Add the ability to have different route tables for control plane and …

…worker

api/v1alpha3/azurecluster_default.go

@@ -88,9 +88,6 @@ func (c *AzureCluster) setSubnetDefaults() {
 	if cpSubnet.SecurityGroup.Name == "" {
 		cpSubnet.SecurityGroup.Name = generateControlPlaneSecurityGroupName(c.ObjectMeta.Name)
 	}
-	if cpSubnet.RouteTable.Name == "" {
-		cpSubnet.RouteTable.Name = generateRouteTableName(c.ObjectMeta.Name)
-	}
 
 	if nodeSubnet.Name == "" {
 		nodeSubnet.Name = generateNodeSubnetName(c.ObjectMeta.Name)
@@ -102,7 +99,7 @@ func (c *AzureCluster) setSubnetDefaults() {
 		nodeSubnet.SecurityGroup.Name = generateNodeSecurityGroupName(c.ObjectMeta.Name)
 	}
 	if nodeSubnet.RouteTable.Name == "" {
-		nodeSubnet.RouteTable.Name = generateRouteTableName(c.ObjectMeta.Name)
+		nodeSubnet.RouteTable.Name = generateNodeRouteTableName(c.ObjectMeta.Name)
 	}
 }
 
@@ -131,7 +128,7 @@ func generateNodeSecurityGroupName(clusterName string) string {
 	return fmt.Sprintf("%s-%s", clusterName, "node-nsg")
 }
 
-// generateRouteTableName generates a route table name, based on the cluster name.
-func generateRouteTableName(clusterName string) string {
+// generateNodeRouteTableName generates a node route table name, based on the cluster name.
+func generateNodeRouteTableName(clusterName string) string {
 	return fmt.Sprintf("%s-%s", clusterName, "node-routetable")
 }

api/v1alpha3/azurecluster_default_test.go

@@ -250,7 +250,7 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "cluster-test-controlplane-subnet",
 								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
-								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+								RouteTable:    RouteTable{},
 							},
 							{
 								Role:          SubnetNode,
@@ -299,7 +299,7 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "my-controlplane-subnet",
 								CIDRBlocks:    []string{"10.0.0.16/24"},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
-								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+								RouteTable:    RouteTable{},
 							},
 							{
 								Role:          SubnetNode,
@@ -346,8 +346,58 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "cluster-test-controlplane-subnet",
 								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
+								RouteTable:    RouteTable{},
+							},
+							{
+								Role:          SubnetNode,
+								Name:          "cluster-test-node-subnet",
+								CIDRBlocks:    []string{DefaultNodeSubnetCIDR},
+								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "subnets route tables specified",
+			cluster: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						Subnets: Subnets{
+							{
+								Role: SubnetControlPlane,
+								Name: "cluster-test-controlplane-subnet",
+								RouteTable: RouteTable{
+									Name: "control-plane-custom-route-table",
+								},
+							},
+							{
+								Role: SubnetNode,
+								Name: "cluster-test-node-subnet",
+							},
+						},
+					},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						Subnets: Subnets{
+							{
+								Role:          SubnetControlPlane,
+								Name:          "cluster-test-controlplane-subnet",
+								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
+								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
+								RouteTable:    RouteTable{Name: "control-plane-custom-route-table"},
+							},
 							{
 								Role:          SubnetNode,
 								Name:          "cluster-test-node-subnet",
@@ -396,7 +446,7 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "cluster-test-controlplane-subnet",
 								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
-								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+								RouteTable:    RouteTable{},
 							},
 						},
 					},
@@ -444,7 +494,7 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "cluster-test-controlplane-subnet",
 								CIDRBlocks:    []string{"2001:beef::1/64"},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
-								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+								RouteTable:    RouteTable{},
 							},
 							{
 								Role:          SubnetNode,

cloud/interfaces.go

@@ -67,6 +67,7 @@ type ClusterDescriber interface {
 	IsVnetManaged() bool
 	NodeSubnet() *infrav1.SubnetSpec
 	ControlPlaneSubnet() *infrav1.SubnetSpec
-	RouteTable() *infrav1.RouteTable
 	IsIPv6Enabled() bool
+	NodeRouteTable() *infrav1.RouteTable
+	ControlPlaneRouteTable() *infrav1.RouteTable
 }

cloud/scope/cluster.go

@@ -19,9 +19,10 @@ package scope
 import (
 	"context"
 	"fmt"
-	"k8s.io/utils/net"
 	"strconv"
 
+	"k8s.io/utils/net"
+
 	"github.com/Azure/go-autorest/autorest/to"
 
 	"github.com/Azure/go-autorest/autorest"
@@ -152,11 +153,16 @@ func (s *ClusterScope) LBSpecs() []azure.LBSpec {
 	return specs
 }
 
-// RouteTableSpecs returns the node route table(s)
+// RouteTableSpecs returns the node route table
 func (s *ClusterScope) RouteTableSpecs() []azure.RouteTableSpec {
-	return []azure.RouteTableSpec{{
-		Name: s.RouteTable().Name,
-	}}
+	routetables := []azure.RouteTableSpec{}
+	if s.ControlPlaneRouteTable().Name != "" {
+		routetables = append(routetables, azure.RouteTableSpec{Name: s.ControlPlaneRouteTable().Name, Subnet: s.ControlPlaneSubnet()})
+	}
+	if s.NodeRouteTable().Name != "" {
+		routetables = append(routetables, azure.RouteTableSpec{Name: s.NodeRouteTable().Name, Subnet: s.NodeSubnet()})
+	}
+	return routetables
 }
 
 // NSGSpecs returns the security group specs.
@@ -196,7 +202,7 @@ func (s *ClusterScope) SubnetSpecs() []azure.SubnetSpec {
 	}
 }
 
-/// VNetSpecs returns the virtual network specs.
+// VNetSpecs returns the virtual network specs.
 func (s *ClusterScope) VNetSpecs() []azure.VNetSpec {
 	return []azure.VNetSpec{
 		{
@@ -242,8 +248,13 @@ func (s *ClusterScope) NodeSubnet() *infrav1.SubnetSpec {
 	return s.AzureCluster.Spec.NetworkSpec.GetNodeSubnet()
 }
 
-// RouteTable returns the cluster node routetable.
-func (s *ClusterScope) RouteTable() *infrav1.RouteTable {
+// ControlPlaneRouteTable returns the cluster controlplane routetable.
+func (s *ClusterScope) ControlPlaneRouteTable() *infrav1.RouteTable {
+	return &s.AzureCluster.Spec.NetworkSpec.GetControlPlaneSubnet().RouteTable
+}
+
+// NodeRouteTable returns the cluster node routetable.
+func (s *ClusterScope) NodeRouteTable() *infrav1.RouteTable {
 	return &s.AzureCluster.Spec.NetworkSpec.GetNodeSubnet().RouteTable
 }
 
@@ -320,6 +331,7 @@ func (s *ClusterScope) SetFailureDomain(id string, spec clusterv1.FailureDomainS
 	s.AzureCluster.Status.FailureDomains[id] = spec
 }
 
+// SetControlPlaneIngressRules will set the ingress rules or the control plane subnet
 func (s *ClusterScope) SetControlPlaneIngressRules() {
 	if s.ControlPlaneSubnet().SecurityGroup.IngressRules == nil {
 		s.ControlPlaneSubnet().SecurityGroup.IngressRules = infrav1.IngressRules{