Externally managed Azure infrastructure

Normally, Cluster API will create infrastructure on Azure when standing up a new workload cluster. However, it is possible to have Cluster API reuse existing Azure infrastructure instead of creating its own infrastructure.

CAPZ supports externally managed cluster infrastructure. If the AzureCluster resource includes a "cluster.x-k8s.io/managed-by" annotation then the controller will skip any reconciliation. This is useful for scenarios where a different persona is managing the cluster infrastructure out-of-band while still wanting to use CAPI for automated machine management.

You should only use this feature if your cluster infrastructure lifecycle management has constraints that the reference implementation does not support. See user stories for more details.

Disabling Specific Component Reconciliation

Some controllers/webhooks may not be necessary to run in an externally managed cluster infrastructure scenario. These controllers/webhooks can be disabled through a flag on the manager called disable-controllers-or-webhooks. This flag accepts a comma separated list of values.

Currently, these are the only accepted values:

DisableASOSecretController - disables the ASOSecretController from being deployed
DisableAzureJSONMachineController - disables the AzureJSONMachineController from being deployed

The Cluster API Provider Azure Book

Externally managed Azure infrastructure

Disabling Specific Component Reconciliation