publicAddress don't set EXTERNAL-IP with cloudProvider None

[toschneck]

What happened?

I setup a kubeone cluster with static machines, but the configured field publicAddress don't get configured for the Node EXTERNAL-IP.

apiVersion: kubeone.k8c.io/v1beta2
kind: KubeOneCluster
name: kubeone-dc-gcp
versions:
  kubernetes: 'v1.32.4'
cloudProvider:
  none: {}
apiEndpoint:
  host: 'kubeone-dc-gcp.demo.kubermatic.io'
  port: 6443
  alternativeNames: []

machineController:
  deploy: false

controlPlane:
  hosts:
  - publicAddress: '100.105.19.70'
    privateAddress: '10.156.15.195'
    bastion: '100.105.19.70'
    bastionPort: 22  # can be left out if using the default (22)
    bastionUser: 'root'  # can be left out if using the default ('root')
    sshPort: 22 # can be left out if using the default (22)
    sshUsername: 'root'
    labels:
      env: gcp

  - publicAddress: '100.105.224.144'
    privateAddress: '10.156.15.196'
    bastion: '100.105.224.144'
    bastionPort: 22  # can be left out if using the default (22)
    bastionUser: 'root'  # can be left out if using the default ('root')
    sshPort: 22 # can be left out if using the default (22)
    sshUsername: 'root'
    labels:
      env: gcp

  - publicAddress: '100.105.47.140'
    privateAddress: '10.156.15.197'
    bastion: '100.105.47.140'
    bastionPort: 22  # can be left out if using the default (22)
    bastionUser: 'root'  # can be left out if using the default ('root')
    sshPort: 22 # can be left out if using the default (22)
    sshUsername: 'root'
    labels:
      env: gcp

### NOTE: disable for init as there are some dependencies from helm charts
addons:
  enable: true
  path: "./addons"

clusterNetwork:
  cni:
    canal: {}
  podSubnet: 10.250.0.0/16 #overwrite to ensure it doesn't conflict with default KKP user cluster pod network
  serviceSubnet: 172.50.0.0/16

containerRuntime:
  containerd:
    # fixes CDI kubevirt image permission denied error: https://github.com/kubermatic/kubermatic/issues/14352
    deviceOwnershipFromSecurityContext: true

helmReleases:
  - releaseName: piraeus
    chart: ./charts/piraeus
    namespace: piraeus
    version: 2.8.1
    values:
      - inline:
          installCRDs: true
  - releaseName: kubelb-ccm
    chart: ./charts/kubelb-ccm-ee
    namespace: kubelb
    version: v1.1.4
    values:
      - inline:
          imagePullSecrets:
            - name: regcred
          kubelb:
              clusterSecretName: kubelb-cluster
              tenantName: tenant-kubeone-dc-gcp
              # -- Address type to use for routing traffic to node ports. Values are ExternalIP, InternalIP.
              nodeAddressType: ExternalIP
              #disableIngressController: true
              #useIngressClass: true
  # https://github.com/deliveryhero/helm-charts/tree/master/stable/node-problem-detector
  # https://github.com/kubernetes/node-problem-detector
  - releaseName: node-problem-detector
    chart: node-problem-detector
    repoURL: https://charts.deliveryhero.io/
    namespace: kube-system
  # https://github.com/deliveryhero/helm-charts/tree/master/stable/k8s-event-logger
  # https://github.com/max-rocket-internet/k8s-event-logger
  - releaseName: k8s-event-logger
    chart: k8s-event-logger
    repoURL: https://charts.deliveryhero.io/
    namespace: kube-system

The nodes:

NAME                                   STATUS   ROLES           AGE     VERSION   INTERNAL-IP     EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION    CONTAINER-RUNTIME
demo-cp-328f.c.kkp-dev-2025.internal   Ready    control-plane   8h      v1.32.4   10.156.15.195   <none>        Ubuntu 24.04.2 LTS   6.11.0-1015-gcp   containerd://1.7.27
demo-cp-s8k8.c.kkp-dev-2025.internal   Ready    control-plane   7h59m   v1.32.4   10.156.15.196   <none>        Ubuntu 24.04.2 LTS   6.11.0-1015-gcp   containerd://1.7.27
demo-cp-x8vh.c.kkp-dev-2025.internal   Ready    control-plane   7h58m   v1.32.4   10.156.15.197   <none>        Ubuntu 24.04.2 LTS   6.11.0-1015-gcp   containerd://1.7.27

Expected behavior

the external IP field get set, e.g. for the load balancers ccm of KubeLB

How to reproduce the issue?

create a static cluster as above

What KubeOne version are you using?

$ kubeone version
{
  "kubeone": {
    "major": "1",
    "minor": "10",
    "gitVersion": "v1.10.0-1-gd97b10f5",
    "gitCommit": "d97b10f55f59afc05f3a655ca15e3cbbf272b245",
    "gitTreeState": "",
    "buildDate": "2025-04-20T21:32:13+02:00",
    "goVersion": "go1.24.2",
    "compiler": "gc",
    "platform": "darwin/arm64"
  },
  "machine_controller": {
    "major": "1",
    "minor": "61",
    "gitVersion": "v1.61.1",
    "gitCommit": "",
    "gitTreeState": "",
    "buildDate": "",
    "goVersion": "",
    "compiler": "",
    "platform": "linux/amd64"
  }
}

Provide your KubeOneCluster manifest here (if applicable)

see above

What cloud provider are you running on?

What operating system are you running in your cluster?

Ubuntu 24.04.2 LTS 6.11.0-1015-gcp containerd://1.7.27

Additional information

[kron4eg]

Kubelet will not set external IP. That information is only available from the cloud API, which can be set by the CCM. But in order to let CCM to work you need to launch kubelet with --cloud-provider=external flag. In kubeone cloudProvider.external=true by default, but since you've set (for some unknown to me reason) cloudProvider.none, that external isn't defaulted to true (that would be nonsense otherwise).

[toschneck]

@kron4eg I set none as I'm running on static VMs and want to use similar as baremetal machines. (simulation for a customer setup).
So In a bermetal case, how could I set a public address?

cloudProvider:
  external: true
  none: {}

is accepted, but doesn't work as it waits for the CCM what will not get added.

So my traget is to configure public address for the kubelet
as the API spec looks like, it was possible. But now it has no effect anymore. I don't know how I can get a internal and external IP assigned to a baremetal machine. Is this possible (without ccm)?

  hosts:
  - publicAddress: '100.105.19.70'
    privateAddress: '10.156.15.195'

[kron4eg]

@toschneck kubelet will only set an internal IP, in order to get the external IP you need to have CCM. A CCM with cloudProvider.none doesn't make any sense. So you have to choose ether use cloudProvider.none or configure proper cloud provider and have cloud services (LB/CSI/etc).

[toschneck]

@kron4eg How should I configure one, if I'm at a baremetal system where I don't have a CCM. But here I still want to configure an external / public IP