Add support for public IP tags

kubernetes-sigs · Jul 7, 2022 · 36161ab · 36161ab
1 parent 453dfbf
commit 36161ab
Show file tree

Hide file tree

Showing 12 changed files with 376 additions and 29 deletions.
diff --git a/api/v1alpha3/azurecluster_conversion.go b/api/v1alpha3/azurecluster_conversion.go
@@ -75,6 +75,15 @@ func (src *AzureCluster) ConvertTo(dstRaw conversion.Hub) error {
 
 	dst.Spec.NetworkSpec.APIServerLB.FrontendIPsCount = restored.Spec.NetworkSpec.APIServerLB.FrontendIPsCount
 	dst.Spec.NetworkSpec.APIServerLB.IdleTimeoutInMinutes = restored.Spec.NetworkSpec.APIServerLB.IdleTimeoutInMinutes
+
+	for _, restoredFrontendIP := range restored.Spec.NetworkSpec.APIServerLB.FrontendIPs {
+		for i, dstFrontendIP := range dst.Spec.NetworkSpec.APIServerLB.FrontendIPs {
+			if restoredFrontendIP.Name == dstFrontendIP.Name && restoredFrontendIP.PublicIP != nil {
+				dst.Spec.NetworkSpec.APIServerLB.FrontendIPs[i].PublicIP.IPTags = restoredFrontendIP.PublicIP.IPTags
+			}
+		}
+	}
+
 	dst.Spec.CloudProviderConfigOverrides = restored.Spec.CloudProviderConfigOverrides
 	dst.Spec.BastionSpec = restored.Spec.BastionSpec
 
@@ -407,3 +416,8 @@ func Convert_v1beta1_FrontendIP_To_v1alpha3_FrontendIP(in *infrav1beta1.Frontend
 
 	return nil
 }
+
+// Convert_v1beta1_PublicIPSpec_To_v1alpha3_PublicIPSpec is an autogenerated conversion function.
+func Convert_v1beta1_PublicIPSpec_To_v1alpha3_PublicIPSpec(in *infrav1beta1.PublicIPSpec, out *PublicIPSpec, s apiconversion.Scope) error {
+	return autoConvert_v1beta1_PublicIPSpec_To_v1alpha3_PublicIPSpec(in, out, s)
+}
diff --git a/api/v1alpha3/zz_generated.conversion.go b/api/v1alpha3/zz_generated.conversion.go
diff --git a/api/v1alpha4/azurecluster_conversion.go b/api/v1alpha4/azurecluster_conversion.go
@@ -42,6 +42,54 @@ func (src *AzureCluster) ConvertTo(dstRaw conversion.Hub) error {
 	// Restore list of virtual network peerings
 	dst.Spec.NetworkSpec.Vnet.Peerings = restored.Spec.NetworkSpec.Vnet.Peerings
 
+	// Restore API Server LB IP tags.
+	for _, restoredFrontendIP := range restored.Spec.NetworkSpec.APIServerLB.FrontendIPs {
+		for i, dstFrontendIP := range dst.Spec.NetworkSpec.APIServerLB.FrontendIPs {
+			if restoredFrontendIP.Name == dstFrontendIP.Name && restoredFrontendIP.PublicIP != nil {
+				dst.Spec.NetworkSpec.APIServerLB.FrontendIPs[i].PublicIP.IPTags = restoredFrontendIP.PublicIP.IPTags
+			}
+		}
+	}
+
+	// Restore outbound LB IP tags.
+	if restored.Spec.NetworkSpec.ControlPlaneOutboundLB != nil {
+		for _, restoredFrontendIP := range restored.Spec.NetworkSpec.ControlPlaneOutboundLB.FrontendIPs {
+			for i, dstFrontendIP := range dst.Spec.NetworkSpec.ControlPlaneOutboundLB.FrontendIPs {
+				if restoredFrontendIP.Name == dstFrontendIP.Name && restoredFrontendIP.PublicIP != nil {
+					dst.Spec.NetworkSpec.APIServerLB.FrontendIPs[i].PublicIP.IPTags = restoredFrontendIP.PublicIP.IPTags
+				}
+			}
+		}
+	}
+	if restored.Spec.NetworkSpec.NodeOutboundLB != nil {
+		for _, restoredFrontendIP := range restored.Spec.NetworkSpec.NodeOutboundLB.FrontendIPs {
+			for i, dstFrontendIP := range dst.Spec.NetworkSpec.NodeOutboundLB.FrontendIPs {
+				if restoredFrontendIP.Name == dstFrontendIP.Name && restoredFrontendIP.PublicIP != nil {
+					dst.Spec.NetworkSpec.APIServerLB.FrontendIPs[i].PublicIP.IPTags = restoredFrontendIP.PublicIP.IPTags
+				}
+			}
+		}
+	}
+
+	// Restore NAT Gateway IP tags.
+	for _, restoredSubnet := range restored.Spec.NetworkSpec.Subnets {
+		for i, dstSubnet := range dst.Spec.NetworkSpec.Subnets {
+			if dstSubnet.Name == restoredSubnet.Name {
+				dst.Spec.NetworkSpec.Subnets[i].NatGateway.NatGatewayIP.IPTags = restoredSubnet.NatGateway.NatGatewayIP.IPTags
+			}
+		}
+	}
+
+	// Restore Azure Bastion IP tags.
+	if restored.Spec.BastionSpec.AzureBastion != nil && dst.Spec.BastionSpec.AzureBastion != nil {
+		if restored.Spec.BastionSpec.AzureBastion.PublicIP.Name == dst.Spec.BastionSpec.AzureBastion.PublicIP.Name {
+			dst.Spec.BastionSpec.AzureBastion.PublicIP.IPTags = restored.Spec.BastionSpec.AzureBastion.PublicIP.IPTags
+		}
+		if restored.Spec.BastionSpec.AzureBastion.Subnet.NatGateway.NatGatewayIP.Name == dst.Spec.BastionSpec.AzureBastion.Subnet.NatGateway.NatGatewayIP.Name {
+			dst.Spec.BastionSpec.AzureBastion.Subnet.NatGateway.NatGatewayIP.IPTags = restored.Spec.BastionSpec.AzureBastion.Subnet.NatGateway.NatGatewayIP.IPTags
+		}
+	}
+
 	return nil
 }
 
@@ -299,3 +347,8 @@ func Convert_v1beta1_NatGateway_To_v1alpha4_NatGateway(in *infrav1beta1.NatGatew
 	out.Name = in.Name
 	return nil
 }
+
+// Convert_v1beta1_PublicIPSpec_To_v1alpha4_PublicIPSpec is an autogenerated conversion function.
+func Convert_v1beta1_PublicIPSpec_To_v1alpha4_PublicIPSpec(in *infrav1beta1.PublicIPSpec, out *PublicIPSpec, s apiconversion.Scope) error {
+	return autoConvert_v1beta1_PublicIPSpec_To_v1alpha4_PublicIPSpec(in, out, s)
+}
diff --git a/api/v1alpha4/zz_generated.conversion.go b/api/v1alpha4/zz_generated.conversion.go
diff --git a/api/v1beta1/azurecluster_validation.go b/api/v1beta1/azurecluster_validation.go
@@ -391,7 +391,7 @@ func validateNodeOutboundLB(lb *LoadBalancerSpec, old *LoadBalancerSpec, apiserv
 		if len(old.FrontendIPs) == len(lb.FrontendIPs) {
 			for i, frontEndIP := range lb.FrontendIPs {
 				oldFrontendIP := old.FrontendIPs[i]
-				if oldFrontendIP.Name != frontEndIP.Name || *oldFrontendIP.PublicIP != *frontEndIP.PublicIP {
+				if oldFrontendIP.Name != frontEndIP.Name || !reflect.DeepEqual(*oldFrontendIP.PublicIP, *frontEndIP.PublicIP) {
 					allErrs = append(allErrs, field.Forbidden(fldPath.Child("frontendIPs").Index(i),
 						"Node outbound load balancer FrontendIPs cannot be modified after AzureCluster creation."))
 				}

diff --git a/api/v1beta1/types.go b/api/v1beta1/types.go
@@ -280,6 +280,16 @@ type PublicIPSpec struct {
 	Name string `json:"name"`
 	// +optional
 	DNSName string `json:"dnsName,omitempty"`
+	// +optional
+	IPTags []IPTag `json:"ipTags,omitempty"`
+}
+
+// IPTag contains the IpTag associated with the object.
+type IPTag struct {
+	// Type specifies the IP tag type. Example: FirstPartyUsage.
+	Type string `json:"type"`
+	// Tag specifies the value of the IP tag associated with the public IP. Example: SQL.
+	Tag string `json:"tag"`
 }
 
 // VMState describes the state of an Azure virtual machine.

diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
diff --git a/azure/converters/publicips.go b/azure/converters/publicips.go
@@ -0,0 +1,38 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package converters
+
+import (
+	"github.com/Azure/azure-sdk-for-go/services/network/mgmt/2021-02-01/network"
+	"github.com/Azure/go-autorest/autorest/to"
+	infrav1 "sigs.k8s.io/cluster-api-provider-azure/api/v1beta1"
+)
+
+// IPTagsToSDK converts a CAPZ IP tag to an Azure SDK IP tag.
+func IPTagsToSDK(ipTags []infrav1.IPTag) *[]network.IPTag {
+	if len(ipTags) == 0 {
+		return nil
+	}
+	skdIPTags := make([]network.IPTag, len(ipTags))
+	for i, ipTag := range ipTags {
+		skdIPTags[i] = network.IPTag{
+			IPTagType: to.StringPtr(ipTag.Type),
+			Tag:       to.StringPtr(ipTag.Tag),
+		}
+	}
+	return &skdIPTags
+}