Make VNet and NSGs reconcile/delete async

api/v1alpha4/types.go

@@ -111,11 +111,6 @@ type VnetSpec struct {
 	Tags Tags `json:"tags,omitempty"`
 }
 
-// IsManaged returns true if the vnet is managed.
-func (v *VnetSpec) IsManaged(clusterName string) bool {
-	return v.ID == "" || v.Tags.HasOwned(clusterName)
-}
-
 // Subnets is a slice of Subnet.
 type Subnets []SubnetSpec
 

azure/interfaces.go

@@ -54,7 +54,7 @@ type Authorizer interface {
 // NetworkDescriber is an interface which can get common Azure Cluster Networking information.
 type NetworkDescriber interface {
 	Vnet() *infrav1.VnetSpec
-	IsVnetManaged() bool
+	IsVnetManaged() (bool, error)
 	ControlPlaneSubnet() infrav1.SubnetSpec
 	Subnets() infrav1.Subnets
 	Subnet(string) infrav1.SubnetSpec

azure/scope/cluster.go

@@ -36,6 +36,8 @@ import (
 
 	infrav1 "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha4"
 	"sigs.k8s.io/cluster-api-provider-azure/azure"
+	"sigs.k8s.io/cluster-api-provider-azure/azure/services/securitygroups"
+	"sigs.k8s.io/cluster-api-provider-azure/azure/services/virtualnetworks"
 	"sigs.k8s.io/cluster-api-provider-azure/util/futures"
 )
 
@@ -90,6 +92,7 @@ func NewClusterScope(ctx context.Context, params ClusterScopeParams) (*ClusterSc
 		Cluster:      params.Cluster,
 		AzureCluster: params.AzureCluster,
 		patchHelper:  helper,
+		cache:        &clusterCache{},
 	}, nil
 }
 
@@ -102,6 +105,12 @@ type ClusterScope struct {
 	AzureClients
 	Cluster      *clusterv1.Cluster
 	AzureCluster *infrav1.AzureCluster
+	cache        *clusterCache
+}
+
+// clusterCache stores common cluster information so we don't have to hit the API multiple times within the same reconcile loop.
+type clusterCache struct {
+	IsVnetManaged *bool
 }
 
 // BaseURI returns the Azure ResourceManagerEndpoint.
@@ -243,12 +252,14 @@ func (s *ClusterScope) NatGatewaySpecs() []azure.NatGatewaySpec {
 }
 
 // NSGSpecs returns the security group specs.
-func (s *ClusterScope) NSGSpecs() []azure.NSGSpec {
-	nsgspecs := []azure.NSGSpec{}
+func (s *ClusterScope) NSGSpecs() []azure.ResourceSpecGetter {
+	nsgspecs := []azure.ResourceSpecGetter{}
 	for _, subnet := range s.AzureCluster.Spec.NetworkSpec.Subnets {
-		nsgspecs = append(nsgspecs, azure.NSGSpec{
+		nsgspecs = append(nsgspecs, &securitygroups.NSGSpec{
 			Name:          subnet.SecurityGroup.Name,
 			SecurityRules: subnet.SecurityGroup.SecurityRules,
+			ResourceGroup: s.ResourceGroup(),
+			Location:      s.Location(),
 		})
 	}
 
@@ -287,11 +298,14 @@ func (s *ClusterScope) SubnetSpecs() []azure.SubnetSpec {
 }
 
 // VNetSpec returns the virtual network spec.
-func (s *ClusterScope) VNetSpec() azure.VNetSpec {
-	return azure.VNetSpec{
-		ResourceGroup: s.Vnet().ResourceGroup,
-		Name:          s.Vnet().Name,
-		CIDRs:         s.Vnet().CIDRBlocks,
+func (s *ClusterScope) VNetSpec() azure.ResourceSpecGetter {
+	return &virtualnetworks.VNetSpec{
+		ResourceGroup:  s.Vnet().ResourceGroup,
+		Name:           s.Vnet().Name,
+		CIDRs:          s.Vnet().CIDRBlocks,
+		Location:       s.Location(),
+		ClusterName:    s.ClusterName(),
+		AdditionalTags: s.AdditionalTags(),
 	}
 }
 
@@ -336,8 +350,16 @@ func (s *ClusterScope) Vnet() *infrav1.VnetSpec {
 }
 
 // IsVnetManaged returns true if the vnet is managed.
-func (s *ClusterScope) IsVnetManaged() bool {
-	return s.Vnet().ID == "" || s.Vnet().Tags.HasOwned(s.ClusterName())
+func (s *ClusterScope) IsVnetManaged() (bool, error) {
+	if s.cache.IsVnetManaged != nil {
+		return to.Bool(s.cache.IsVnetManaged), nil
+	}
+	return false, errors.New("could not determine if vnet is managed")
+}
+
+// SetVnetManagedCache stores the value of VNet management in the cluster cache so it can be accessed later in the reconcile.
+func (s *ClusterScope) SetVnetManagedCache(managed bool) {
+	s.cache.IsVnetManaged = &managed
 }
 
 // IsIPv6Enabled returns true if IPv6 is enabled.
@@ -539,13 +561,20 @@ func (s *ClusterScope) ListOptionsLabelSelector() client.ListOption {
 
 // PatchObject persists the cluster configuration and status.
 func (s *ClusterScope) PatchObject(ctx context.Context) error {
-	conditions.SetSummary(s.AzureCluster)
+	conditions.SetSummary(s.AzureCluster,
+		conditions.WithConditions(
+			infrav1.VNetReadyCondition,
+			infrav1.SecurityGroupsReadyCondition,
+		),
+	)
 
 	return s.patchHelper.Patch(
 		ctx,
 		s.AzureCluster,
 		patch.WithOwnedConditions{Conditions: []clusterv1.ConditionType{
 			clusterv1.ReadyCondition,
+			infrav1.VNetReadyCondition,
+			infrav1.SecurityGroupsReadyCondition,
 		}})
 }
 

azure/scope/managedcontrolplane.go

@@ -24,6 +24,7 @@ import (
 	"strings"
 
 	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/to"
 	"github.com/go-logr/logr"
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
@@ -38,6 +39,7 @@ import (
 
 	infrav1 "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha4"
 	"sigs.k8s.io/cluster-api-provider-azure/azure"
+	"sigs.k8s.io/cluster-api-provider-azure/azure/services/virtualnetworks"
 	infrav1exp "sigs.k8s.io/cluster-api-provider-azure/exp/api/v1alpha4"
 	"sigs.k8s.io/cluster-api-provider-azure/util/futures"
 )
@@ -100,6 +102,7 @@ func NewManagedControlPlaneScope(ctx context.Context, params ManagedControlPlane
 		InfraMachinePool: params.InfraMachinePool,
 		PatchTarget:      params.PatchTarget,
 		patchHelper:      helper,
+		cache:            &clusterCache{},
 	}, nil
 }
 
@@ -116,6 +119,7 @@ type ManagedControlPlaneScope struct {
 	ControlPlane     *infrav1exp.AzureManagedControlPlane
 	InfraMachinePool *infrav1exp.AzureManagedMachinePool
 	PatchTarget      client.Object
+	cache            *clusterCache
 
 	SystemNodePools []infrav1exp.AzureManagedMachinePool
 }
@@ -198,11 +202,14 @@ func (s *ManagedControlPlaneScope) Vnet() *infrav1.VnetSpec {
 }
 
 // VNetSpec returns the virtual network spec.
-func (s *ManagedControlPlaneScope) VNetSpec() azure.VNetSpec {
-	return azure.VNetSpec{
-		ResourceGroup: s.Vnet().ResourceGroup,
-		Name:          s.Vnet().Name,
-		CIDRs:         s.Vnet().CIDRBlocks,
+func (s *ManagedControlPlaneScope) VNetSpec() azure.ResourceSpecGetter {
+	return &virtualnetworks.VNetSpec{
+		ResourceGroup:  s.Vnet().ResourceGroup,
+		Name:           s.Vnet().Name,
+		CIDRs:          s.Vnet().CIDRBlocks,
+		Location:       s.Location(),
+		ClusterName:    s.ClusterName(),
+		AdditionalTags: s.AdditionalTags(),
 	}
 }
 
@@ -284,8 +291,16 @@ func (s *ManagedControlPlaneScope) IsIPv6Enabled() bool {
 }
 
 // IsVnetManaged returns true if the vnet is managed.
-func (s *ManagedControlPlaneScope) IsVnetManaged() bool {
-	return true
+func (s *ManagedControlPlaneScope) IsVnetManaged() (bool, error) {
+	if s.cache.IsVnetManaged != nil {
+		return to.Bool(s.cache.IsVnetManaged), nil
+	}
+	return false, errors.New("could not determine if vnet is managed")
+}
+
+// SetVnetManagedCache stores the value of VNet management in the cluster cache so it can be accessed later in the reconcile.
+func (s *ManagedControlPlaneScope) SetVnetManagedCache(managed bool) {
+	s.cache.IsVnetManaged = &managed
 }
 
 // APIServerLBName returns the API Server LB name.

azure/services/natgateways/natgateways.go

@@ -58,7 +58,10 @@ func (s *Service) Reconcile(ctx context.Context) error {
 	ctx, span := tele.Tracer().Start(ctx, "natgateways.Service.Reconcile")
 	defer span.End()
 
-	if !s.Scope.Vnet().IsManaged(s.Scope.ClusterName()) {
+	managed, err := s.Scope.IsVnetManaged()
+	if err != nil {
+		return errors.Wrap(err, "failed to check if vnet is managed")
+	} else if !managed {
 		s.Scope.V(4).Info("Skipping nat gateways reconcile in custom vnet mode")
 		return nil
 	}
@@ -152,7 +155,10 @@ func (s *Service) Delete(ctx context.Context) error {
 	ctx, span := tele.Tracer().Start(ctx, "natgateways.Service.Delete")
 	defer span.End()
 
-	if !s.Scope.Vnet().IsManaged(s.Scope.ClusterName()) {
+	managed, err := s.Scope.IsVnetManaged()
+	if err != nil {
+		return errors.Wrap(err, "failed to check if vnet is managed")
+	} else if !managed {
 		s.Scope.V(4).Info("Skipping nat gateway deletion in custom vnet mode")
 		return nil
 	}