Add shared VPC networking

api/v1beta1/types.go

@@ -93,6 +93,9 @@ type NetworkSpec struct {
 	// +optional
 	Name *string `json:"name,omitempty"`
 
+	// HostProject  is the name of the host project hosting the shared VPC network
+	HostProject *string `json:"hostProject,omitempty"`
+
 	// AutoCreateSubnetworks: When set to true, the VPC network is created
 	// in "auto" mode. When set to false, the VPC network is created in
 	// "custom" mode.

cloud/interfaces.go

@@ -46,6 +46,7 @@ type ReconcilerWithResult interface {
 // Client is an interface which can get cloud client.
 type Client interface {
 	Cloud() Cloud
+	NetworkCloud() Cloud
 }
 
 // ClusterGetter is an interface which can get cluster information.
@@ -56,6 +57,8 @@ type ClusterGetter interface {
 	Name() string
 	Namespace() string
 	NetworkName() string
+	NetworkProject() string
+	IsSharedVpc() bool
 	Network() *infrav1.Network
 	AdditionalLabels() infrav1.Labels
 	FailureDomains() clusterv1.FailureDomains

cloud/scope/cluster.go

@@ -90,6 +90,11 @@ func (s *ClusterScope) Cloud() cloud.Cloud {
 	return newCloud(s.Project(), s.GCPServices)
 }
 
+// NetworkCloud returns initialized cloud.
+func (s *ClusterScope) NetworkCloud() cloud.Cloud {
+	return newCloud(s.NetworkProject(), s.GCPServices)
+}
+
 // Project returns the current project name.
 func (s *ClusterScope) Project() string {
 	return s.GCPCluster.Spec.Project
@@ -115,9 +120,22 @@ func (s *ClusterScope) NetworkName() string {
 	return pointer.StringDeref(s.GCPCluster.Spec.Network.Name, "default")
 }
 
+// NetworkProject returns the cluster network unique identifier.
+func (s *ClusterScope) NetworkProject() string {
+	return pointer.StringDeref(s.GCPCluster.Spec.Network.HostProject, s.GCPCluster.Spec.Project)
+}
+
+// IsSharedVpc returns true If sharedVPC used else , returns false.
+func (s *ClusterScope) IsSharedVpc() bool {
+	if s.NetworkProject() != s.Project() {
+		return true
+	}
+	return false
+}
+
 // NetworkLink returns the partial URL for the network.
 func (s *ClusterScope) NetworkLink() string {
-	return fmt.Sprintf("projects/%s/global/networks/%s", s.Project(), s.NetworkName())
+	return fmt.Sprintf("projects/%s/global/networks/%s", s.NetworkProject(), s.NetworkName())
 }
 
 // Network returns the cluster network object.

cloud/scope/machine.go

@@ -94,6 +94,11 @@ func (m *MachineScope) Cloud() cloud.Cloud {
 	return m.ClusterGetter.Cloud()
 }
 
+// NetworkCloud returns initialized network cloud
+func (m *MachineScope) NetworkCloud() cloud.Cloud {
+	return m.ClusterGetter.NetworkCloud()
+}
+
 // Zone returns the FailureDomain for the GCPMachine.
 func (m *MachineScope) Zone() string {
 	if m.Machine.Spec.FailureDomain == nil {
@@ -276,7 +281,7 @@ func (m *MachineScope) InstanceAdditionalDiskSpec() []*compute.AttachedDisk {
 // InstanceNetworkInterfaceSpec returns compute network interface spec.
 func (m *MachineScope) InstanceNetworkInterfaceSpec() *compute.NetworkInterface {
 	networkInterface := &compute.NetworkInterface{
-		Network: path.Join("projects", m.ClusterGetter.Project(), "global", "networks", m.ClusterGetter.NetworkName()),
+		Network: path.Join("projects", m.ClusterGetter.NetworkProject(), "global", "networks", m.ClusterGetter.NetworkName()),
 	}
 
 	if m.GCPMachine.Spec.PublicIP != nil && *m.GCPMachine.Spec.PublicIP {
@@ -289,7 +294,7 @@ func (m *MachineScope) InstanceNetworkInterfaceSpec() *compute.NetworkInterface
 	}
 
 	if m.GCPMachine.Spec.Subnet != nil {
-		networkInterface.Subnetwork = path.Join("regions", m.ClusterGetter.Region(), "subnetworks", *m.GCPMachine.Spec.Subnet)
+		networkInterface.Subnetwork = path.Join("projects", m.ClusterGetter.NetworkProject(), "regions", m.ClusterGetter.Region(), "subnetworks", *m.GCPMachine.Spec.Subnet)
 	}
 
 	return networkInterface

cloud/scope/managedcluster.go

@@ -93,6 +93,11 @@ func (s *ManagedClusterScope) Cloud() cloud.Cloud {
 	return newCloud(s.Project(), s.GCPServices)
 }
 
+// NetworkCloud returns initialized cloud.
+func (s *ManagedClusterScope) NetworkCloud() cloud.Cloud {
+	return newCloud(s.NetworkProject(), s.GCPServices)
+}
+
 // Project returns the current project name.
 func (s *ManagedClusterScope) Project() string {
 	return s.GCPManagedCluster.Spec.Project
@@ -118,9 +123,22 @@ func (s *ManagedClusterScope) NetworkName() string {
 	return pointer.StringDeref(s.GCPManagedCluster.Spec.Network.Name, "default")
 }
 
+// NetworkProject returns the cluster network unique identifier.
+func (s *ManagedClusterScope) NetworkProject() string {
+	return pointer.StringDeref(s.GCPManagedCluster.Spec.Network.HostProject, s.GCPManagedCluster.Spec.Project)
+}
+
+// IsSharedVpc returns the cluster network unique identifier.
+func (s *ManagedClusterScope) IsSharedVpc() bool {
+	if s.NetworkProject() != s.Project() {
+		return true
+	}
+	return false
+}
+
 // NetworkLink returns the partial URL for the network.
 func (s *ManagedClusterScope) NetworkLink() string {
-	return fmt.Sprintf("projects/%s/global/networks/%s", s.Project(), s.NetworkName())
+	return fmt.Sprintf("projects/%s/global/networks/%s", s.NetworkProject(), s.NetworkName())
 }
 
 // Network returns the cluster network object.

cloud/services/compute/firewalls/reconcile.go

@@ -27,6 +27,10 @@ import (
 // Reconcile reconcile cluster firewall compoenents.
 func (s *Service) Reconcile(ctx context.Context) error {
 	log := log.FromContext(ctx)
+	if s.scope.IsSharedVpc() {
+		log.Info("VPC enabled. Ignore Reconciling firewall resources")
+		return nil
+	}
 	log.Info("Reconciling firewall resources")
 	for _, spec := range s.scope.FirewallRulesSpec() {
 		log.V(2).Info("Looking firewall", "name", spec.Name)
@@ -49,6 +53,10 @@ func (s *Service) Reconcile(ctx context.Context) error {
 // Delete delete cluster firewall compoenents.
 func (s *Service) Delete(ctx context.Context) error {
 	log := log.FromContext(ctx)
+	if s.scope.IsSharedVpc() {
+		log.Info("VPC enabled. Ignore Deleting firewall resources")
+		return nil
+	}
 	log.Info("Deleting firewall resources")
 	for _, spec := range s.scope.FirewallRulesSpec() {
 		log.V(2).Info("Deleting firewall", "name", spec.Name)

cloud/services/compute/networks/reconcile.go

@@ -52,6 +52,11 @@ func (s *Service) Reconcile(ctx context.Context) error {
 // Delete delete cluster network components.
 func (s *Service) Delete(ctx context.Context) error {
 	log := log.FromContext(ctx)
+	if s.scope.IsSharedVpc() {
+		s.scope.Network().Router = nil
+		s.scope.Network().SelfLink = nil
+		return nil
+	}
 	log.Info("Deleting network resources")
 	networkKey := meta.GlobalKey(s.scope.NetworkName())
 	log.V(2).Info("Looking for network before deleting", "name", networkKey)
@@ -101,6 +106,10 @@ func (s *Service) createOrGetNetwork(ctx context.Context) (*compute.Network, err
 			log.Error(err, "Error looking for network", "name", s.scope.NetworkName())
 			return nil, err
 		}
+		if s.scope.IsSharedVpc() {
+			log.Error(err, "VPC is enabled. Error looking for network", "name", s.scope.NetworkName())
+			return nil, err
+		}
 
 		log.V(2).Info("Creating a network", "name", s.scope.NetworkName())
 		if err := s.networks.Insert(ctx, networkKey, s.scope.NetworkSpec()); err != nil {

cloud/services/compute/networks/service.go

@@ -54,6 +54,13 @@ var _ cloud.Reconciler = &Service{}
 
 // New returns Service from given scope.
 func New(scope Scope) *Service {
+	if scope.IsSharedVpc() {
+		return &Service{
+			scope:    scope,
+			networks: scope.NetworkCloud().Networks(),
+			routers:  scope.NetworkCloud().Routers(),
+		}
+	}
 	return &Service{
 		scope:    scope,
 		networks: scope.Cloud().Networks(),

cloud/services/compute/subnets/reconcile.go

@@ -41,6 +41,9 @@ func (s *Service) Reconcile(ctx context.Context) error {
 // Delete deletes cluster subnetwork components.
 func (s *Service) Delete(ctx context.Context) error {
 	logger := log.FromContext(ctx)
+	if s.scope.IsSharedVpc() {
+		return nil
+	}
 	for _, subnetSpec := range s.scope.SubnetSpecs() {
 		logger.V(2).Info("Deleting a subnet", "name", subnetSpec.Name)
 		subnetKey := meta.RegionalKey(subnetSpec.Name, s.scope.Region())
@@ -68,6 +71,11 @@ func (s *Service) createOrGetSubnets(ctx context.Context) ([]*compute.Subnetwork
 				return subnets, err
 			}
 
+			if s.scope.IsSharedVpc() {
+				logger.Error(err, "VPC is enabled. Error looking for subnetwork", "name", subnetSpec.Name)
+				return nil, err
+			}
+
 			// Subnet was not found, let's create it
 			logger.V(2).Info("Creating a subnet", "name", subnetSpec.Name)
 			if err := s.subnets.Insert(ctx, subnetKey, subnetSpec); err != nil {

cloud/services/compute/subnets/service.go

@@ -46,6 +46,12 @@ var _ cloud.Reconciler = &Service{}
 
 // New returns Service from given scope.
 func New(scope Scope) *Service {
+	if scope.IsSharedVpc() {
+		return &Service{
+			scope:   scope,
+			subnets: scope.NetworkCloud().Subnetworks(),
+		}
+	}
 	return &Service{
 		scope:   scope,
 		subnets: scope.Cloud().Subnetworks(),

config/crd/bases/infrastructure.cluster.x-k8s.io_gcpclusters.yaml

@@ -563,6 +563,9 @@ spec:
                   name:
                     description: Name is the name of the network to be used.
                     type: string
+                  hostProject:
+                    description: Network host project is the name need of the host project hosting the shared VPC network.
+                    type: string
                   subnets:
                     description: Subnets configuration.
                     items:

config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedclusters.yaml

@@ -114,6 +114,9 @@ spec:
                   name:
                     description: Name is the name of the network to be used.
                     type: string
+                  hostProject:
+                    description: Network host project is the name need of the host project hosting the shared VPC network.
+                    type: string
                   subnets:
                     description: Subnets configuration.
                     items: