Merge pull request #2667 from spectrocloud/support-cross-rg

AKS virtual network static placement for cross RG

Author: k8s-ci-robot

azure/scope/managedcontrolplane.go

@@ -211,7 +211,7 @@ func (s *ManagedControlPlaneScope) Close(ctx context.Context) error {
 // Vnet returns the cluster Vnet.
 func (s *ManagedControlPlaneScope) Vnet() *infrav1.VnetSpec {
 	return &infrav1.VnetSpec{
-		ResourceGroup: s.ControlPlane.Spec.ResourceGroupName,
+		ResourceGroup: s.ControlPlane.Spec.VirtualNetwork.ResourceGroup,
 		Name:          s.ControlPlane.Spec.VirtualNetwork.Name,
 		VnetClassSpec: infrav1.VnetClassSpec{
 			CIDRBlocks: []string{s.ControlPlane.Spec.VirtualNetwork.CIDRBlock},
@@ -424,7 +424,7 @@ func (s *ManagedControlPlaneScope) ManagedClusterSpec(ctx context.Context) azure
 		DNSServiceIP:      s.ControlPlane.Spec.DNSServiceIP,
 		VnetSubnetID: azure.SubnetID(
 			s.ControlPlane.Spec.SubscriptionID,
-			s.ControlPlane.Spec.ResourceGroupName,
+			s.VNetSpec().ResourceGroupName(),
 			s.ControlPlane.Spec.VirtualNetwork.Name,
 			s.ControlPlane.Spec.VirtualNetwork.Subnet.Name,
 		),

azure/scope/managedmachinepool.go

@@ -165,7 +165,7 @@ func buildAgentPoolSpec(managedControlPlane *infrav1exp.AzureManagedControlPlane
 		OSType:        managedMachinePool.Spec.OSType,
 		VnetSubnetID: azure.SubnetID(
 			managedControlPlane.Spec.SubscriptionID,
-			managedControlPlane.Spec.ResourceGroupName,
+			managedControlPlane.Spec.VirtualNetwork.ResourceGroup,
 			managedControlPlane.Spec.VirtualNetwork.Name,
 			managedControlPlane.Spec.VirtualNetwork.Subnet.Name,
 		),

config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml

@@ -733,6 +733,10 @@ spec:
                     type: string
                   name:
                     type: string
+                  resourceGroup:
+                    description: ResourceGroup is the name of the Azure resource group
+                      for the VNet and Subnet.
+                    type: string
                   subnet:
                     description: ManagedControlPlaneSubnet describes a subnet for
                       an AKS cluster.

docs/book/src/topics/managedcluster.md

@@ -175,6 +175,29 @@ should be fairly clear from context.
 | networkPolicy             | azure, calico                 |
 
 
+### Use an existing Virtual Network to provision an AKS cluster.
+
+If you'd like to deploy your AKS cluster in an existing Virtual Network, but create the cluster itself in a different resource group, you can configure the AzureManagedControlPlane resource with a reference to the existing Virtual Network and subnet. For example:
+
+```yaml
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AzureManagedControlPlane
+metadata:
+  name: my-cluster-control-plane
+spec:
+  location: southcentralus
+  resourceGroupName: foo-bar
+  sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
+  subscriptionID: 00000000-0000-0000-0000-000000000000 # fake uuid
+  version: v1.21.2
+  virtualNetwork:
+    cidrBlock: 10.0.0.0/8
+    name: test-vnet
+    resourceGroup: test-rg
+    subnet:
+      cidrBlock: 10.0.2.0/24
+      name: test-subnet  
+```
 ### Multitenancy
 
 Multitenancy for managed clusters can be configured by using `aks-multi-tenancy` flavor. The steps for creating an azure managed identity and mapping it to an `AzureClusterIdentity` are similar to the ones described [here](https://capz.sigs.k8s.io/topics/multitenancy.html).
@@ -451,6 +474,7 @@ Following is the list of immutable fields for managed clusters:
 | AzureManagedControlPlane  | .spec.networkPolicy          |                           |
 | AzureManagedControlPlane  | .spec.loadBalancerSKU        |                           |
 | AzureManagedControlPlane  | .spec.apiServerAccessProfile | except AuthorizedIPRanges |
+| AzureManagedControlPlane  | .spec.virtualNetwork         |                           |
 | AzureManagedMachinePool   | .spec.sku                    |                           |
 | AzureManagedMachinePool   | .spec.osDiskSizeGB           |                           |
 | AzureManagedMachinePool   | .spec.osDiskType             |                           |

exp/api/v1alpha3/azuremanagedcontrolplane_conversion.go

@@ -41,6 +41,7 @@ func (src *AzureManagedControlPlane) ConvertTo(dstRaw conversion.Hub) error {
 	dst.Spec.LoadBalancerProfile = restored.Spec.LoadBalancerProfile
 	dst.Spec.APIServerAccessProfile = restored.Spec.APIServerAccessProfile
 	dst.Spec.AddonProfiles = restored.Spec.AddonProfiles
+	dst.Spec.VirtualNetwork.ResourceGroup = restored.Spec.VirtualNetwork.ResourceGroup
 
 	dst.Status.LongRunningOperationStates = restored.Status.LongRunningOperationStates
 	dst.Status.Conditions = restored.Status.Conditions
@@ -81,3 +82,13 @@ func (dst *AzureManagedControlPlaneList) ConvertFrom(srcRaw conversion.Hub) erro
 	src := srcRaw.(*infrav1exp.AzureManagedControlPlaneList)
 	return Convert_v1beta1_AzureManagedControlPlaneList_To_v1alpha3_AzureManagedControlPlaneList(src, dst, nil)
 }
+
+// Convert_v1beta1_ManagedControlPlaneVirtualNetwork_To_v1alpha3_ManagedControlPlaneVirtualNetwork converts v1beta1 ManagedControlPlaneVirtualNetwork to v1alpha3 ManagedControlPlaneVirtualNetwork.
+func Convert_v1beta1_ManagedControlPlaneVirtualNetwork_To_v1alpha3_ManagedControlPlaneVirtualNetwork(in *infrav1exp.ManagedControlPlaneVirtualNetwork, out *ManagedControlPlaneVirtualNetwork, s apiconversion.Scope) error {
+	out.Name = in.Name
+	out.Subnet.Name = in.Subnet.Name
+	out.Subnet.CIDRBlock = in.Subnet.CIDRBlock
+	out.CIDRBlock = in.CIDRBlock
+
+	return nil
+}

exp/api/v1alpha3/zz_generated.conversion.go

@@ -38,6 +38,7 @@ func (src *AzureManagedControlPlane) ConvertTo(dstRaw conversion.Hub) error {
 
 	dst.Spec.AddonProfiles = restored.Spec.AddonProfiles
 	dst.Status.Conditions = restored.Status.Conditions
+	dst.Spec.VirtualNetwork.ResourceGroup = restored.Spec.VirtualNetwork.ResourceGroup
 
 	return nil
 }
@@ -74,3 +75,12 @@ func (dst *AzureManagedControlPlaneList) ConvertFrom(srcRaw conversion.Hub) erro
 	src := srcRaw.(*infrav1exp.AzureManagedControlPlaneList)
 	return Convert_v1beta1_AzureManagedControlPlaneList_To_v1alpha4_AzureManagedControlPlaneList(src, dst, nil)
 }
+
+// Convert_v1beta1_ManagedControlPlaneVirtualNetwork_To_v1alpha4_ManagedControlPlaneVirtualNetwork converts v1beta1 ManagedControlPlaneVirtualNetwork to v1alpha4 ManagedControlPlaneVirtualNetwork.
+func Convert_v1beta1_ManagedControlPlaneVirtualNetwork_To_v1alpha4_ManagedControlPlaneVirtualNetwork(in *infrav1exp.ManagedControlPlaneVirtualNetwork, out *ManagedControlPlaneVirtualNetwork, s apiconversion.Scope) error {
+	out.Name = in.Name
+	out.Subnet.Name = in.Subnet.Name
+	out.Subnet.CIDRBlock = in.Subnet.CIDRBlock
+	out.CIDRBlock = in.CIDRBlock
+	return nil
+}

exp/api/v1alpha4/azuremanagedcontrolplane_conversion.go

@@ -60,6 +60,9 @@ func (m *AzureManagedControlPlane) setDefaultVirtualNetwork() {
 	if m.Spec.VirtualNetwork.CIDRBlock == "" {
 		m.Spec.VirtualNetwork.CIDRBlock = defaultAKSVnetCIDR
 	}
+	if m.Spec.VirtualNetwork.ResourceGroup == "" {
+		m.Spec.VirtualNetwork.ResourceGroup = m.Spec.ResourceGroupName
+	}
 }
 
 // setDefaultSubnet sets the default Subnet for an AzureManagedControlPlane.

exp/api/v1alpha4/zz_generated.conversion.go

@@ -210,6 +210,9 @@ type ManagedControlPlaneVirtualNetwork struct {
 	CIDRBlock string `json:"cidrBlock"`
 	// +optional
 	Subnet ManagedControlPlaneSubnet `json:"subnet,omitempty"`
+	// ResourceGroup is the name of the Azure resource group for the VNet and Subnet.
+	// +optional
+	ResourceGroup string `json:"resourceGroup,omitempty"`
 }
 
 // ManagedControlPlaneSubnet describes a subnet for an AKS cluster.