From 0918e9cf71775032a9f95dcb689ed0c6514ea733 Mon Sep 17 00:00:00 2001 From: Daniel Lipovetsky Date: Wed, 24 Nov 2021 11:21:02 -0800 Subject: [PATCH] Derive API server LB DNS name from user-defined private DNS zone name --- azure/defaults.go | 6 +- azure/scope/cluster.go | 2 +- azure/scope/cluster_test.go | 110 ++++++++++++++++++++++++++++++++++++ 3 files changed, 114 insertions(+), 4 deletions(-) diff --git a/azure/defaults.go b/azure/defaults.go index 4a818f590d7..fb8e2b4608b 100644 --- a/azure/defaults.go +++ b/azure/defaults.go @@ -139,9 +139,9 @@ func GeneratePrivateDNSZoneName(clusterName string) string { return fmt.Sprintf("%s.capz.io", clusterName) } -// GeneratePrivateFQDN generates FQDN for a private API Server. -func GeneratePrivateFQDN(clusterName string) string { - return fmt.Sprintf("%s.%s", PrivateAPIServerHostname, GeneratePrivateDNSZoneName(clusterName)) +// GeneratePrivateFQDN generates the FQDN for a private API Server based on the private DNS zone name. +func GeneratePrivateFQDN(zoneName string) string { + return fmt.Sprintf("%s.%s", PrivateAPIServerHostname, zoneName) } // GenerateVNetLinkName generates the name of a virtual network link name based on the vnet name. diff --git a/azure/scope/cluster.go b/azure/scope/cluster.go index c2760667a06..629bfc5de9e 100644 --- a/azure/scope/cluster.go +++ b/azure/scope/cluster.go @@ -639,7 +639,7 @@ func (s *ClusterScope) APIServerPort() int32 { // APIServerHost returns the hostname used to reach the API server. func (s *ClusterScope) APIServerHost() string { if s.IsAPIServerPrivate() { - return azure.GeneratePrivateFQDN(s.ClusterName()) + return azure.GeneratePrivateFQDN(s.GetPrivateDNSZoneName()) } return s.APIServerPublicIP().DNSName } diff --git a/azure/scope/cluster_test.go b/azure/scope/cluster_test.go index 7b9279ee085..ba35aafa58f 100644 --- a/azure/scope/cluster_test.go +++ b/azure/scope/cluster_test.go @@ -31,6 +31,116 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client/fake" ) +func TestAPIServerHost(t *testing.T) { + fakeSubscriptionID := "123" + + tests := []struct { + name string + azureCluster infrav1.AzureCluster + want string + }{ + { + name: "public apiserver lb (user-defined dns)", + azureCluster: infrav1.AzureCluster{ + Spec: infrav1.AzureClusterSpec{ + SubscriptionID: fakeSubscriptionID, + NetworkSpec: infrav1.NetworkSpec{ + APIServerLB: infrav1.LoadBalancerSpec{ + Type: infrav1.Public, + FrontendIPs: []infrav1.FrontendIP{ + { + PublicIP: &infrav1.PublicIPSpec{ + DNSName: "my-cluster-apiserver.example.com", + }, + }, + }, + }, + }, + }, + }, + want: "my-cluster-apiserver.example.com", + }, + { + name: "private apiserver lb (default private dns zone)", + azureCluster: infrav1.AzureCluster{ + Spec: infrav1.AzureClusterSpec{ + SubscriptionID: fakeSubscriptionID, + NetworkSpec: infrav1.NetworkSpec{ + APIServerLB: infrav1.LoadBalancerSpec{ + Type: infrav1.Public, + FrontendIPs: []infrav1.FrontendIP{ + { + PublicIP: &infrav1.PublicIPSpec{ + DNSName: "my-cluster-apiserver.capz.io", + }, + }, + }, + }, + }, + }, + }, + want: "my-cluster-apiserver.capz.io", + }, + { + name: "private apiserver (user-defined private dns zone)", + azureCluster: infrav1.AzureCluster{ + Spec: infrav1.AzureClusterSpec{ + SubscriptionID: fakeSubscriptionID, + NetworkSpec: infrav1.NetworkSpec{ + PrivateDNSZoneName: "example.private", + APIServerLB: infrav1.LoadBalancerSpec{ + Type: infrav1.Internal, + }, + }, + }, + }, + want: "apiserver.example.private", + }, + } + + for _, tc := range tests { + g := NewWithT(t) + scheme := runtime.NewScheme() + _ = clusterv1.AddToScheme(scheme) + _ = infrav1.AddToScheme(scheme) + + cluster := &clusterv1.Cluster{ + ObjectMeta: metav1.ObjectMeta{ + Name: "my-cluster", + Namespace: "default", + }, + } + cluster.Default() + + tc.azureCluster.ObjectMeta = metav1.ObjectMeta{ + Name: cluster.Name, + OwnerReferences: []metav1.OwnerReference{ + { + APIVersion: "cluster.x-k8s.io/v1beta1", + Kind: "Cluster", + Name: "my-cluster", + }, + }, + } + tc.azureCluster.Default() + + initObjects := []runtime.Object{cluster, &tc.azureCluster} + fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(initObjects...).Build() + + clusterScope, err := NewClusterScope(context.TODO(), ClusterScopeParams{ + AzureClients: AzureClients{ + Authorizer: autorest.NullAuthorizer{}, + }, + Cluster: cluster, + AzureCluster: &tc.azureCluster, + Client: fakeClient, + }) + g.Expect(err).ToNot(HaveOccurred()) + + g.Expect(clusterScope.APIServerHost()).Should(Equal(tc.want)) + } +} + func TestGettingSecurityRules(t *testing.T) { g := NewWithT(t) scheme := runtime.NewScheme()