Merge pull request #893 from CecileRobertMichon/fix-nic

🐛  don't update network interface if it already exists

Author: k8s-ci-robot

cloud/services/bastionhosts/bastionhosts.go

@@ -110,7 +110,7 @@ func (s *Service) Delete(ctx context.Context) error {
 		err := s.Client.Delete(ctx, s.Scope.ResourceGroup(), bastionSpec.Name)
 		if err != nil && azure.ResourceNotFound(err) {
 			// already deleted
-			return nil
+			continue
 		}
 		if err != nil {
 			return errors.Wrapf(err, "failed to delete Bastion Host %s in resource group %s", bastionSpec.Name, s.Scope.ResourceGroup())

cloud/services/bastionhosts/bastionhosts_test.go

@@ -309,10 +309,17 @@ func TestDeleteBastionHost(t *testing.T) {
 						SubnetName:   "my-subnet",
 						PublicIPName: "my-publicip",
 					},
+					{
+						Name:         "my-bastionhost1",
+						VNetName:     "my-vnet",
+						SubnetName:   "my-subnet",
+						PublicIPName: "my-publicip",
+					},
 				})
 				s.ResourceGroup().AnyTimes().Return("my-rg")
 				m.Delete(context.TODO(), "my-rg", "my-bastionhost").
 					Return(autorest.NewErrorWithResponse("", "", &http.Response{StatusCode: 404}, "Not found"))
+				m.Delete(context.TODO(), "my-rg", "my-bastionhost1")
 			},
 		},
 		{

cloud/services/disks/disks.go

@@ -36,7 +36,7 @@ func (s *Service) Delete(ctx context.Context) error {
 		err := s.Client.Delete(ctx, s.Scope.ResourceGroup(), diskSpec.Name)
 		if err != nil && azure.ResourceNotFound(err) {
 			// already deleted
-			return nil
+			continue
 		}
 		if err != nil {
 			return errors.Wrapf(err, "failed to delete disk %s in resource group %s", diskSpec.Name, s.Scope.ResourceGroup())

cloud/services/disks/disks_test.go

@@ -64,9 +64,13 @@ func TestDeleteDisk(t *testing.T) {
 					{
 						Name: "my-disk-1",
 					},
+					{
+						Name: "my-disk-2",
+					},
 				})
 				s.ResourceGroup().AnyTimes().Return("my-rg")
 				m.Delete(context.TODO(), "my-rg", "my-disk-1").Return(autorest.NewErrorWithResponse("", "", &http.Response{StatusCode: 404}, "Not Found"))
+				m.Delete(context.TODO(), "my-rg", "my-disk-2").Return(autorest.NewErrorWithResponse("", "", &http.Response{StatusCode: 404}, "Not Found"))
 			},
 		},
 		{
@@ -78,6 +82,9 @@ func TestDeleteDisk(t *testing.T) {
 					{
 						Name: "my-disk-1",
 					},
+					{
+						Name: "my-disk-2",
+					},
 				})
 				s.ResourceGroup().AnyTimes().Return("my-rg")
 				m.Delete(context.TODO(), "my-rg", "my-disk-1").Return(autorest.NewErrorWithResponse("", "", &http.Response{StatusCode: 500}, "Internal Server Error"))

cloud/services/inboundnatrules/inboundnatrules.go

@@ -30,9 +30,6 @@ func (s *Service) Reconcile(ctx context.Context) error {
 	for _, inboundNatSpec := range s.Scope.InboundNatSpecs() {
 		s.Scope.V(2).Info("creating inbound NAT rule", "NAT rule", inboundNatSpec.Name)
 
-		var sshFrontendPort int32 = 22
-		ports := make(map[int32]struct{})
-
 		lb, err := s.LoadBalancersClient.Get(ctx, s.Scope.ResourceGroup(), inboundNatSpec.LoadBalancerName)
 		if err != nil {
 			return errors.Wrapf(err, "failed to get Load Balancer %s", inboundNatSpec.LoadBalancerName)
@@ -41,28 +38,18 @@ func (s *Service) Reconcile(ctx context.Context) error {
 		if lb.LoadBalancerPropertiesFormat == nil || lb.FrontendIPConfigurations == nil || lb.InboundNatRules == nil {
 			return errors.Errorf("Could not get existing inbound NAT rules from load balancer %s properties", to.String(lb.Name))
 		}
-		for _, v := range *lb.InboundNatRules {
-			if to.String(v.Name) == inboundNatSpec.Name {
-				// Inbound NAT Rule already exists, nothing to do here.
-				s.Scope.V(2).Info("NAT rule already exists", "NAT rule", inboundNatSpec.Name)
-				return nil
-			}
-			ports[*v.InboundNatRulePropertiesFormat.FrontendPort] = struct{}{}
+
+		ports := make(map[int32]struct{})
+		if s.natRuleExists(ports)(*lb.InboundNatRules, inboundNatSpec.Name) {
+			// Inbound NAT Rule already exists, nothing to do here.
+			continue
 		}
-		if _, ok := ports[22]; ok {
-			var i int32
-			found := false
-			for i = 2201; i < 2220; i++ {
-				if _, ok := ports[i]; !ok {
-					sshFrontendPort = i
-					found = true
-					break
-				}
-			}
-			if !found {
-				return errors.Errorf("Failed to find available SSH Frontend port for NAT Rule %s in load balancer %s", inboundNatSpec.Name, to.String(lb.Name))
-			}
+
+		sshFrontendPort, err := s.getAvailablePort(ports)
+		if err != nil {
+			return errors.Wrapf(err, "failed to find available SSH Frontend port for NAT Rule %s in load balancer %s", inboundNatSpec.Name, to.String(lb.Name))
 		}
+
 		rule := network.InboundNatRule{
 			Name: to.StringPtr(inboundNatSpec.Name),
 			InboundNatRulePropertiesFormat: &network.InboundNatRulePropertiesFormat{
@@ -101,3 +88,31 @@ func (s *Service) Delete(ctx context.Context) error {
 	}
 	return nil
 }
+
+func (s *Service) natRuleExists(ports map[int32]struct{}) func([]network.InboundNatRule, string) bool {
+	return func(rules []network.InboundNatRule, name string) bool {
+		for _, v := range rules {
+			if to.String(v.Name) == name {
+				s.Scope.V(2).Info("NAT rule already exists", "NAT rule", name)
+				return true
+			}
+			ports[*v.InboundNatRulePropertiesFormat.FrontendPort] = struct{}{}
+		}
+		return false
+	}
+}
+
+func (s *Service) getAvailablePort(ports map[int32]struct{}) (int32, error) {
+	var i int32 = 22
+	if _, ok := ports[22]; ok {
+		for i = 2201; i < 2220; i++ {
+			if _, ok := ports[i]; !ok {
+				s.Scope.V(2).Info("Found available port", "port", i)
+				return i, nil
+			}
+		}
+		return i, errors.Errorf("No available SSH Frontend ports")
+	}
+	s.Scope.V(2).Info("Found available port", "port", i)
+	return i, nil
+}

cloud/services/inboundnatrules/inboundnatrules_test.go

@@ -172,6 +172,10 @@ func TestReconcileInboundNATRule(t *testing.T) {
 						Name:             "my-machine-nat-rule",
 						LoadBalancerName: "my-public-lb",
 					},
+					{
+						Name:             "my-other-nat-rule",
+						LoadBalancerName: "my-other-public-lb",
+					},
 				})
 				s.ResourceGroup().AnyTimes().Return("my-rg")
 				s.Location().AnyTimes().Return("fake-location")
@@ -202,7 +206,19 @@ func TestReconcileInboundNATRule(t *testing.T) {
 									},
 								},
 							},
-						}}, nil))
+						}}, nil),
+					mLoadBalancer.Get(context.TODO(), "my-rg", "my-other-public-lb").Return(network.LoadBalancer{
+						Name: to.StringPtr("my-other-public-lb"),
+						ID:   pointer.StringPtr("my-public-lb-id"),
+						LoadBalancerPropertiesFormat: &network.LoadBalancerPropertiesFormat{
+							FrontendIPConfigurations: &[]network.FrontendIPConfiguration{
+								{
+									ID: to.StringPtr("frontend-ip-config-id"),
+								},
+							},
+							InboundNatRules: &[]network.InboundNatRule{},
+						}}, nil),
+					m.CreateOrUpdate(context.TODO(), "my-rg", "my-other-public-lb", "my-other-nat-rule", gomock.AssignableToTypeOf(network.InboundNatRule{})))
 			},
 		},
 	}
@@ -325,3 +341,201 @@ func TestDeleteNetworkInterface(t *testing.T) {
 		})
 	}
 }
+
+func TestNatRuleExists(t *testing.T) {
+	testcases := []struct {
+		name           string
+		ruleName       string
+		existingRules  []network.InboundNatRule
+		expectedResult bool
+		expectedPorts  map[int32]struct{}
+		expect         func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+			m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder)
+	}{
+		{
+			name:     "Rule exists",
+			ruleName: "my-rule",
+			existingRules: []network.InboundNatRule{
+				{
+					InboundNatRulePropertiesFormat: &network.InboundNatRulePropertiesFormat{
+						FrontendPort: to.Int32Ptr(2201),
+					},
+					Name: to.StringPtr("some-rule"),
+				},
+				{
+					InboundNatRulePropertiesFormat: &network.InboundNatRulePropertiesFormat{
+						FrontendPort: to.Int32Ptr(22),
+					},
+					Name: to.StringPtr("my-rule"),
+				},
+			},
+			expectedResult: true,
+			expect: func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+				m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder) {
+				s.V(gomock.AssignableToTypeOf(2)).Return(klogr.New())
+			},
+		},
+		{
+			name:     "Rule doesn't exist",
+			ruleName: "my-rule",
+			existingRules: []network.InboundNatRule{
+				{
+					InboundNatRulePropertiesFormat: &network.InboundNatRulePropertiesFormat{
+						FrontendPort: to.Int32Ptr(22),
+					},
+					Name: to.StringPtr("other-rule"),
+				},
+				{
+					InboundNatRulePropertiesFormat: &network.InboundNatRulePropertiesFormat{
+						FrontendPort: to.Int32Ptr(2205),
+					},
+					Name: to.StringPtr("other-rule-2"),
+				},
+			},
+			expectedResult: false,
+			expectedPorts: map[int32]struct{}{
+				22:   {},
+				2205: {},
+			},
+			expect: func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+				m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder) {
+			},
+		},
+		{
+			name:           "No rules exist",
+			ruleName:       "my-rule",
+			existingRules:  []network.InboundNatRule{},
+			expectedResult: false,
+			expectedPorts:  map[int32]struct{}{},
+			expect: func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+				m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder) {
+			},
+		},
+	}
+
+	for _, tc := range testcases {
+		tc := tc
+		t.Run(tc.name, func(t *testing.T) {
+			g := NewWithT(t)
+			t.Parallel()
+			mockCtrl := gomock.NewController(t)
+			defer mockCtrl.Finish()
+			scopeMock := mock_inboundnatrules.NewMockInboundNatScope(mockCtrl)
+			clientMock := mock_inboundnatrules.NewMockClient(mockCtrl)
+			loadBalancerMock := mock_loadbalancers.NewMockClient(mockCtrl)
+
+			tc.expect(scopeMock.EXPECT(), clientMock.EXPECT(), loadBalancerMock.EXPECT())
+
+			s := &Service{
+				Scope:               scopeMock,
+				Client:              clientMock,
+				LoadBalancersClient: loadBalancerMock,
+			}
+
+			ports := make(map[int32]struct{})
+			exists := s.natRuleExists(ports)(tc.existingRules, tc.ruleName)
+			g.Expect(exists).To(Equal(tc.expectedResult))
+			if !exists {
+				g.Expect(ports).To(Equal(tc.expectedPorts))
+			}
+		})
+	}
+}
+
+func TestGetAvailablePort(t *testing.T) {
+	testcases := []struct {
+		name               string
+		portsInput         map[int32]struct{}
+		expectedError      string
+		expectedPortResult int32
+		expect             func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+			m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder)
+	}{
+		{
+			name:               "Empty ports",
+			portsInput:         map[int32]struct{}{},
+			expectedError:      "",
+			expectedPortResult: 22,
+			expect: func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+				m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder) {
+				s.V(gomock.AssignableToTypeOf(2)).Return(klogr.New())
+			},
+		},
+		{
+			name: "22 taken",
+			portsInput: map[int32]struct{}{
+				22: {},
+			},
+			expectedError:      "",
+			expectedPortResult: 2201,
+			expect: func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+				m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder) {
+				s.V(gomock.AssignableToTypeOf(2)).Return(klogr.New())
+			},
+		},
+		{
+			name: "Existing ports",
+			portsInput: map[int32]struct{}{
+				22:   {},
+				2201: {},
+				2202: {},
+				2204: {},
+			},
+			expectedError:      "",
+			expectedPortResult: 2203,
+			expect: func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+				m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder) {
+				s.V(gomock.AssignableToTypeOf(2)).Return(klogr.New())
+			},
+		},
+		{
+			name:               "No ports available",
+			portsInput:         getFullPortsMap(),
+			expectedError:      "No available SSH Frontend ports",
+			expectedPortResult: 0,
+			expect: func(s *mock_inboundnatrules.MockInboundNatScopeMockRecorder,
+				m *mock_inboundnatrules.MockClientMockRecorder, mLoadBalancer *mock_loadbalancers.MockClientMockRecorder) {
+			},
+		},
+	}
+
+	for _, tc := range testcases {
+		tc := tc
+		t.Run(tc.name, func(t *testing.T) {
+			g := NewWithT(t)
+			t.Parallel()
+			mockCtrl := gomock.NewController(t)
+			defer mockCtrl.Finish()
+			scopeMock := mock_inboundnatrules.NewMockInboundNatScope(mockCtrl)
+			clientMock := mock_inboundnatrules.NewMockClient(mockCtrl)
+			loadBalancerMock := mock_loadbalancers.NewMockClient(mockCtrl)
+
+			tc.expect(scopeMock.EXPECT(), clientMock.EXPECT(), loadBalancerMock.EXPECT())
+
+			s := &Service{
+				Scope:               scopeMock,
+				Client:              clientMock,
+				LoadBalancersClient: loadBalancerMock,
+			}
+
+			res, err := s.getAvailablePort(tc.portsInput)
+			if tc.expectedError != "" {
+				g.Expect(err).To(HaveOccurred())
+				g.Expect(err).To(MatchError(tc.expectedError))
+			} else {
+				g.Expect(err).NotTo(HaveOccurred())
+				g.Expect(res).To(Equal(tc.expectedPortResult))
+			}
+		})
+	}
+}
+
+func getFullPortsMap() map[int32]struct{} {
+	res := map[int32]struct{}{
+		22: {},
+	}
+	for i := 2201; i < 2220; i++ {
+		res[int32(i)] = struct{}{}
+	}
+	return res
+}