Fix Load Balancer network attachment

Add hcloud_load_balancer_network resource to attach LB to private network.
This is required before targets can use use_private_ip=true.
LB gets IP 10.0.1.5 on the private network.

terraform/loadbalancer.tf

@@ -12,6 +12,13 @@ resource "hcloud_load_balancer" "kube_api" {
   }
 }
 
+# Attach Load Balancer to private network (required for use_private_ip)
+resource "hcloud_load_balancer_network" "kube_api" {
+  load_balancer_id = hcloud_load_balancer.kube_api.id
+  network_id       = hcloud_network.cluster.id
+  ip               = cidrhost(var.subnet_cidr, 5) # 10.0.1.5
+}
+
 # Attach all control plane servers as targets
 resource "hcloud_load_balancer_target" "kube_api_targets" {
   count            = var.control_plane_count
@@ -20,7 +27,7 @@ resource "hcloud_load_balancer_target" "kube_api_targets" {
   server_id        = hcloud_server.control_plane[count.index].id
   use_private_ip   = true
 
-  depends_on = [hcloud_server.control_plane]
+  depends_on = [hcloud_load_balancer_network.kube_api, hcloud_server.control_plane]
 }
 
 # Kubernetes API service on port 6443