Delegate cx subnets with delegator app.

Author: sivakami

.pipelines/swiftv2-long-running/scripts/create_vnets.sh

@@ -23,9 +23,9 @@ az account set --subscription "$SUB_ID"
 # Verification functions
 # -------------------------------
 verify_vnet() {
-  local rg="$1"; local vnet="$2"
+  local vnet="$1"
   echo "==> Verifying VNet: $vnet"
-  if az network vnet show -g "$rg" -n "$vnet" &>/dev/null; then
+  if az network vnet show -g "$RG" -n "$vnet" &>/dev/null; then
     echo "[OK] Verified VNet $vnet exists."
   else
     echo "[ERROR] VNet $vnet not found!" >&2
@@ -34,16 +34,77 @@ verify_vnet() {
 }
 
 verify_subnet() {
-  local rg="$1"; local vnet="$2"; local subnet="$3"
+  local vnet="$1"; local subnet="$2"
   echo "==> Verifying subnet: $subnet in $vnet"
-  if az network vnet subnet show -g "$rg" --vnet-name "$vnet" -n "$subnet" &>/dev/null; then
+  if az network vnet subnet show -g "$RG" --vnet-name "$vnet" -n "$subnet" &>/dev/null; then
     echo "[OK] Verified subnet $subnet exists in $vnet."
   else
     echo "[ERROR] Subnet $subnet not found in $vnet!" >&2
     exit 1
   fi
 }
 
+# -------------------------------
+create_vnet_subets() { 
+  local vnet="$2"; 
+  local vnet_cidr="$3"
+  local node_subnet_cidr="$4"; 
+  local extra_subnets="$5"; 
+  local extra_cidrs="$6"
+
+  echo "==> Creating VNet: $vnet with CIDR: $vnet_cidr"
+  az network vnet create -g "$RG" -l "$LOCATION" --name "$vnet" --address-prefixes "$vnet_cidr" -o none
+
+  IFS=' ' read -r -a extra_subnet_array <<< "$extra_subnets"
+  IFS=',' read -r -a extra_cidr_array <<< "$extra_cidrs"
+
+  for i in "${!extra_subnet_array[@]}"; do
+    subnet_name="${extra_subnet_array[$i]}"
+    subnet_cidr="${extra_cidr_array[$i]}"
+    echo "==> Creating extra subnet: $subnet_name with CIDR: $subnet_cidr"
+    az network vnet subnet create -g "$RG" \
+       --vnet-name "$vnet" --name "$subnet_name" \
+       --delegations Microsoft.SubnetDelegator/msfttestclients \
+       --address-prefixes "$subnet_cidr" -o none
+  done
+}
+
+delegate_subnet() {
+    local vnet="$1"
+    local subnet="$2"
+    local max_attempts=3
+    local attempt=1
+    
+    echo "==> Delegating subnet: $subnet in VNet: $vnet to Subnet Delegator"
+    subnet_id=$(az network vnet subnet show -g "$RG" --vnet-name "$vnet" -n "$subnet" --query id -o tsv)
+    modified_custsubnet="${subnet_id//\//%2F}"
+    cmd_subnetdelegator_curl="'curl -X PUT \"http://localhost:8080/DelegatedSubnet/$modified_custsubnet\"'"
+    cmd_subnetdelegator_az="az containerapp exec -n subnetdelegator-westus-u3h4j -g subnetdelegator-westus --subscription 9b8218f9-902a-4d20-a65c-e98acec5362f --command $cmd_subnetdelegator_curl"
+    
+    while [ $attempt -le $max_attempts ]; do
+        echo "Attempt $attempt of $max_attempts..."
+        response=$(eval "$cmd_subnetdelegator_az")
+
+        if [[ $response == *"success"* ]]; then
+            echo "Subnet Delegator successfully registered the subnet"
+            return 0
+        else
+            echo "Subnet Delegator failed to register the subnet (attempt $attempt)"
+            echo "Response: $response"
+            
+            if [ $attempt -lt $max_attempts ]; then
+                echo "Retrying in 5 seconds..."
+                sleep 5
+            fi
+        fi
+        
+        ((attempt++))
+    done
+    
+    echo "[ERROR] Failed to delegate subnet after $max_attempts attempts"
+    exit 1
+}
+
 # --- Loop over VNets ---
 for i in "${!VNAMES[@]}"; do
     VNET=${VNAMES[$i]}
@@ -53,26 +114,14 @@ for i in "${!VNAMES[@]}"; do
     EXTRA_SUBNET_CIDRS=${EXTRA_CIDRS_LIST[$i]}
 
     # Create VNet + subnets
-    make -C ./hack/aks swift-delegated-subnet-up \
-      AZCLI=az REGION=$LOCATION GROUP=$RG VNET=$VNET \
-      VNET_CIDR=$VNET_CIDR NODE_SUBNET_CIDR=$NODE_SUBNET_CIDR \
-      EXTRA_SUBNETS="$EXTRA_SUBNETS" EXTRA_SUBNET_CIDRS="$EXTRA_SUBNET_CIDRS" \
-      && echo "Created $VNET with subnets $EXTRA_SUBNETS"
-
-    verify_vnet "$RG" "$VNET"   # Verify VNet
-
-    # Loop over extra subnets to verify and create dummy clusters to delegate the pod subnets.
+    create_vnet_subets "$VNET" "$VNET_CIDR" "$NODE_SUBNET_CIDR" "$EXTRA_SUBNETS" "$EXTRA_SUBNET_CIDRS"
+    verify_vnet "$VNET"  
+    # Loop over extra subnets to verify and delegate the pod subnets.
     for PODSUBNET in $EXTRA_SUBNETS; do
-        verify_subnet "$RG" "$VNET" "$PODSUBNET"
-        if [[ "$PODSUBNET" == "pe" ]]; then
-            # Skip creating dummy cluster for private endpoint subnet.
-            continue
+        verify_subnet "$VNET" "$PODSUBNET"
+        if [[ "$PODSUBNET" != "pe" ]]; then
+            delegate_subnet "$VNET" "$PODSUBNET"
         fi
-        cluster_name="${BUILD_ID}-${VNET}-${PODSUBNET}"
-        make -C ./hack/aks swiftv2-dummy-cluster-subnet-delegator-up \
-            AZCLI=az CLUSTER=$cluster_name GROUP=$RG REGION=$LOCATION \
-            SUB=$SUB_ID VNET=$VNET POD_SUBNET=$PODSUBNET \
-            && echo "Created dummy cluster for $VNET subnet $PODSUBNET"
     done
 done
 

hack/aks/Makefile

@@ -123,16 +123,6 @@ rg-up: ## Create resource group
 rg-down: ## Delete resource group
 	$(AZCLI) group delete -g $(GROUP) --yes
 
-swift-delegated-subnet-up: ## Create VNet, node subnet, and optional extra subnets
-	$(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes $(VNET_CIDR) -o none
-	$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes $(NODE_SUBNET_CIDR) -o none
-	@i=1; \
-	for subnet in $(EXTRA_SUBNETS); do \
-		prefix=$$(echo $(EXTRA_SUBNET_CIDRS) | cut -d',' -f$$i); \
-		$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name $$subnet --address-prefixes $$prefix -o none; \
-		i=$$((i+1)); \
-	done
-
 swift-net-up: ## Create vnet, nodenet and podnet subnets
 	$(AZCLI) network vnet create -g $(GROUP) -l $(REGION) --name $(VNET) --address-prefixes 10.0.0.0/8 -o none
 	$(AZCLI) network vnet subnet create -g $(GROUP) --vnet-name $(VNET) --name nodenet --address-prefixes 10.240.0.0/16 -o none