Service for LoadBalancer seems to not use externalIps properly - using deprecated / removed loadBalancerIP setting

[EugenMayer]

could be related to the CNI used (in my case it is callico)

deploying via

service:
  type: LoadBalancer
  loadBalancerIP: ${externalIp}
  ipFamilyPolicy: SingleStack

will never actually bind the load-balancer, it will stay pending. AFAICS you are not using externalIPs at all, which makes the difference here.

When i deploy the same service using terraform

resource "kubernetes_service" "externalLdapAccess" {
  metadata {
    name      = "kw-auth-openldap"
    namespace = module.hardened_namespace.namespace.id
  }

  spec {
    type = "LoadBalancer"
    selector = {
      "app.kubernetes.io/component": "openldap"
      "release" : "openldap"
    }
    port {
      port        = var.ldap_port
      name        = "ldap"
      protocol    = "TCP"
      target_port = 1389
    }
    port {
      port        = var.ldaps_port
      name        = "ldap-ssl"
      protocol    = "TCP"
      target_port = 1636
    }
    external_ips = [var.external_ip]
  }

  wait_for_load_balancer = false
}

the service binds instantly.

You are using loadBalancerIP, which has been deprecated and does no longer work with my k8s version (1.30) we should start using https://kubernetes.io/docs/concepts/services-networking/service/#external-ips which is the replacement

loadBalancerIP is no longer part of the spec https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#ServiceSpec