Skip to content

Commit 8fefb1a

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #3340 from giantswarm/more-peering-properties-clean
Enable setting VNet peering properties
2 parents aac9126 + 82d0936 commit 8fefb1a

File tree

8 files changed

+540
-36
lines changed

8 files changed

+540
-36
lines changed

api/v1beta1/types.go

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,41 @@ type VnetPeeringClassSpec struct {
124124

125125
// RemoteVnetName defines name of the remote virtual network.
126126
RemoteVnetName string `json:"remoteVnetName"`
127+
128+
// ForwardPeeringProperties specifies VnetPeeringProperties for peering from the cluster's virtual network to the
129+
// remote virtual network.
130+
// +optional
131+
ForwardPeeringProperties VnetPeeringProperties `json:"forwardPeeringProperties,omitempty"`
132+
133+
// ReversePeeringProperties specifies VnetPeeringProperties for peering from the remote virtual network to the
134+
// cluster's virtual network.
135+
// +optional
136+
ReversePeeringProperties VnetPeeringProperties `json:"reversePeeringProperties,omitempty"`
137+
}
138+
139+
// VnetPeeringProperties specifies virtual network peering properties.
140+
type VnetPeeringProperties struct {
141+
// AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be
142+
// allowed/disallowed in remote virtual network.
143+
// +optional
144+
AllowForwardedTraffic *bool `json:"allowForwardedTraffic,omitempty"`
145+
146+
// AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual
147+
// network.
148+
// +optional
149+
AllowGatewayTransit *bool `json:"allowGatewayTransit,omitempty"`
150+
151+
// AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access
152+
// the VMs in remote virtual network space.
153+
// +optional
154+
AllowVirtualNetworkAccess *bool `json:"allowVirtualNetworkAccess,omitempty"`
155+
156+
// UseRemoteGateways specifies if remote gateways can be used on this virtual network.
157+
// If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network
158+
// will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true.
159+
// This flag cannot be set if virtual network already has a gateway.
160+
// +optional
161+
UseRemoteGateways *bool `json:"useRemoteGateways,omitempty"`
127162
}
128163

129164
// VnetPeerings is a slice of VnetPeering.

api/v1beta1/zz_generated.deepcopy.go

Lines changed: 50 additions & 5 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

azure/scope/cluster.go

Lines changed: 20 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -425,20 +425,28 @@ func (s *ClusterScope) VnetPeeringSpecs() []azure.ResourceSpecGetter {
425425
peeringSpecs := make([]azure.ResourceSpecGetter, 2*len(s.Vnet().Peerings))
426426
for i, peering := range s.Vnet().Peerings {
427427
forwardPeering := &vnetpeerings.VnetPeeringSpec{
428-
PeeringName: azure.GenerateVnetPeeringName(s.Vnet().Name, peering.RemoteVnetName),
429-
SourceVnetName: s.Vnet().Name,
430-
SourceResourceGroup: s.Vnet().ResourceGroup,
431-
RemoteVnetName: peering.RemoteVnetName,
432-
RemoteResourceGroup: peering.ResourceGroup,
433-
SubscriptionID: s.SubscriptionID(),
428+
PeeringName: azure.GenerateVnetPeeringName(s.Vnet().Name, peering.RemoteVnetName),
429+
SourceVnetName: s.Vnet().Name,
430+
SourceResourceGroup: s.Vnet().ResourceGroup,
431+
RemoteVnetName: peering.RemoteVnetName,
432+
RemoteResourceGroup: peering.ResourceGroup,
433+
SubscriptionID: s.SubscriptionID(),
434+
AllowForwardedTraffic: peering.ForwardPeeringProperties.AllowForwardedTraffic,
435+
AllowGatewayTransit: peering.ForwardPeeringProperties.AllowGatewayTransit,
436+
AllowVirtualNetworkAccess: peering.ForwardPeeringProperties.AllowVirtualNetworkAccess,
437+
UseRemoteGateways: peering.ForwardPeeringProperties.UseRemoteGateways,
434438
}
435439
reversePeering := &vnetpeerings.VnetPeeringSpec{
436-
PeeringName: azure.GenerateVnetPeeringName(peering.RemoteVnetName, s.Vnet().Name),
437-
SourceVnetName: peering.RemoteVnetName,
438-
SourceResourceGroup: peering.ResourceGroup,
439-
RemoteVnetName: s.Vnet().Name,
440-
RemoteResourceGroup: s.Vnet().ResourceGroup,
441-
SubscriptionID: s.SubscriptionID(),
440+
PeeringName: azure.GenerateVnetPeeringName(peering.RemoteVnetName, s.Vnet().Name),
441+
SourceVnetName: peering.RemoteVnetName,
442+
SourceResourceGroup: peering.ResourceGroup,
443+
RemoteVnetName: s.Vnet().Name,
444+
RemoteResourceGroup: s.Vnet().ResourceGroup,
445+
SubscriptionID: s.SubscriptionID(),
446+
AllowForwardedTraffic: peering.ReversePeeringProperties.AllowForwardedTraffic,
447+
AllowGatewayTransit: peering.ReversePeeringProperties.AllowGatewayTransit,
448+
AllowVirtualNetworkAccess: peering.ReversePeeringProperties.AllowVirtualNetworkAccess,
449+
UseRemoteGateways: peering.ReversePeeringProperties.UseRemoteGateways,
442450
}
443451
peeringSpecs[i*2] = forwardPeering
444452
peeringSpecs[i*2+1] = reversePeering

0 commit comments

Comments
 (0)