
+					return nil, fmt.Errorf("hostname %s is not a valid DNS name", service.Annotations[annoVultrHostname])
+				}
+			}
+		}
+
+		ingress = append(ingress, v1.LoadBalancerIngress{Hostname: hostname, IP: lb2.IPV4})
 
 		if enabledIPv6 {
-			ingress = append(ingress, v1.LoadBalancerIngress{Hostname: lb2.Label, IP: lb2.IPV6})
+			ingress = append(ingress, v1.LoadBalancerIngress{Hostname: hostname, IP: lb2.IPV6})
 		}
 
 		return &v1.LoadBalancerStatus{
@@ -220,6 +248,9 @@ func (l *loadbalancers) EnsureLoadBalancer(ctx context.Context, clusterName stri
 
 	// Set the Vultr VLB ID annotation
 	if _, ok := service.Annotations[annoVultrLoadBalancerID]; !ok {
+		if service.Annotations == nil {
+			service.Annotations = make(map[string]string)
+		}
 		service.Annotations[annoVultrLoadBalancerID] = lb.ID
 		if err = l.GetKubeClient(); err != nil {
 			return nil, fmt.Errorf("failed to get kubeclient to update service: %s", err)