fix: Validate target IP before tearing down existing load balancer

hrak · claude · hrak · commit 6b9064a1a108 · 2026-02-20T22:45:45.000+01:00
Add a pre-flight validatePublicIPAvailable() check in EnsureLoadBalancer
when switching to a user-specified IP. This prevents leaving the service
in a broken state if the target IP is invalid or unavailable — the old
config is preserved and the error is returned immediately.

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/cloudstack/cloudstack_loadbalancer.go b/cloudstack/cloudstack_loadbalancer.go
@@ -142,7 +142,13 @@ func (cs *CSCloud) EnsureLoadBalancer(ctx context.Context, clusterName string, s
 		cs.eventRecorder.Event(service, corev1.EventTypeNormal, "CreatedLoadBalancer", msg)
 		klog.Info(msg)
 	} else if service.Spec.LoadBalancerIP != "" && service.Spec.LoadBalancerIP != lb.ipAddr {
-		// LoadBalancerIP was specified and it's different from the current IP
+		// LoadBalancerIP was specified and it's different from the current IP.
+		// Validate the target IP exists before tearing down the old config to avoid
+		// leaving the service in a broken state if the new IP is invalid.
+		if err := lb.validatePublicIPAvailable(service.Spec.LoadBalancerIP); err != nil {
+			return nil, fmt.Errorf("cannot switch load balancer to IP %s: %w", service.Spec.LoadBalancerIP, err)
+		}
+
 		// Release the old IP first
 		klog.V(4).Infof("Deleting firewall rules for old ip and releasing old load balancer IP %v, switching to specified IP %v", lb.ipAddr, service.Spec.LoadBalancerIP)
 
@@ -671,6 +677,31 @@ func (lb *loadBalancer) getLoadBalancerIP(loadBalancerIP string) error {
 	return lb.associatePublicIPAddress()
 }
 
+// validatePublicIPAvailable checks that the given IP address exists in CloudStack
+// without modifying any load balancer state. Used as a pre-flight check before
+// tearing down an existing configuration.
+func (lb *loadBalancer) validatePublicIPAvailable(ip string) error {
+	p := lb.Address.NewListPublicIpAddressesParams()
+	p.SetIpaddress(ip)
+	p.SetAllocatedonly(false)
+	p.SetListall(true)
+
+	if lb.projectID != "" {
+		p.SetProjectid(lb.projectID)
+	}
+
+	l, err := lb.Address.ListPublicIpAddresses(p)
+	if err != nil {
+		return fmt.Errorf("error looking up IP address %v: %w", ip, err)
+	}
+
+	if l.Count != 1 {
+		return fmt.Errorf("IP address %v not found (got %d results)", ip, l.Count)
+	}
+
+	return nil
+}
+
 // getPublicIPAddressID retrieves the ID of the given IP, and sets the address and its ID.
 func (lb *loadBalancer) getPublicIPAddress(loadBalancerIP string) error {
 	klog.V(4).Infof("Retrieve load balancer IP details: %v", loadBalancerIP)
