New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Azure cfcr support #223

Merged
merged 3 commits into from Oct 12, 2018

Conversation

Projects
None yet
7 participants
@andyliuliming
Contributor

andyliuliming commented Jun 21, 2018

What this PR does / why we need it:
This PR added the support for the cfcr running in azure.

How can this PR be verified?
follow the docs/terraform/azure/README.md to do the test.
and here's comformance test result file https://opensourcerelease.blob.core.windows.net/alphareleases/sonobuoy.tgz

Is there any change in kubo-deployment?
yes
Is there any change in kubo-ci?
no.
Does this affect upgrade, or is there any migration required?
no.
Which issue(s) this PR fixes:

Release note:


@cfdreddbot

This comment has been minimized.

cfdreddbot commented Jun 21, 2018

Hey andyliuliming!

Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA.

@cf-gitbot

This comment has been minimized.

cf-gitbot commented Jun 21, 2018

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/158532476

The labels on this github issue will be updated when the story is started.

@andyliuliming

This comment has been minimized.

Contributor

andyliuliming commented Jun 21, 2018

this pr depends on this pr: cloudfoundry/bosh-agent#174

@mordebites

This comment has been minimized.

Contributor

mordebites commented Jun 28, 2018

Thanks for the PR. Currently Azure is not a priority in our backlog and we would also have to wait on the bosh-agent PR for this to be merged. We'll keep you updated if and when we have news.

@andyliuliming

This comment has been minimized.

Contributor

andyliuliming commented Aug 2, 2018

@mordebites the bosh-agent pr is merged which this pr depends on. please help review : )

and this have relation to the pr cloudfoundry-incubator/kubo-deployment#320

@andyliuliming andyliuliming referenced this pull request Aug 2, 2018

Merged

Azure cfcr support #320

@svrc-pivotal

This comment has been minimized.

Contributor

svrc-pivotal commented Aug 30, 2018

@henderjm henderjm requested a review from alex-slynko Sep 12, 2018

@cf-gitbot cf-gitbot added scheduled and removed unscheduled labels Oct 8, 2018

elsif provider_type == 'azure'
cloud_config['cloud'] = cloud_provider.p('cloud-provider.azure.cloud')
cloud_config['tenantId'] = cloud_provider.p('cloud-provider.azure.tenant-id')
cloud_config['aadClientId'] = cloud_provider.p('cloud-provider.azure.service-principal-id')

This comment has been minimized.

@alex-slynko

alex-slynko Oct 8, 2018

Member

@andyliuliming do we need to provide service-principal ID and secret for workers as well?
If yes, can we limit credentials for worker to some very specific minimal actions?

This comment has been minimized.

@andyliuliming

andyliuliming Oct 10, 2018

Contributor

yes, the principal id is created by customer. the customer can restrict the rights of it to only the resource groups or any resource it required only.

@cf-gitbot cf-gitbot added in progress and removed scheduled labels Oct 9, 2018

@svrc-pivotal

This comment has been minimized.

Contributor

svrc-pivotal commented Oct 10, 2018

@alex-slynko FYI the azure cloud provider supports the equivalent of IAM roles but the Azure CPI doesn’t yet from what I can tell

Also I added a fix to this PR in my fork:
svrc-pivotal@078910c

There needs to be a broader conversation about DNS handling for Bring Your Own DNS server for this PR. I’m not sure if it’s realistic to expect enterprises to turn on DDNS hostname registration. This might require a BOSH dns feature.

@henderjm henderjm merged commit 99a6a2c into cloudfoundry-incubator:master Oct 12, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment