Merge pull request #777 from alexeldeib/ace/ephemeral

 ✨ implement ephemeral os

Author: k8s-ci-robot

api/v1alpha2/azurecluster_conversion.go

@@ -59,6 +59,7 @@ func (src *AzureCluster) ConvertTo(dstRaw conversion.Hub) error { // nolint
 	}
 
 	dst.Status.FailureDomains = restored.Status.FailureDomains
+	dst.Status.Bastion.OSDisk.DiffDiskSettings = restored.Status.Bastion.OSDisk.DiffDiskSettings
 
 	for _, restoredSubnet := range restored.Spec.NetworkSpec.Subnets {
 		if restoredSubnet != nil {

api/v1alpha2/azuremachine_conversion.go

@@ -19,6 +19,7 @@ package v1alpha2
 import (
 	apiconversion "k8s.io/apimachinery/pkg/conversion"
 	infrav1alpha3 "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha3"
+	v1alpha3 "sigs.k8s.io/cluster-api-provider-azure/api/v1alpha3"
 	utilconversion "sigs.k8s.io/cluster-api/util/conversion"
 	"sigs.k8s.io/controller-runtime/pkg/conversion"
 )
@@ -62,6 +63,7 @@ func restoreAzureMachineSpec(restored, dst *infrav1alpha3.AzureMachineSpec) {
 	if len(restored.DataDisks) != 0 {
 		dst.DataDisks = restored.DataDisks
 	}
+	dst.OSDisk.DiffDiskSettings = restored.OSDisk.DiffDiskSettings
 }
 
 // ConvertFrom converts from the Hub version (v1alpha3) to this version.
@@ -186,6 +188,11 @@ func Convert_v1alpha3_Image_To_v1alpha2_Image(in *infrav1alpha3.Image, out *Imag
 	return nil
 }
 
+// Convert_v1alpha3_OSDisk_To_v1alpha2_OSDisk converts between api versions
+func Convert_v1alpha3_OSDisk_To_v1alpha2_OSDisk(in *v1alpha3.OSDisk, out *OSDisk, s apiconversion.Scope) error {
+	return autoConvert_v1alpha3_OSDisk_To_v1alpha2_OSDisk(in, out, s)
+}
+
 func isAzureMarketPlaceImage(in *Image) bool {
 	if in.Publisher == nil || in.Offer == nil || in.SKU == nil || in.Version == nil {
 		return false

api/v1alpha2/zz_generated.conversion.go

@@ -102,6 +102,76 @@ func ValidateOSDisk(osDisk OSDisk, fieldPath *field.Path) field.ErrorList {
 
 	allErrs = append(allErrs, validateStorageAccountType(osDisk.ManagedDisk.StorageAccountType, fieldPath)...)
 
+	if errs := ValidateManagedDisk(osDisk.ManagedDisk, osDisk.ManagedDisk, fieldPath.Child("managedDisk")); len(errs) > 0 {
+		allErrs = append(allErrs, errs...)
+	}
+
+	if err := validateDiffDiskSetings(osDisk.DiffDiskSettings, fieldPath.Child("diffDiskSettings")); err != nil {
+		allErrs = append(allErrs, err)
+	}
+
+	if osDisk.DiffDiskSettings != nil && osDisk.DiffDiskSettings.Option == string(compute.Local) && osDisk.ManagedDisk.StorageAccountType != "Standard_LRS" {
+		allErrs = append(allErrs, field.Invalid(
+			fieldPath.Child("managedDisks").Child("storageAccountType"),
+			osDisk.ManagedDisk.StorageAccountType,
+			"storageAccountType must be Standard_LRS when diffDiskSettings.option is 'Local'",
+		))
+	}
+
+	return allErrs
+}
+
+// ValidateManagedDisk validates updates to the ManagedDisk field.
+func ValidateManagedDisk(old, new ManagedDisk, fieldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+
+	if old.StorageAccountType != new.StorageAccountType {
+		allErrs = append(allErrs, field.Invalid(fieldPath.Child("storageAccountType"), new, "changing storage account type after machine creation is not allowed"))
+	}
+
+	return allErrs
+}
+
+func validateDiffDiskSetings(d *DiffDiskSettings, fldPath *field.Path) *field.Error {
+	if d != nil {
+		if d.Option != string(compute.Local) {
+			return field.Invalid(
+				fldPath.Child("option"),
+				d,
+				fmt.Sprintf("changing ephemeral os settings after machine creation is not allowed"),
+			)
+		}
+	}
+	return nil
+}
+
+func validateDiffDiskSettingsUpdate(old, new *DiffDiskSettings, fieldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+	fldPath := fieldPath.Child("diffDiskSettings")
+
+	if old == nil && new != nil {
+		allErrs = append(allErrs, field.Invalid(fldPath, new, fmt.Sprintf("enabling ephemeral os after machine creation is not allowed")))
+		return allErrs
+	}
+	if old != nil && new == nil {
+		allErrs = append(allErrs, field.Invalid(fldPath, new, fmt.Sprintf("disabling ephemeral os after machine creation is not allowed")))
+		return allErrs
+	}
+
+	if old != nil && new != nil {
+		if old.Option != new.Option {
+			allErrs = append(
+				allErrs,
+				field.Invalid(
+					fldPath.Child("option"),
+					new,
+					fmt.Sprintf("changing ephemeral os settings after machine creation is not allowed"),
+				),
+			)
+			return allErrs
+		}
+	}
+
 	return allErrs
 }
 

api/v1alpha3/azuremachine_validation.go

@@ -20,9 +20,12 @@ import (
 	"crypto/rand"
 	"crypto/rsa"
 	"encoding/base64"
-	"github.com/Azure/go-autorest/autorest/to"
+	"fmt"
 	"testing"
 
+	"github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2020-06-01/compute"
+	"github.com/Azure/go-autorest/autorest/to"
+
 	. "github.com/onsi/gomega"
 	"golang.org/x/crypto/ssh"
 	"k8s.io/apimachinery/pkg/util/validation/field"
@@ -81,6 +84,20 @@ func TestAzureMachine_ValidateOSDisk(t *testing.T) {
 			wantErr: false,
 			osDisk:  generateValidOSDisk(),
 		},
+		{
+			name:    "valid ephemeral os disk spec",
+			wantErr: false,
+			osDisk: OSDisk{
+				DiskSizeGB: 30,
+				OSType:     "blah",
+				DiffDiskSettings: &DiffDiskSettings{
+					Option: string(compute.Local),
+				},
+				ManagedDisk: ManagedDisk{
+					StorageAccountType: "Standard_LRS",
+				},
+			},
+		},
 	}
 	testcases = append(testcases, generateNegativeTestCases()...)
 
@@ -137,11 +154,21 @@ func generateNegativeTestCases() []osDiskTestInput {
 				StorageAccountType: "invalid_type",
 			},
 		},
+		{
+			DiskSizeGB: 30,
+			OSType:     "blah",
+			ManagedDisk: ManagedDisk{
+				StorageAccountType: "Premium_LRS",
+			},
+			DiffDiskSettings: &DiffDiskSettings{
+				Option: string(compute.Local),
+			},
+		},
 	}
 
-	for _, input := range invalidDiskSpecs {
+	for i, input := range invalidDiskSpecs {
 		inputs = append(inputs, osDiskTestInput{
-			name:    testCaseName,
+			name:    fmt.Sprintf("%s-%d", testCaseName, i),
 			wantErr: true,
 			osDisk:  input,
 		})
@@ -159,7 +186,6 @@ func generateValidOSDisk() OSDisk {
 		},
 	}
 }
-
 func TestAzureMachine_ValidateDataDisks(t *testing.T) {
 	g := NewWithT(t)
 

api/v1alpha3/azuremachine_validation_test.go

@@ -71,10 +71,12 @@ func (m *AzureMachine) ValidateCreate() error {
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (m *AzureMachine) ValidateUpdate(old runtime.Object) error {
+func (m *AzureMachine) ValidateUpdate(oldRaw runtime.Object) error {
 	machinelog.Info("validate update", "name", m.Name)
 	var allErrs field.ErrorList
 
+	old := oldRaw.(*AzureMachine)
+
 	if errs := ValidateSSHKey(m.Spec.SSHPublicKey, field.NewPath("sshPublicKey")); len(errs) > 0 {
 		allErrs = append(allErrs, errs...)
 	}
@@ -87,6 +89,14 @@ func (m *AzureMachine) ValidateUpdate(old runtime.Object) error {
 		allErrs = append(allErrs, errs...)
 	}
 
+	if errs := ValidateManagedDisk(old.Spec.OSDisk.ManagedDisk, m.Spec.OSDisk.ManagedDisk, field.NewPath("osDisk").Child("managedDisk")); len(errs) > 0 {
+		allErrs = append(allErrs, errs...)
+	}
+
+	if errs := validateDiffDiskSettingsUpdate(old.Spec.OSDisk.DiffDiskSettings, m.Spec.OSDisk.DiffDiskSettings, field.NewPath("osDisk").Child("diffDiskSettings")); len(errs) > 0 {
+		allErrs = append(allErrs, errs...)
+	}
+
 	if len(allErrs) == 0 {
 		return nil
 	}

api/v1alpha3/azuremachine_webhook.go

@@ -307,9 +307,10 @@ type UserAssignedIdentity struct {
 
 // OSDisk defines the operating system disk for a VM.
 type OSDisk struct {
-	OSType      string      `json:"osType"`
-	DiskSizeGB  int32       `json:"diskSizeGB"`
-	ManagedDisk ManagedDisk `json:"managedDisk"`
+	OSType           string            `json:"osType"`
+	DiskSizeGB       int32             `json:"diskSizeGB"`
+	ManagedDisk      ManagedDisk       `json:"managedDisk"`
+	DiffDiskSettings *DiffDiskSettings `json:"diffDiskSettings,omitempty"`
 }
 
 // DataDisk specifies the parameters that are used to add one or more data disks to the machine.
@@ -329,6 +330,14 @@ type ManagedDisk struct {
 	StorageAccountType string `json:"storageAccountType"`
 }
 
+// DiffDiskSettings describe ephemeral disk settings for the os disk.
+type DiffDiskSettings struct {
+	// Option enables ephemeral OS when set to "Local"
+	// See https://docs.microsoft.com/en-us/azure/virtual-machines/linux/ephemeral-os-disks for full details
+	// +kubebuilder:validation:Enum=Local
+	Option string `json:"option"`
+}
+
 // SubnetRole defines the unique role of a subnet.
 type SubnetRole string
 

api/v1alpha3/types.go

@@ -31,6 +31,7 @@ import (
 type Client interface {
 	List(context.Context, string) ([]compute.ResourceSku, error)
 	HasAcceleratedNetworking(context.Context, string) (bool, error)
+	HasEphemeralOSDiskSupport(context.Context, string) (bool, error)
 }
 
 // AzureClient contains the Azure go-sdk Client
@@ -98,3 +99,29 @@ func (ac *AzureClient) HasAcceleratedNetworking(ctx context.Context, name string
 	}
 	return false, nil
 }
+
+// HasEphemeralOSDiskSupport returns whether the given compute SKU supports ephemeral os.
+func (ac *AzureClient) HasEphemeralOSDiskSupport(ctx context.Context, name string) (bool, error) {
+	if name == "" {
+		return false, nil
+	}
+	skus, err := ac.List(ctx, "") // "filter" argument only works for location, so filter in code
+	if err != nil {
+		return false, err
+	}
+	for _, sku := range skus {
+		if sku.Name != nil && *sku.Name == name {
+			if sku.Capabilities != nil {
+				for _, c := range *sku.Capabilities {
+					if c.Name != nil && *c.Name == "EphemeralOSDiskSupported" {
+						if c.Value != nil && strings.EqualFold(*c.Value, "True") {
+							return true, nil
+						}
+					}
+				}
+			}
+			break
+		}
+	}
+	return false, nil
+}