chore: AzureCluster subnet default flow comments

[jackfrancis]

What type of PR is this?

/kind cleanup

What this PR does / why we need it:

The current defaults flow for AzureCluster subnet configuration is tricky. This adds some clarifying comments.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:

TODOs:

• squashed commits
• includes documentation
• adds unit tests
• cherry-pick candidate

Release note:

NONE

[jackfrancis]

@nojnhuh can you answer this question?

[nojnhuh]

Is this asking "why separate subnets for control plane and worker nodes?" One reason would be so that each subnet can refer to a different NSG. The control plane subnet is tied to a NSG that exposes SSH and the API server port and the worker node subnet doesn't expose any ports by default.

[jackfrancis]

No, not that. It's more that we seem to have this breakdown:

1. Cluster subnet (can also be overloaded to be the subnet for all nodes)
2. Zero or more "node" subnets

I understand the value of having multiple node subnets (different pools having discrete subnets), and I understand the value of not requiring any node subnets (just use a single subnet for everything [what we call the "cluster" subnet]). What I don't understand is why we have logic to say: if we have neither, create a single node subnet. It seems more intuitive to create a single "cluster" subnet in this case.

(And yes ACK on the differences between CP subnet and node subnets)

[nojnhuh]

I can't find any discussion related to that in #4253. Possibly to keep the same behavior as before CAPZ had a notion of a "cluster" subnet.

[jackfrancis]

That's good enough for me, removed the TODO, I think keeping back-compat is the way forward.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 53.08%. Comparing base (a171336) to head (d2fb23f).
⚠️ Report is 8 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5817      +/-   ##
==========================================
+ Coverage   53.06%   53.08%   +0.02%     
==========================================
  Files         279      279              
  Lines       29677    29686       +9     
==========================================
+ Hits        15747    15758      +11     
+ Misses      13114    13112       -2     
  Partials      816      816              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[nojnhuh]

/lgtm
/approve

[k8s-ci-robot]

LGTM label has been added.

Git tree hash: e3d833b8b9b4cdc54898455713f8f65b930284c3

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: nojnhuh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [nojnhuh]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment