[AdvancedNetworkPolicy] MOC-SDK Changes for LNET and NIC (#332)

mjethwa-msft · nijosmsft · web-flow · commit 54eb6b870499 · 2025-09-05T13:48:54.000-07:00
* Add support for sdn-optionality

* Add missing inboundnatrule parsing

* Update moc commit hash

* add policy to lnet

* Update go mod

* Fix nil ptr issue

* Update moc commit

* Update moc commit

* Update moc commit

* Update moc release tag

---------

Co-authored-by: NIJOS &lt;nijos@microsoft.com&gt;
diff --git a/go.mod b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/Azure/go-autorest/autorest/date v0.3.0
 	github.com/google/go-cmp v0.6.0
 	github.com/google/uuid v1.6.0
-	github.com/microsoft/moc v0.35.1
+	github.com/microsoft/moc v0.35.2
 	google.golang.org/grpc v1.72.0
 	k8s.io/klog v1.0.0
 	sigs.k8s.io/controller-runtime v0.20.4
diff --git a/go.sum b/go.sum
@@ -122,8 +122,8 @@ github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0V
 github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
-github.com/microsoft/moc v0.35.1 h1:Vy+VlRlVb56bl7trYJ2BsQUeOMZo7LUY12/Ml8KbrKE=
-github.com/microsoft/moc v0.35.1/go.mod h1:OZ1rc2/qs9AVRKCLfwY0N8R+ZXJlVz5UyWYS5vNH4m0=
+github.com/microsoft/moc v0.35.2 h1:/P/yuGmSWwEtmKHIgak4YiqkCt9MvLTe3ggJ/eDb/yA=
+github.com/microsoft/moc v0.35.2/go.mod h1:OZ1rc2/qs9AVRKCLfwY0N8R+ZXJlVz5UyWYS5vNH4m0=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
diff --git a/services/compute/virtualmachine/client.go b/services/compute/virtualmachine/client.go
@@ -410,4 +410,4 @@ func (c *VirtualMachineClient) GetHostNodeName(ctx context.Context, group string
 
 func (c *VirtualMachineClient) GetHostNodeIpAddress(ctx context.Context, group string, name string) (*compute.VirtualMachineHostNodeIpAddress, error) {
 	return c.internal.GetHostNodeIpAddress(ctx, group, name)
-}
+}
diff --git a/services/compute/virtualmachine/wssd.go b/services/compute/virtualmachine/wssd.go
@@ -473,4 +473,4 @@ func (c *client) GetHostNodeIpAddress(ctx context.Context, group, name string) (
 	}
 
 	return response, nil
-}
+}
diff --git a/services/network/common.go b/services/network/common.go
@@ -0,0 +1,63 @@
+package network
+
+import (
+	wssdcommonproto "github.com/microsoft/moc/rpc/common"
+)
+
+// Returns cloudagent representation of AdvancedNetworkPolicy from sdk representation
+func GetWssdAdvancedNetworkPolicies(policies *[]AdvancedNetworkPolicy) (wssdPolicies []*wssdcommonproto.AdvancedNetworkPolicy) {
+
+	if policies == nil || len(*policies) == 0 {
+		return nil
+	}
+
+	wssdPolicies = []*wssdcommonproto.AdvancedNetworkPolicy{}
+
+	for _, policy := range *policies {
+		wssdPolicy := &wssdcommonproto.AdvancedNetworkPolicy{
+			Type:    getWssdPolicyType(policy.Type),
+			Enabled: policy.Enabled,
+		}
+		wssdPolicies = append(wssdPolicies, wssdPolicy)
+	}
+	return wssdPolicies
+}
+
+// Returns sdk representation of AdvancedNetworkPolicy from cloudagent representation
+func GetNetworkAdvancedNetworkPolicies(wssdPolicies []*wssdcommonproto.AdvancedNetworkPolicy) (policies []AdvancedNetworkPolicy) {
+
+	if len(wssdPolicies) == 0 {
+		return nil
+	}
+
+	policies = []AdvancedNetworkPolicy{}
+
+	for _, wssdPolicy := range wssdPolicies {
+		policy := AdvancedNetworkPolicy{
+			Type:    getNetworkPolicyType(wssdPolicy.Type),
+			Enabled: wssdPolicy.Enabled,
+		}
+		policies = append(policies, policy)
+	}
+	return policies
+}
+
+// Converts policy type from sdk to cloudagent representation
+func getWssdPolicyType(policyType NetworkPolicyType) wssdcommonproto.NetworkPolicyType {
+	switch policyType {
+	case NetworkPolicyType_SDN:
+		return wssdcommonproto.NetworkPolicyType_SDN
+	default:
+		return wssdcommonproto.NetworkPolicyType_INVALID
+	}
+}
+
+// Converts policy type from cloudagent to sdk representation
+func getNetworkPolicyType(wssdPolicyType wssdcommonproto.NetworkPolicyType) NetworkPolicyType {
+	switch wssdPolicyType {
+	case wssdcommonproto.NetworkPolicyType_SDN:
+		return NetworkPolicyType_SDN
+	default:
+		return NetworkPolicyType_Invalid
+	}
+}
diff --git a/services/network/logicalnetwork/logicalnetwork.go b/services/network/logicalnetwork/logicalnetwork.go
@@ -21,6 +21,7 @@ func getWssdLogicalNetwork(c *network.LogicalNetwork) (*wssdcloudnetwork.Logical
 	if c.Location == nil || len(*c.Location) == 0 {
 		return nil, errors.Wrapf(errors.InvalidInput, "Location is not specified")
 	}
+
 	wssdnetwork := &wssdcloudnetwork.LogicalNetwork{
 		Name:         *c.Name,
 		LocationName: *c.Location,
@@ -48,6 +49,10 @@ func getWssdLogicalNetwork(c *network.LogicalNetwork) (*wssdcloudnetwork.Logical
 		if c.LogicalNetworkPropertiesFormat.NetworkVirtualizationEnabled != nil {
 			wssdnetwork.NetworkVirtualizationEnabled = *c.LogicalNetworkPropertiesFormat.NetworkVirtualizationEnabled
 		}
+
+		if c.LogicalNetworkPropertiesFormat.AdvancedNetworkPolicies != nil {
+			wssdnetwork.AdvancedPolicies = network.GetWssdAdvancedNetworkPolicies(c.LogicalNetworkPropertiesFormat.AdvancedNetworkPolicies)
+		}
 	}
 
 	return wssdnetwork, nil
@@ -187,7 +192,10 @@ func getWssdNetworkRoutes(routetable *network.RouteTable) (wssdcloudroutes []*ws
 
 // Conversion function from wssdcloudnetwork to network
 func getLogicalNetwork(c *wssdcloudnetwork.LogicalNetwork) *network.LogicalNetwork {
-	return &network.LogicalNetwork{
+
+	advancedPolicies := network.GetNetworkAdvancedNetworkPolicies(c.AdvancedPolicies)
+
+	lnet := &network.LogicalNetwork{
 		Name:     &c.Name,
 		Location: &c.LocationName,
 		ID:       &c.Id,
@@ -197,9 +205,13 @@ func getLogicalNetwork(c *wssdcloudnetwork.LogicalNetwork) *network.LogicalNetwo
 			Statuses:                     status.GetStatuses(c.GetStatus()),
 			MacPoolName:                  &c.MacPoolName,
 			NetworkVirtualizationEnabled: &c.NetworkVirtualizationEnabled,
+			AdvancedNetworkPolicies:      &advancedPolicies,
 		},
 		Tags: tags.ProtoToMap(c.Tags),
 	}
+
+	return lnet
+
 }
 
 func getNetworkSubnets(wssdsubnets []*wssdcloudnetwork.LogicalSubnet) *[]network.LogicalSubnet {
diff --git a/services/network/network.go b/services/network/network.go
@@ -893,6 +893,22 @@ type PrivateEndpoint struct {
 	Tags map[string]*string `json:"tags"`
 }
 
+type NetworkPolicyType string
+
+const (
+	NetworkPolicyType_Invalid NetworkPolicyType = "INVALID"
+	// SDN Policy
+	NetworkPolicyType_SDN NetworkPolicyType = "SDN"
+)
+
+// Advanced Network Policy for LogicalNetwork and NetworkInterface
+type AdvancedNetworkPolicy struct {
+	// NetworkPolicyType
+	Type NetworkPolicyType `json:"type"`
+	// Enabled - Enable or disable advanced network policy
+	Enabled bool `json:"enabled"`
+}
+
 // InterfacePropertiesFormat networkInterface properties.
 type InterfacePropertiesFormat struct {
 	// VirtualMachine - READ-ONLY; The reference of a virtual machine.
@@ -921,6 +937,8 @@ type InterfacePropertiesFormat struct {
 	EnableDHCPGuard *bool `json:"enableDHCPGuard,omitempty"`
 	// EnableRouterAdvertisementGuard
 	EnableRouterAdvertisementGuard *bool `json:"enableRouterAdvertisementGuard,omitempty"`
+	// AdvancedNetworkPolicies
+	AdvancedNetworkPolicies *[]AdvancedNetworkPolicy `json:"advancedNetworkPolicies,omitempty"`
 }
 
 // VirtualNetwork defines the structure of a VNET
@@ -1098,6 +1116,8 @@ type LogicalNetworkPropertiesFormat struct {
 	Statuses map[string]*string `json:"statuses"`
 	// NetworkVirtualizationEnabled - Denotes if this lnet can be used as overlay for a vnet
 	NetworkVirtualizationEnabled *bool `json:"networkVirtualizationEnabled,omitempty"`
+	// AdvancedNetworkPolicies
+	AdvancedNetworkPolicies *[]AdvancedNetworkPolicy `json:"advancedNetworkPolicies,omitempty"`
 }
 
 // LogicalNetwork defines the structure of an LNET
diff --git a/services/network/networkinterface/networkinterface.go b/services/network/networkinterface/networkinterface.go
@@ -52,6 +52,7 @@ func getWssdNetworkInterface(c *network.Interface, group string) (*wssdcloudnetw
 		GroupName:        group,
 		Dns:              getDns(c.DNSSettings),
 		Tags:             tags.MapToProto(c.Tags),
+		AdvancedPolicies: network.GetWssdAdvancedNetworkPolicies(c.AdvancedNetworkPolicies),
 	}
 
 	if c.Version != nil {
@@ -191,6 +192,8 @@ func getNetworkInterface(server, group string, c *wssdcloudnetwork.NetworkInterf
 		version = c.Status.Version.Number
 	}
 
+	advancedPolicies := network.GetNetworkAdvancedNetworkPolicies(c.AdvancedPolicies)
+
 	vnetIntf := &network.Interface{
 		Name:    &c.Name,
 		ID:      &c.Id,
@@ -202,6 +205,7 @@ func getNetworkInterface(server, group string, c *wssdcloudnetwork.NetworkInterf
 			Statuses:                    status.GetStatuses(c.GetStatus()),
 			EnableAcceleratedNetworking: getIovSetting(c),
 			DNSSettings:                 getWssdDNSSettings(c.Dns),
+			AdvancedNetworkPolicies:     &advancedPolicies,
 		},
 		Tags: tags.ProtoToMap(c.Tags),
 	}

Original file line number	Diff line number	Diff line change
`@@ -473,4 +473,4 @@ func (c *client) GetHostNodeIpAddress(ctx context.Context, group, name string) (`
`473`	`473`	`}`
`474`	`474`
`475`	`475`	`return response, nil`
`476`		`-}`
	`476`	`+}`