Derive API server LB DNS name from user-defined private DNS zone name

kubernetes-sigs · Nov 29, 2021 · 0918e9c · 0918e9c
1 parent 7c4ceec
commit 0918e9c
Show file tree

Hide file tree

Showing 3 changed files with 114 additions and 4 deletions.
diff --git a/azure/defaults.go b/azure/defaults.go
@@ -139,9 +139,9 @@ func GeneratePrivateDNSZoneName(clusterName string) string {
 	return fmt.Sprintf("%s.capz.io", clusterName)
 }
 
-// GeneratePrivateFQDN generates FQDN for a private API Server.
-func GeneratePrivateFQDN(clusterName string) string {
-	return fmt.Sprintf("%s.%s", PrivateAPIServerHostname, GeneratePrivateDNSZoneName(clusterName))
+// GeneratePrivateFQDN generates the FQDN for a private API Server based on the private DNS zone name.
+func GeneratePrivateFQDN(zoneName string) string {
+	return fmt.Sprintf("%s.%s", PrivateAPIServerHostname, zoneName)
 }
 
 // GenerateVNetLinkName generates the name of a virtual network link name based on the vnet name.

diff --git a/azure/scope/cluster.go b/azure/scope/cluster.go
@@ -639,7 +639,7 @@ func (s *ClusterScope) APIServerPort() int32 {
 // APIServerHost returns the hostname used to reach the API server.
 func (s *ClusterScope) APIServerHost() string {
 	if s.IsAPIServerPrivate() {
-		return azure.GeneratePrivateFQDN(s.ClusterName())
+		return azure.GeneratePrivateFQDN(s.GetPrivateDNSZoneName())
 	}
 	return s.APIServerPublicIP().DNSName
 }

diff --git a/azure/scope/cluster_test.go b/azure/scope/cluster_test.go
@@ -31,6 +31,116 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 )
 
+func TestAPIServerHost(t *testing.T) {
+	fakeSubscriptionID := "123"
+
+	tests := []struct {
+		name         string
+		azureCluster infrav1.AzureCluster
+		want         string
+	}{
+		{
+			name: "public apiserver lb (user-defined dns)",
+			azureCluster: infrav1.AzureCluster{
+				Spec: infrav1.AzureClusterSpec{
+					SubscriptionID: fakeSubscriptionID,
+					NetworkSpec: infrav1.NetworkSpec{
+						APIServerLB: infrav1.LoadBalancerSpec{
+							Type: infrav1.Public,
+							FrontendIPs: []infrav1.FrontendIP{
+								{
+									PublicIP: &infrav1.PublicIPSpec{
+										DNSName: "my-cluster-apiserver.example.com",
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+			want: "my-cluster-apiserver.example.com",
+		},
+		{
+			name: "private apiserver lb (default private dns zone)",
+			azureCluster: infrav1.AzureCluster{
+				Spec: infrav1.AzureClusterSpec{
+					SubscriptionID: fakeSubscriptionID,
+					NetworkSpec: infrav1.NetworkSpec{
+						APIServerLB: infrav1.LoadBalancerSpec{
+							Type: infrav1.Public,
+							FrontendIPs: []infrav1.FrontendIP{
+								{
+									PublicIP: &infrav1.PublicIPSpec{
+										DNSName: "my-cluster-apiserver.capz.io",
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+			want: "my-cluster-apiserver.capz.io",
+		},
+		{
+			name: "private apiserver (user-defined private dns zone)",
+			azureCluster: infrav1.AzureCluster{
+				Spec: infrav1.AzureClusterSpec{
+					SubscriptionID: fakeSubscriptionID,
+					NetworkSpec: infrav1.NetworkSpec{
+						PrivateDNSZoneName: "example.private",
+						APIServerLB: infrav1.LoadBalancerSpec{
+							Type: infrav1.Internal,
+						},
+					},
+				},
+			},
+			want: "apiserver.example.private",
+		},
+	}
+
+	for _, tc := range tests {
+		g := NewWithT(t)
+		scheme := runtime.NewScheme()
+		_ = clusterv1.AddToScheme(scheme)
+		_ = infrav1.AddToScheme(scheme)
+
+		cluster := &clusterv1.Cluster{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      "my-cluster",
+				Namespace: "default",
+			},
+		}
+		cluster.Default()
+
+		tc.azureCluster.ObjectMeta = metav1.ObjectMeta{
+			Name: cluster.Name,
+			OwnerReferences: []metav1.OwnerReference{
+				{
+					APIVersion: "cluster.x-k8s.io/v1beta1",
+					Kind:       "Cluster",
+					Name:       "my-cluster",
+				},
+			},
+		}
+		tc.azureCluster.Default()
+
+		initObjects := []runtime.Object{cluster, &tc.azureCluster}
+		fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(initObjects...).Build()
+
+		clusterScope, err := NewClusterScope(context.TODO(), ClusterScopeParams{
+			AzureClients: AzureClients{
+				Authorizer: autorest.NullAuthorizer{},
+			},
+			Cluster:      cluster,
+			AzureCluster: &tc.azureCluster,
+			Client:       fakeClient,
+		})
+		g.Expect(err).ToNot(HaveOccurred())
+
+		g.Expect(clusterScope.APIServerHost()).Should(Equal(tc.want))
+	}
+}
+
 func TestGettingSecurityRules(t *testing.T) {
 	g := NewWithT(t)
 	scheme := runtime.NewScheme()