Merge pull request #3046 from bmiguel-teixeira/main

k8s-ci-robot · web-flow · commit cd841257e3ac · 2023-01-24T18:02:18.000-08:00
feat/ add outboundType support
diff --git a/api/v1alpha3/azuremanagedcontrolplane_conversion.go b/api/v1alpha3/azuremanagedcontrolplane_conversion.go
@@ -44,6 +44,7 @@ func (src *AzureManagedControlPlane) ConvertTo(dstRaw conversion.Hub) error {
 	dst.Spec.VirtualNetwork.ResourceGroup = restored.Spec.VirtualNetwork.ResourceGroup
 	dst.Spec.VirtualNetwork.Subnet.ServiceEndpoints = restored.Spec.VirtualNetwork.Subnet.ServiceEndpoints
 	dst.Spec.AutoScalerProfile = restored.Spec.AutoScalerProfile
+	dst.Spec.OutboundType = restored.Spec.OutboundType
 
 	dst.Status.LongRunningOperationStates = restored.Status.LongRunningOperationStates
 	dst.Status.Conditions = restored.Status.Conditions
diff --git a/api/v1alpha3/zz_generated.conversion.go b/api/v1alpha3/zz_generated.conversion.go
diff --git a/api/v1alpha4/azuremanagedcontrolplane_conversion.go b/api/v1alpha4/azuremanagedcontrolplane_conversion.go
@@ -41,6 +41,7 @@ func (src *AzureManagedControlPlane) ConvertTo(dstRaw conversion.Hub) error {
 	dst.Spec.VirtualNetwork.ResourceGroup = restored.Spec.VirtualNetwork.ResourceGroup
 	dst.Spec.VirtualNetwork.Subnet.ServiceEndpoints = restored.Spec.VirtualNetwork.Subnet.ServiceEndpoints
 	dst.Spec.AutoScalerProfile = restored.Spec.AutoScalerProfile
+	dst.Spec.OutboundType = restored.Spec.OutboundType
 
 	return nil
 }
diff --git a/api/v1alpha4/zz_generated.conversion.go b/api/v1alpha4/zz_generated.conversion.go
diff --git a/api/v1beta1/azuremanagedcontrolplane_types.go b/api/v1beta1/azuremanagedcontrolplane_types.go
@@ -34,6 +34,20 @@ const (
 	PrivateDNSZoneModeNone string = "None"
 )
 
+// ManagedControlPlaneOutboundType enumerates the values for the managed control plane OutboundType.
+type ManagedControlPlaneOutboundType string
+
+const (
+	// ManagedControlPlaneOutboundTypeLoadBalancer ...
+	ManagedControlPlaneOutboundTypeLoadBalancer ManagedControlPlaneOutboundType = "loadBalancer"
+	// ManagedControlPlaneOutboundTypeManagedNATGateway ...
+	ManagedControlPlaneOutboundTypeManagedNATGateway ManagedControlPlaneOutboundType = "managedNATGateway"
+	// ManagedControlPlaneOutboundTypeUserAssignedNATGateway ...
+	ManagedControlPlaneOutboundTypeUserAssignedNATGateway ManagedControlPlaneOutboundType = "userAssignedNATGateway"
+	// ManagedControlPlaneOutboundTypeUserDefinedRouting ...
+	ManagedControlPlaneOutboundTypeUserDefinedRouting ManagedControlPlaneOutboundType = "userDefinedRouting"
+)
+
 // AzureManagedControlPlaneSpec defines the desired state of AzureManagedControlPlane.
 type AzureManagedControlPlaneSpec struct {
 	// Version defines the desired Kubernetes version.
@@ -79,6 +93,11 @@ type AzureManagedControlPlaneSpec struct {
 	// +optional
 	NetworkPolicy *string `json:"networkPolicy,omitempty"`
 
+	// Outbound configuration used by Nodes.
+	// +kubebuilder:validation:Enum=loadBalancer;managedNATGateway;userAssignedNATGateway;userDefinedRouting
+	// +optional
+	OutboundType *ManagedControlPlaneOutboundType `json:"outboundType,omitempty"`
+
 	// SSHPublicKey is a string literal containing an ssh public key base64 encoded.
 	SSHPublicKey string `json:"sshPublicKey"`
 
diff --git a/api/v1beta1/azuremanagedcontrolplane_webhook.go b/api/v1beta1/azuremanagedcontrolplane_webhook.go
@@ -225,6 +225,16 @@ func (m *AzureManagedControlPlane) ValidateUpdate(oldRaw runtime.Object, client
 		}
 	}
 
+	// Consider removing this once moves out of preview
+	// Updating outboundType after cluster creation (PREVIEW)
+	// https://learn.microsoft.com/en-us/azure/aks/egress-outboundtype#updating-outboundtype-after-cluster-creation-preview
+	if err := webhookutils.ValidateImmutable(
+		field.NewPath("Spec", "OutboundType"),
+		old.Spec.OutboundType,
+		m.Spec.OutboundType); err != nil {
+		allErrs = append(allErrs, err)
+	}
+
 	if errs := m.validateVirtualNetworkUpdate(old); len(errs) > 0 {
 		allErrs = append(allErrs, errs...)
 	}
diff --git a/api/v1beta1/azuremanagedcontrolplane_webhook_test.go b/api/v1beta1/azuremanagedcontrolplane_webhook_test.go
@@ -1300,6 +1300,26 @@ func TestAzureManagedControlPlane_ValidateUpdate(t *testing.T) {
 			},
 			wantErr: true,
 		},
+		{
+			name: "OutboundType update",
+			oldAMCP: &AzureManagedControlPlane{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "test-cluster",
+				},
+				Spec: AzureManagedControlPlaneSpec{
+					OutboundType: (*ManagedControlPlaneOutboundType)(to.StringPtr(string(ManagedControlPlaneOutboundTypeUserDefinedRouting))),
+				},
+			},
+			amcp: &AzureManagedControlPlane{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "test-cluster",
+				},
+				Spec: AzureManagedControlPlaneSpec{
+					OutboundType: (*ManagedControlPlaneOutboundType)(to.StringPtr(string(ManagedControlPlaneOutboundTypeLoadBalancer))),
+				},
+			},
+			wantErr: true,
+		},
 	}
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
diff --git a/azure/scope/managedcontrolplane.go b/azure/scope/managedcontrolplane.go
@@ -436,6 +436,7 @@ func (s *ManagedControlPlaneScope) ManagedClusterSpec(ctx context.Context) azure
 			s.ControlPlane.Spec.VirtualNetwork.Subnet.Name,
 		),
 		GetAllAgentPools: s.GetAllAgentPoolSpecs,
+		OutboundType:     s.ControlPlane.Spec.OutboundType,
 	}
 
 	if s.ControlPlane.Spec.NetworkPlugin != nil {
diff --git a/azure/scope/managedcontrolplane_test.go b/azure/scope/managedcontrolplane_test.go
@@ -34,6 +34,67 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 )
 
+func TestManagedControlPlaneScope_OutboundType(t *testing.T) {
+	scheme := runtime.NewScheme()
+	_ = expv1.AddToScheme(scheme)
+	_ = infrav1.AddToScheme(scheme)
+	explicitOutboundType := infrav1.ManagedControlPlaneOutboundTypeUserDefinedRouting
+	cases := []struct {
+		Name     string
+		Input    ManagedControlPlaneScopeParams
+		Expected bool
+	}{
+		{
+			Name: "With Explicit OutboundType defined",
+			Input: ManagedControlPlaneScopeParams{
+				Cluster: &clusterv1.Cluster{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "cluster1",
+						Namespace: "default",
+					},
+				},
+				ControlPlane: &infrav1.AzureManagedControlPlane{
+					Spec: infrav1.AzureManagedControlPlaneSpec{
+						SubscriptionID: "00000000-0000-0000-0000-000000000000",
+						OutboundType:   &explicitOutboundType,
+					},
+				},
+			},
+			Expected: false,
+		},
+		{
+			Name: "Without OutboundType defined",
+			Input: ManagedControlPlaneScopeParams{
+				Cluster: &clusterv1.Cluster{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "cluster1",
+						Namespace: "default",
+					},
+				},
+				ControlPlane: &infrav1.AzureManagedControlPlane{
+					Spec: infrav1.AzureManagedControlPlaneSpec{
+						SubscriptionID: "00000000-0000-0000-0000-000000000000",
+					},
+				},
+			},
+			Expected: true,
+		},
+	}
+	for _, c := range cases {
+		c := c
+		t.Run(c.Name, func(t *testing.T) {
+			g := NewWithT(t)
+			fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithObjects(c.Input.ControlPlane).Build()
+			c.Input.Client = fakeClient
+			s, err := NewManagedControlPlaneScope(context.TODO(), c.Input)
+			g.Expect(err).To(Succeed())
+			managedCluster := s.ManagedClusterSpec(context.TODO())
+			result := managedCluster.(*managedclusters.ManagedClusterSpec).OutboundType == nil
+			g.Expect(result).To(Equal(c.Expected))
+		})
+	}
+}
+
 func TestManagedControlPlaneScope_PoolVersion(t *testing.T) {
 	scheme := runtime.NewScheme()
 	_ = expv1.AddToScheme(scheme)
diff --git a/azure/services/managedclusters/spec.go b/azure/services/managedclusters/spec.go
@@ -65,6 +65,9 @@ type ManagedClusterSpec struct {
 	// NetworkPolicy used for building Kubernetes network. Possible values include: 'calico', 'azure'.
 	NetworkPolicy string
 
+	// OutboundType used for building Kubernetes network. Possible values include: 'loadBalancer', 'managedNATGateway', 'userAssignedNATGateway', 'userDefinedRouting'.
+	OutboundType *infrav1.ManagedControlPlaneOutboundType
+
 	// SSHPublicKey is a string literal containing an ssh public key. Will autogenerate and discard if not provided.
 	SSHPublicKey string
 
@@ -377,6 +380,10 @@ func (s *ManagedClusterSpec) Parameters(ctx context.Context, existing interface{
 		}
 	}
 
+	if s.OutboundType != nil {
+		managedCluster.NetworkProfile.OutboundType = containerservice.OutboundType(*s.OutboundType)
+	}
+
 	managedCluster.AutoScalerProfile = buildAutoScalerProfile(s.AutoScalerProfile)
 
 	if existing != nil {
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml
@@ -804,6 +804,14 @@ spec:
                   containing cluster IaaS resources. Will be populated to default
                   in webhook.
                 type: string
+              outboundType:
+                description: Outbound configuration used by Nodes.
+                enum:
+                - loadBalancer
+                - managedNATGateway
+                - userAssignedNATGateway
+                - userDefinedRouting
+                type: string
               resourceGroupName:
                 description: ResourceGroupName is the name of the Azure resource group
                   for this AKS Cluster.

Original file line number	Diff line number	Diff line change
`@@ -41,6 +41,7 @@ func (src *AzureManagedControlPlane) ConvertTo(dstRaw conversion.Hub) error {`
`41`	`41`	`dst.Spec.VirtualNetwork.ResourceGroup = restored.Spec.VirtualNetwork.ResourceGroup`
`42`	`42`	`dst.Spec.VirtualNetwork.Subnet.ServiceEndpoints = restored.Spec.VirtualNetwork.Subnet.ServiceEndpoints`
`43`	`43`	`dst.Spec.AutoScalerProfile = restored.Spec.AutoScalerProfile`
	`44`	`+ dst.Spec.OutboundType = restored.Spec.OutboundType`
`44`	`45`
`45`	`46`	`return nil`
`46`	`47`	`}`
Original file line number	Diff line number	Diff line change
`@@ -225,6 +225,16 @@ func (m *AzureManagedControlPlane) ValidateUpdate(oldRaw runtime.Object, client`
`225`	`225`	`}`
`226`	`226`	`}`
`227`	`227`
	`228`	`+ // Consider removing this once moves out of preview`
	`229`	`+ // Updating outboundType after cluster creation (PREVIEW)`
	`230`	`+ // https://learn.microsoft.com/en-us/azure/aks/egress-outboundtype#updating-outboundtype-after-cluster-creation-preview`
	`231`	`+ if err := webhookutils.ValidateImmutable(`
	`232`	`+ field.NewPath("Spec", "OutboundType"),`
	`233`	`+ old.Spec.OutboundType,`
	`234`	`+ m.Spec.OutboundType); err != nil {`
	`235`	`+ allErrs = append(allErrs, err)`
	`236`	`+ }`
	`237`	`+`
`228`	`238`	`if errs := m.validateVirtualNetworkUpdate(old); len(errs) > 0 {`
`229`	`239`	`allErrs = append(allErrs, errs...)`
`230`	`240`	`}`
Original file line number	Diff line number	Diff line change
`@@ -436,6 +436,7 @@ func (s *ManagedControlPlaneScope) ManagedClusterSpec(ctx context.Context) azure`
`436`	`436`	`s.ControlPlane.Spec.VirtualNetwork.Subnet.Name,`
`437`	`437`	`),`
`438`	`438`	`GetAllAgentPools: s.GetAllAgentPoolSpecs,`
	`439`	`+ OutboundType: s.ControlPlane.Spec.OutboundType,`
`439`	`440`	`}`
`440`	`441`
`441`	`442`	`if s.ControlPlane.Spec.NetworkPlugin != nil {`