ipam: Support for static IP allocation in Azure

[antonipp]

Description

This PR implements Public IP assignments functionality for Azure, it's exactly the same idea as #34622 for AWS.

This implementation relies on tagged Azure Public IP Prefixes. Users can specify Public IP Prefix tags in their CNI config and the Operator will automatically assign to the node a Public IP from a Prefix which matches.

The implementation works for both VMSS instances and standalone VM instances.

Testing

Backported to our 1.18.2 fork. Then created an Azure VMSS node in a public subnet (no NAT gateway). Set static-ip-tags in the CNI config for this node:

    "ipam": {
        "pre-allocate": 1,
        "min-allocate": 5,
        "static-ip-tags": {
          "pool-name": "anton-test"
        }

Afterwards, created an Azure Public IP Prefix with tags pool-name=anton-test. Then confirmed:

• Cilium Operator created an IP in the pool I tagged:

• The IP was successfully attached to the instance:

• When masquerading was enabled (thanks to Azure: add support for masquerading #42196), the pod was able to use that Public IP:

   anton-test-6d954ccf46-v2dg5:/# curl ifconfig.me
   20.XX.XX.XX 
  

• When the instance was deleted, the IP was released

ipam: Support for public IP allocation in Azure

[antonipp]

/test

[qmonnet]

Thanks! I just looked at the docs - can you please use the .. code-block directive with the relevant language for your snippets? Looks good otherwise.

[pippolo84]

Thanks! Overall LGTM, left a couple of questions and a suggestion inline.

[antonipp]

/test

[qmonnet]

Doc change looks good, thank you!

[antonipp]

/test

[pippolo84]

Thanks! 💯