This repository has been archived by the owner on Nov 30, 2023. It is now read-only.
/
deployment.go
110 lines (94 loc) · 4.01 KB
/
deployment.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
package deployment
import (
"context"
"fmt"
"net"
azureresource "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-05-01/resources"
providerv1alpha1 "github.com/giantswarm/apiextensions/v6/pkg/apis/provider/v1alpha1"
"github.com/giantswarm/microerror"
"github.com/giantswarm/azure-operator/v6/service/controller/azureconfig/handler/deployment/template"
"github.com/giantswarm/azure-operator/v6/service/controller/key"
"github.com/giantswarm/azure-operator/v6/service/network"
)
func (r Resource) newDeployment(ctx context.Context, customObject providerv1alpha1.AzureConfig, overwrites map[string]interface{}) (azureresource.Deployment, error) {
// The VPN subnet is not persisted in the AzureConfig so I have to compute it now.
// This is suboptimal, but will not be needed anymore once we switch to vnet peering
// and that will hopefully happen soon.
vpnSubnet, err := getVPNSubnet(customObject)
if err != nil {
return azureresource.Deployment{}, microerror.Mask(err)
}
controlPlaneWorkerSubnetID := fmt.Sprintf(
"/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/virtualNetworks/%s/subnets/%s_worker_subnet",
r.controlPlaneSubscriptionID,
r.installationName,
r.azure.HostCluster.VirtualNetwork,
r.installationName,
)
controlPlanePublicIPs, err := r.getControlPlanePublicIPs(ctx)
if err != nil {
return azureresource.Deployment{}, microerror.Mask(err)
}
defaultParams := map[string]interface{}{
"blobContainerName": key.BlobContainerName(),
"calicoSubnetCidr": key.CalicoCIDR(customObject),
"controlPlaneWorkerSubnetID": controlPlaneWorkerSubnetID,
"clusterID": key.ClusterID(&customObject),
"dnsZones": key.DNSZones(customObject),
"hostClusterCidr": r.azure.HostCluster.CIDR,
"hostPublicIPs": controlPlanePublicIPs,
"insecureStorageAccount": r.debug.InsecureStorageAccount,
"kubernetesAPISecurePort": key.APISecurePort(customObject),
"masterSubnetCidr": key.MastersSubnetCIDR(customObject),
"storageAccountName": key.StorageAccountName(&customObject),
"virtualNetworkCidr": key.VnetCIDR(customObject),
"virtualNetworkName": key.VnetName(customObject),
"vnetGatewaySubnetName": key.VNetGatewaySubnetName(),
"vpnSubnetCidr": vpnSubnet.String(),
"workerSubnetCidr": key.WorkersSubnetCIDR(customObject),
"workersEgressExistingPublicIP": key.WorkersEgressExistingPublicIP(customObject),
}
armTemplate, err := template.GetARMTemplate()
if err != nil {
return azureresource.Deployment{}, microerror.Mask(err)
}
d := azureresource.Deployment{
Properties: &azureresource.DeploymentProperties{
Mode: azureresource.Incremental,
Parameters: key.ToParameters(defaultParams, overwrites),
Template: armTemplate,
},
}
return d, nil
}
// This function retrieves the public IP address for CP masters and workers, as a comma separated list.
func (r Resource) getControlPlanePublicIPs(ctx context.Context) ([]string, error) {
allPublicIPs, err := r.azureClientSet.PublicIpAddressesClient.ListComplete(ctx, r.installationName)
if err != nil {
return nil, microerror.Mask(err)
}
var ips []string
for allPublicIPs.NotDone() {
ip := allPublicIPs.Value()
// Masters use the API LB as egress gateway, the workers use the ingress LB.
if ip.Name != nil && *ip.Name == fmt.Sprintf("%s_ingress_ip", r.installationName) || *ip.Name == fmt.Sprintf("%s_api_ip", r.installationName) {
ips = append(ips, *ip.IPAddress)
}
err := allPublicIPs.NextWithContext(ctx)
if err != nil {
return nil, microerror.Mask(err)
}
}
return ips, nil
}
func getVPNSubnet(customObject providerv1alpha1.AzureConfig) (*net.IPNet, error) {
_, netw, err := net.ParseCIDR(customObject.Spec.Azure.VirtualNetwork.CIDR)
if err != nil {
return nil, microerror.Mask(err)
}
subnets, err := network.Compute(*netw)
if err != nil {
return nil, microerror.Mask(err)
}
return &subnets.VPN, nil
}