Add the ability to have different route tables for control plane and …

…worker

api/v1alpha3/azurecluster_default.go

@@ -80,7 +80,7 @@ func (c *AzureCluster) setSubnetDefaults() {
 		cpSubnet.SecurityGroup.Name = generateControlPlaneSecurityGroupName(c.ObjectMeta.Name)
 	}
 	if cpSubnet.RouteTable.Name == "" {
-		cpSubnet.RouteTable.Name = generateRouteTableName(c.ObjectMeta.Name)
+		cpSubnet.RouteTable.Name = generateControlPlaneRouteTableName(c.ObjectMeta.Name)
 	}
 
 	if nodeSubnet.Name == "" {
@@ -93,7 +93,7 @@ func (c *AzureCluster) setSubnetDefaults() {
 		nodeSubnet.SecurityGroup.Name = generateNodeSecurityGroupName(c.ObjectMeta.Name)
 	}
 	if nodeSubnet.RouteTable.Name == "" {
-		nodeSubnet.RouteTable.Name = generateRouteTableName(c.ObjectMeta.Name)
+		nodeSubnet.RouteTable.Name = generateNodeRouteTableName(c.ObjectMeta.Name)
 	}
 }
 
@@ -122,7 +122,12 @@ func generateNodeSecurityGroupName(clusterName string) string {
 	return fmt.Sprintf("%s-%s", clusterName, "node-nsg")
 }
 
-// generateRouteTableName generates a route table name, based on the cluster name.
-func generateRouteTableName(clusterName string) string {
+// generateControlPlaneRouteTableName generates a controlplane route table name, based on the cluster name.
+func generateControlPlaneRouteTableName(clusterName string) string {
+	return fmt.Sprintf("%s-%s", clusterName, "controlplane-routetable")
+}
+
+// generateNodeRouteTableName generates a node route table name, based on the cluster name.
+func generateNodeRouteTableName(clusterName string) string {
 	return fmt.Sprintf("%s-%s", clusterName, "node-routetable")
 }

api/v1alpha3/azurecluster_default_test.go

@@ -219,7 +219,7 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "cluster-test-controlplane-subnet",
 								CidrBlock:     DefaultControlPlaneSubnetCIDR,
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
-								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+								RouteTable:    RouteTable{Name: "cluster-test-controlplane-routetable"},
 							},
 							{
 								Role:          SubnetNode,
@@ -268,7 +268,7 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "my-controlplane-subnet",
 								CidrBlock:     "10.0.0.16/24",
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
-								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+								RouteTable:    RouteTable{Name: "cluster-test-controlplane-routetable"},
 							},
 							{
 								Role:          SubnetNode,
@@ -315,7 +315,7 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "cluster-test-controlplane-subnet",
 								CidrBlock:     DefaultControlPlaneSubnetCIDR,
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
-								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+								RouteTable:    RouteTable{Name: "cluster-test-controlplane-routetable"},
 							},
 							{
 								Role:          SubnetNode,
@@ -365,7 +365,7 @@ func TestSubnetDefaults(t *testing.T) {
 								Name:          "cluster-test-controlplane-subnet",
 								CidrBlock:     DefaultControlPlaneSubnetCIDR,
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
-								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+								RouteTable:    RouteTable{Name: "cluster-test-controlplane-routetable"},
 							},
 						},
 					},

cloud/interfaces.go

@@ -67,5 +67,6 @@ type ClusterDescriber interface {
 	IsVnetManaged() bool
 	NodeSubnet() *infrav1.SubnetSpec
 	ControlPlaneSubnet() *infrav1.SubnetSpec
-	RouteTable() *infrav1.RouteTable
+	NodeRouteTable() *infrav1.RouteTable
+	ControlPlaneRouteTable() *infrav1.RouteTable
 }

cloud/scope/cluster.go

@@ -149,11 +149,18 @@ func (s *ClusterScope) LBSpecs() []azure.LBSpec {
 	}
 }
 
-// RouteTableSpecs returns the node route table(s)
+// RouteTableSpecs returns the node route table
 func (s *ClusterScope) RouteTableSpecs() []azure.RouteTableSpec {
-	return []azure.RouteTableSpec{{
-		Name: s.RouteTable().Name,
-	}}
+	return []azure.RouteTableSpec{
+		{
+			Name:   s.ControlPlaneRouteTable().Name,
+			Subnet: s.ControlPlaneSubnet(),
+		},
+		{
+			Name:   s.NodeRouteTable().Name,
+			Subnet: s.NodeSubnet(),
+		},
+	}
 }
 
 // NSGSpecs returns the security group specs.
@@ -193,7 +200,7 @@ func (s *ClusterScope) SubnetSpecs() []azure.SubnetSpec {
 	}
 }
 
-/// VNetSpecs returns the virtual network specs.
+// VNetSpecs returns the virtual network specs.
 func (s *ClusterScope) VNetSpecs() []azure.VNetSpec {
 	return []azure.VNetSpec{
 		{
@@ -229,8 +236,13 @@ func (s *ClusterScope) NodeSubnet() *infrav1.SubnetSpec {
 	return s.AzureCluster.Spec.NetworkSpec.GetNodeSubnet()
 }
 
-// RouteTable returns the cluster node routetable.
-func (s *ClusterScope) RouteTable() *infrav1.RouteTable {
+// ControlPlaneRouteTable returns the cluster controlplane routetable.
+func (s *ClusterScope) ControlPlaneRouteTable() *infrav1.RouteTable {
+	return &s.AzureCluster.Spec.NetworkSpec.GetControlPlaneSubnet().RouteTable
+}
+
+// NodeRouteTable returns the cluster node routetable.
+func (s *ClusterScope) NodeRouteTable() *infrav1.RouteTable {
 	return &s.AzureCluster.Spec.NetworkSpec.GetNodeSubnet().RouteTable
 }
 
@@ -307,6 +319,7 @@ func (s *ClusterScope) SetFailureDomain(id string, spec clusterv1.FailureDomainS
 	s.AzureCluster.Status.FailureDomains[id] = spec
 }
 
+// SetControlPlaneIngressRules will set the ingress rules or the control plane subnet
 func (s *ClusterScope) SetControlPlaneIngressRules() {
 	if s.ControlPlaneSubnet().SecurityGroup.IngressRules == nil {
 		s.ControlPlaneSubnet().SecurityGroup.IngressRules = infrav1.IngressRules{