update natgateways to use aso framework

kubernetes-sigs · Oct 3, 2023 · 9540f48 · 9540f48
1 parent 337e5d5
commit 9540f48
Show file tree

Hide file tree

Showing 14 changed files with 747 additions and 490 deletions.
diff --git a/Makefile b/Makefile
@@ -162,7 +162,7 @@ WEBHOOK_ROOT ?= $(MANIFEST_ROOT)/webhook
 RBAC_ROOT ?= $(MANIFEST_ROOT)/rbac
 ASO_CRDS_PATH := $(MANIFEST_ROOT)/aso/crds.yaml
 ASO_VERSION := v2.3.0
-ASO_CRDS := resourcegroups.resources.azure.com
+ASO_CRDS := resourcegroups.resources.azure.com natgateways.network.azure.com
 
 # Allow overriding the imagePullPolicy
 PULL_POLICY ?= Always

diff --git a/azure/scope/cluster.go b/azure/scope/cluster.go
@@ -20,6 +20,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	asonetworkv1 "github.com/Azure/azure-service-operator/v2/api/network/v1api20220701"
 	"hash/fnv"
 	"sort"
 	"strconv"
@@ -326,9 +327,9 @@ func (s *ClusterScope) RouteTableSpecs() []azure.ResourceSpecGetter {
 }
 
 // NatGatewaySpecs returns the node NAT gateway.
-func (s *ClusterScope) NatGatewaySpecs() []azure.ResourceSpecGetter {
+func (s *ClusterScope) NatGatewaySpecs() []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway] {
 	natGatewaySet := make(map[string]struct{})
-	var natGateways []azure.ResourceSpecGetter
+	var natGateways []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]
 
 	// We ignore the control plane NAT gateway, as we will always use a LB to enable egress on the control plane.
 	for _, subnet := range s.NodeSubnets() {
@@ -337,6 +338,7 @@ func (s *ClusterScope) NatGatewaySpecs() []azure.ResourceSpecGetter {
 				natGatewaySet[subnet.NatGateway.Name] = struct{}{} // empty struct to represent hash set
 				natGateways = append(natGateways, &natgateways.NatGatewaySpec{
 					Name:           subnet.NatGateway.Name,
+					Namespace:      s.Namespace(),
 					ResourceGroup:  s.ResourceGroup(),
 					SubscriptionID: s.SubscriptionID(),
 					Location:       s.Location(),
@@ -345,6 +347,9 @@ func (s *ClusterScope) NatGatewaySpecs() []azure.ResourceSpecGetter {
 						Name: subnet.NatGateway.NatGatewayIP.Name,
 					},
 					AdditionalTags: s.AdditionalTags(),
+					// This is a bit of a hack, but we need to know if the VNet is managed to know if
+					// this NAT Gateway was-managed or not.
+					IsVnetManaged: s.IsVnetManaged(),
 				})
 			}
 		}

diff --git a/azure/scope/cluster_test.go b/azure/scope/cluster_test.go
@@ -19,6 +19,8 @@ package scope
 import (
 	"context"
 	"fmt"
+	asonetworkv1 "github.com/Azure/azure-service-operator/v2/api/network/v1api20220701"
+	"github.com/Azure/azure-service-operator/v2/pkg/genruntime"
 	"reflect"
 	"strings"
 	"testing"
@@ -44,7 +46,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 )
 
-func specToString(spec azure.ResourceSpecGetter) string {
+func specToString(spec any) string {
 	var sb strings.Builder
 	sb.WriteString("{ ")
 	sb.WriteString(fmt.Sprintf("%+v ", spec))
@@ -63,6 +65,17 @@ func specArrayToString(specs []azure.ResourceSpecGetter) string {
 	return sb.String()
 }
 
+func specArrayToStringForAsoResource[T genruntime.MetaObject](specs []azure.ASOResourceSpecGetter[T]) string {
+	var sb strings.Builder
+	sb.WriteString("[\n")
+	for _, spec := range specs {
+		sb.WriteString(fmt.Sprintf("\t%+v\n", specToString(spec)))
+	}
+	sb.WriteString("]")
+
+	return sb.String()
+}
+
 func TestAPIServerHost(t *testing.T) {
 	fakeSubscriptionID := "123"
 
@@ -867,7 +880,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 	tests := []struct {
 		name         string
 		clusterScope ClusterScope
-		want         []azure.ResourceSpecGetter
+		want         []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]
 	}{
 		{
 			name: "returns nil if no subnets are specified",
@@ -929,7 +942,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 				},
 				cache: &ClusterCache{},
 			},
-			want: []azure.ResourceSpecGetter{
+			want: []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]{
 				&natgateways.NatGatewaySpec{
 					Name:           "fake-nat-gateway-1",
 					ResourceGroup:  "my-rg",
@@ -1007,7 +1020,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 				},
 				cache: &ClusterCache{},
 			},
-			want: []azure.ResourceSpecGetter{
+			want: []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]{
 				&natgateways.NatGatewaySpec{
 					Name:           "fake-nat-gateway-1",
 					ResourceGroup:  "my-rg",
@@ -1084,7 +1097,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 				},
 				cache: &ClusterCache{},
 			},
-			want: []azure.ResourceSpecGetter{
+			want: []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]{
 				&natgateways.NatGatewaySpec{
 					Name:           "fake-nat-gateway-1",
 					ResourceGroup:  "my-rg",
@@ -1105,7 +1118,79 @@ func TestNatGatewaySpecs(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
 			if got := tt.clusterScope.NatGatewaySpecs(); !reflect.DeepEqual(got, tt.want) {
-				t.Errorf("NatGatewaySpecs() = %s, want %s", specArrayToString(got), specArrayToString(tt.want))
+				t.Errorf("NatGatewaySpecs() = %s, want %s", specArrayToStringForAsoResource(got), specArrayToStringForAsoResource(tt.want))
+			}
+		})
+	}
+}
+
+func TestSetNatGatewayIDInSubnets(t *testing.T) {
+	tests := []struct {
+		name          string
+		clusterScope  ClusterScope
+		asoNatgateway *asonetworkv1.NatGateway
+	}{
+		{
+			name: "sets nat gateway id in the matching subnet",
+			clusterScope: ClusterScope{
+				Cluster: &clusterv1.Cluster{
+					ObjectMeta: metav1.ObjectMeta{
+						Name: "my-cluster",
+					},
+				},
+				AzureCluster: &infrav1.AzureCluster{
+					Spec: infrav1.AzureClusterSpec{
+						NetworkSpec: infrav1.NetworkSpec{
+							Subnets: infrav1.Subnets{
+								{
+									SubnetClassSpec: infrav1.SubnetClassSpec{
+										Name: "fake-subnet-1",
+									},
+									NatGateway: infrav1.NatGateway{
+										NatGatewayClassSpec: infrav1.NatGatewayClassSpec{
+											Name: "fake-nat-gateway-1",
+										},
+									},
+								},
+								{
+									SubnetClassSpec: infrav1.SubnetClassSpec{
+										Name: "fake-subnet-2",
+									},
+									NatGateway: infrav1.NatGateway{
+										NatGatewayClassSpec: infrav1.NatGatewayClassSpec{
+											Name: "fake-nat-gateway-2",
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+				cache: &ClusterCache{},
+			},
+			asoNatgateway: &asonetworkv1.NatGateway{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "fake-nat-gateway-1",
+				},
+				Status: asonetworkv1.NatGateway_STATUS{
+					Id: ptr.To("dummy-id-1"),
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			g := NewWithT(t)
+			t.Parallel()
+			tt.clusterScope.SetNatGatewayIDInSubnets(tt.asoNatgateway.Name, *tt.asoNatgateway.Status.Id)
+			for _, subnet := range tt.clusterScope.AzureCluster.Spec.NetworkSpec.Subnets {
+				if subnet.NatGateway.Name == tt.asoNatgateway.Name {
+					g.Expect(subnet.NatGateway.ID).To(Equal(*tt.asoNatgateway.Status.Id))
+				} else {
+					g.Expect(subnet.NatGateway.ID).To(Equal(""))
+				}
 			}
 		})
 	}

diff --git a/azure/services/natgateways/client.go b/azure/services/natgateways/client.go
diff --git a/azure/services/natgateways/mock_natgateways/doc.go b/azure/services/natgateways/mock_natgateways/doc.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2019 The Kubernetes Authors.
+Copyright 2023 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

diff --git a/azure/services/natgateways/mock_natgateways/natgateways_mock.go b/azure/services/natgateways/mock_natgateways/natgateways_mock.go