This message was deleted.

JFYI, while working on rke2 bootstrap provider prototype, I haven't been able to use capd provided as is, and ended-up by patching it to load balance port 9345 used for rke2 node registeration:

diff --git a/test/infrastructure/docker/internal/docker/loadbalancer.go b/test/infrastructure/docker/internal/docker/loadbalancer.go
index badf1079d..b1405aa61 100644
--- a/test/infrastructure/docker/internal/docker/loadbalancer.go
+++ b/test/infrastructure/docker/internal/docker/loadbalancer.go
@@ -19,7 +19,6 @@ package docker
 import (
        "context"
        "fmt"
-       "net"
 
        "<http://github.com/pkg/errors|github.com/pkg/errors>"
        ctrl "<http://sigs.k8s.io/controller-runtime|sigs.k8s.io/controller-runtime>"
@@ -159,9 +158,9 @@ func (s *LoadBalancer) UpdateConfiguration(ctx context.Context) error {
                        return errors.Wrapf(err, "failed to get IP for container %s", n.String())
                }
                if s.ipFamily == clusterv1.IPv6IPFamily {
-                       backendServers[n.String()] = net.JoinHostPort(controlPlaneIPv6, "6443")
+                       backendServers[n.String()] = controlPlaneIPv6
                } else {
-                       backendServers[n.String()] = net.JoinHostPort(controlPlaneIPv4, "6443")
+                       backendServers[n.String()] = controlPlaneIPv4
                }
        }
 
diff --git a/test/infrastructure/docker/internal/third_party/forked/loadbalancer/config.go b/test/infrastructure/docker/internal/third_party/forked/loadbalancer/config.go
index feb6ce2e9..17e020b5a 100644
--- a/test/infrastructure/docker/internal/third_party/forked/loadbalancer/config.go
+++ b/test/infrastructure/docker/internal/third_party/forked/loadbalancer/config.go
@@ -54,7 +54,19 @@ backend kube-apiservers
   option httpchk GET /healthz
   # TODO: we should be verifying (!)
   {{range $server, $address := .BackendServers}}
-  server {{ $server }} {{ $address }} check check-ssl verify none
+  server {{ $server }} {{ $address }}:6443 check check-ssl verify none
+  {{- end}}
+frontend rke2-join
+  bind *:9345
+  {{ if .IPv6 -}}
+  bind :::9345;
+  {{- end }}
+  default_backend rke2-servers
+backend rke2-servers
+  option httpchk GET /v1-rke2/readyz
+  http-check expect status 403
+  {{range $server, $address := .BackendServers}}
+  server {{ $server }} {{ $address }}:9345 check check-ssl verify none
   {{- end}}

Yes, Francois, we are aware of the port issues with CAPD, we discussed it I think in my latest call with you if I remember. We will probably first do the same as you, and later contribute the change to upstream CAPD.

You remember well! I just wanted to share the changes I had to perform, in case it could help... For sure an upstream (and configurable) fix will be better!

Thanks a lot! By the way, you are more than welcome to review the API structs that were merged a few minutes ago. Please let us know if you see any improvement potential!