Merge pull request #15617 from hakman/azure_delete_dependency_logic

azure: Add mode dependency logic to deletion
kubernetes · Jul 17, 2023 · 42d82f2 · 42d82f2
2 parents 3e51f74 + 5be7a26
commit 42d82f2
Show file tree

Hide file tree

Showing 9 changed files with 498 additions and 90 deletions.
diff --git a/pkg/resources/azure/azure.go b/pkg/resources/azure/azure.go
@@ -27,7 +27,7 @@ import (
 	"k8s.io/kops/pkg/resources"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/azure"
-	"k8s.io/kops/upup/pkg/fi/cloudup/azuretasks"
+	"k8s.io/utils/set"
 )
 
 const (
@@ -150,7 +150,11 @@ func (g *resourceGetter) listVirtualNetworksAndSubnets(ctx context.Context) ([]*
 		if !g.isOwnedByCluster(vnet.Tags) {
 			continue
 		}
-		rs = append(rs, g.toVirtualNetworkResource(vnet))
+		r, err := g.toVirtualNetworkResource(vnet)
+		if err != nil {
+			return nil, err
+		}
+		rs = append(rs, r)
 		// Add all subnets belonging to the virtual network.
 		subnets, err := g.listSubnets(ctx, *vnet.Name)
 		if err != nil {
@@ -161,16 +165,35 @@ func (g *resourceGetter) listVirtualNetworksAndSubnets(ctx context.Context) ([]*
 	return rs, nil
 }
 
-func (g *resourceGetter) toVirtualNetworkResource(vnet *network.VirtualNetwork) *resources.Resource {
+func (g *resourceGetter) toVirtualNetworkResource(vnet *network.VirtualNetwork) (*resources.Resource, error) {
+	var blocks []string
+	blocks = append(blocks, toKey(typeResourceGroup, g.resourceGroupName()))
+
+	nsgs := set.New[string]()
+	if vnet.Subnets != nil {
+		for _, sn := range *vnet.Subnets {
+			if sn.NetworkSecurityGroup != nil {
+				nsgID, err := azure.ParseNetworkSecurityGroupID(*sn.NetworkSecurityGroup.ID)
+				if err != nil {
+					return nil, fmt.Errorf("parsing network security group ID: %s", err)
+				}
+				nsgs.Insert(nsgID.NetworkSecurityGroupName)
+			}
+		}
+	}
+	for nsg := range nsgs {
+		blocks = append(blocks, toKey(typeNetworkSecurityGroup, nsg))
+	}
+
 	return &resources.Resource{
 		Obj:     vnet,
 		Type:    typeVirtualNetwork,
 		ID:      *vnet.Name,
 		Name:    *vnet.Name,
 		Deleter: g.deleteVirtualNetwork,
-		Blocks:  []string{toKey(typeResourceGroup, g.resourceGroupName())},
+		Blocks:  blocks,
 		Shared:  g.clusterInfo.AzureNetworkShared,
-	}
+	}, nil
 }
 
 func (g *resourceGetter) deleteVirtualNetwork(_ fi.Cloud, r *resources.Resource) error {
@@ -319,16 +342,26 @@ func (g *resourceGetter) toVMScaleSetResource(vmss *compute.VirtualMachineScaleS
 	var blocks []string
 	blocks = append(blocks, toKey(typeResourceGroup, g.resourceGroupName()))
 
-	vnets := map[string]struct{}{}
-	subnets := map[string]struct{}{}
+	vnets := set.New[string]()
+	subnets := set.New[string]()
+	lbs := set.New[string]()
 	for _, iface := range *vmss.VirtualMachineProfile.NetworkProfile.NetworkInterfaceConfigurations {
 		for _, ip := range *iface.IPConfigurations {
-			subnetID, err := azuretasks.ParseSubnetID(*ip.Subnet.ID)
+			subnetID, err := azure.ParseSubnetID(*ip.Subnet.ID)
 			if err != nil {
 				return nil, fmt.Errorf("error on parsing subnet ID: %s", err)
 			}
-			vnets[subnetID.VirtualNetworkName] = struct{}{}
-			subnets[subnetID.SubnetName] = struct{}{}
+			vnets.Insert(subnetID.VirtualNetworkName)
+			subnets.Insert(subnetID.SubnetName)
+			if ip.LoadBalancerBackendAddressPools != nil {
+				for _, lb := range *ip.LoadBalancerBackendAddressPools {
+					lbID, err := azure.ParseLoadBalancerID(*lb.ID)
+					if err != nil {
+						return nil, fmt.Errorf("parsing load balancer ID: %s", err)
+					}
+					lbs.Insert(lbID.LoadBalancerName)
+				}
+			}
 		}
 	}
 	for vnet := range vnets {
@@ -337,6 +370,9 @@ func (g *resourceGetter) toVMScaleSetResource(vmss *compute.VirtualMachineScaleS
 	for subnet := range subnets {
 		blocks = append(blocks, toKey(typeSubnet, subnet))
 	}
+	for lb := range lbs {
+		blocks = append(blocks, toKey(typeLoadBalancer, lb))
+	}
 
 	for _, vm := range vms {
 		if disks := vm.StorageProfile.DataDisks; disks != nil {
@@ -448,20 +484,43 @@ func (g *resourceGetter) listLoadBalancers(ctx context.Context) ([]*resources.Re
 		if !g.isOwnedByCluster(lb.Tags) {
 			continue
 		}
-		rs = append(rs, g.toLoadBalancerResource(lb))
+		r, err := g.toLoadBalancerResource(lb)
+		if err != nil {
+			return nil, err
+		}
+		rs = append(rs, r)
 	}
 	return rs, nil
 }
 
-func (g *resourceGetter) toLoadBalancerResource(loadBalancer *network.LoadBalancer) *resources.Resource {
+func (g *resourceGetter) toLoadBalancerResource(loadBalancer *network.LoadBalancer) (*resources.Resource, error) {
+	var blocks []string
+	blocks = append(blocks, toKey(typeResourceGroup, g.resourceGroupName()))
+
+	pips := set.New[string]()
+	if loadBalancer.FrontendIPConfigurations != nil {
+		for _, fip := range *loadBalancer.FrontendIPConfigurations {
+			if fip.PublicIPAddress != nil {
+				pipID, err := azure.ParsePublicIPAddressID(*fip.PublicIPAddress.ID)
+				if err != nil {
+					return nil, fmt.Errorf("parsing public IP address ID: %s", err)
+				}
+				pips.Insert(pipID.PublicIPAddressName)
+			}
+		}
+	}
+	for pip := range pips {
+		blocks = append(blocks, toKey(typePublicIPAddress, pip))
+	}
+
 	return &resources.Resource{
 		Obj:     loadBalancer,
 		Type:    typeLoadBalancer,
 		ID:      *loadBalancer.Name,
 		Name:    *loadBalancer.Name,
 		Deleter: g.deleteLoadBalancer,
-		Blocks:  []string{toKey(typeResourceGroup, g.resourceGroupName())},
-	}
+		Blocks:  blocks,
+	}, nil
 }
 
 func (g *resourceGetter) deleteLoadBalancer(_ fi.Cloud, r *resources.Resource) error {

diff --git a/pkg/resources/azure/azure_test.go b/pkg/resources/azure/azure_test.go
@@ -63,8 +63,9 @@ func TestListResourcesAzure(t *testing.T) {
 
 	vnets := cloud.VirtualNetworksClient.VNets
 	vnets[vnetName] = network.VirtualNetwork{
-		Name: to.StringPtr(vnetName),
-		Tags: clusterTags,
+		Name:                           to.StringPtr(vnetName),
+		Tags:                           clusterTags,
+		VirtualNetworkPropertiesFormat: &network.VirtualNetworkPropertiesFormat{},
 	}
 	vnets[irrelevantName] = network.VirtualNetwork{
 		Name: to.StringPtr(irrelevantName),
@@ -88,7 +89,7 @@ func TestListResourcesAzure(t *testing.T) {
 	}
 
 	vmsses := cloud.VMScaleSetsClient.VMSSes
-	subnetID := azuretasks.SubnetID{
+	subnetID := azure.SubnetID{
 		SubscriptionID:     "sid",
 		ResourceGroupName:  rgName,
 		VirtualNetworkName: vnetName,
@@ -164,8 +165,9 @@ func TestListResourcesAzure(t *testing.T) {
 
 	lbs := cloud.LoadBalancersClient.LBs
 	lbs[lbName] = network.LoadBalancer{
-		Name: to.StringPtr(lbName),
-		Tags: clusterTags,
+		Name:                         to.StringPtr(lbName),
+		Tags:                         clusterTags,
+		LoadBalancerPropertiesFormat: &network.LoadBalancerPropertiesFormat{},
 	}
 	lbs[irrelevantName] = network.LoadBalancer{
 		Name: to.StringPtr(irrelevantName),

diff --git a/upup/pkg/fi/cloudup/azure/azure_utils.go b/upup/pkg/fi/cloudup/azure/azure_utils.go
@@ -40,3 +40,119 @@ func ZoneToAvailabilityZoneNumber(zone string) (string, error) {
 	}
 	return l[1], nil
 }
+
+// SubnetID contains the resource ID/names required to construct a subnet ID.
+type SubnetID struct {
+	SubscriptionID     string
+	ResourceGroupName  string
+	VirtualNetworkName string
+	SubnetName         string
+}
+
+// String returns the subnet ID in the path format.
+func (s *SubnetID) String() string {
+	return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/virtualNetworks/%s/subnets/%s",
+		s.SubscriptionID,
+		s.ResourceGroupName,
+		s.VirtualNetworkName,
+		s.SubnetName)
+}
+
+// ParseSubnetID parses a given subnet ID string and returns a SubnetID.
+func ParseSubnetID(s string) (*SubnetID, error) {
+	l := strings.Split(s, "/")
+	if len(l) != 11 {
+		return nil, fmt.Errorf("malformed format of subnet ID: %s, %d", s, len(l))
+	}
+	return &SubnetID{
+		SubscriptionID:     l[2],
+		ResourceGroupName:  l[4],
+		VirtualNetworkName: l[8],
+		SubnetName:         l[10],
+	}, nil
+}
+
+// NetworkSecurityGroupID contains the resource ID/names required to construct a NetworkSecurityGroup ID.
+type NetworkSecurityGroupID struct {
+	SubscriptionID           string
+	ResourceGroupName        string
+	NetworkSecurityGroupName string
+}
+
+// String returns the NetworkSecurityGroup ID in the path format.
+func (s *NetworkSecurityGroupID) String() string {
+	return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/networkSecurityGroups/%s",
+		s.SubscriptionID,
+		s.ResourceGroupName,
+		s.NetworkSecurityGroupName)
+}
+
+// ParseNetworkSecurityGroupID parses a given NetworkSecurityGroup ID string and returns a NetworkSecurityGroup ID.
+func ParseNetworkSecurityGroupID(s string) (*NetworkSecurityGroupID, error) {
+	l := strings.Split(s, "/")
+	if len(l) != 9 {
+		return nil, fmt.Errorf("malformed format of NetworkSecurityGroup ID: %s, %d", s, len(l))
+	}
+	return &NetworkSecurityGroupID{
+		SubscriptionID:           l[2],
+		ResourceGroupName:        l[4],
+		NetworkSecurityGroupName: l[8],
+	}, nil
+}
+
+// LoadBalancerID contains the resource ID/names required to construct a load balancer ID.
+type LoadBalancerID struct {
+	SubscriptionID    string
+	ResourceGroupName string
+	LoadBalancerName  string
+}
+
+// String returns the load balancer ID in the path format.
+func (lb *LoadBalancerID) String() string {
+	return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/loadbalancers/%s/backendAddressPools/LoadBalancerBackEnd",
+		lb.SubscriptionID,
+		lb.ResourceGroupName,
+		lb.LoadBalancerName,
+	)
+}
+
+// ParseLoadBalancerID parses a given load balancer ID string and returns a LoadBalancerID.
+func ParseLoadBalancerID(lb string) (*LoadBalancerID, error) {
+	l := strings.Split(lb, "/")
+	if len(l) != 11 {
+		return nil, fmt.Errorf("malformed format of loadbalancer ID: %s, %d", lb, len(l))
+	}
+	return &LoadBalancerID{
+		SubscriptionID:    l[2],
+		ResourceGroupName: l[4],
+		LoadBalancerName:  l[8],
+	}, nil
+}
+
+// PublicIPAddressID contains the resource ID/names required to construct a PublicIPAddress ID.
+type PublicIPAddressID struct {
+	SubscriptionID      string
+	ResourceGroupName   string
+	PublicIPAddressName string
+}
+
+// String returns the PublicIPAddress ID in the path format.
+func (s *PublicIPAddressID) String() string {
+	return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/publicIPAddresss/%s",
+		s.SubscriptionID,
+		s.ResourceGroupName,
+		s.PublicIPAddressName)
+}
+
+// ParsePublicIPAddressID parses a given PublicIPAddress ID string and returns a PublicIPAddress ID.
+func ParsePublicIPAddressID(s string) (*PublicIPAddressID, error) {
+	l := strings.Split(s, "/")
+	if len(l) != 9 {
+		return nil, fmt.Errorf("malformed format of PublicIPAddress ID: %s, %d", s, len(l))
+	}
+	return &PublicIPAddressID{
+		SubscriptionID:      l[2],
+		ResourceGroupName:   l[4],
+		PublicIPAddressName: l[8],
+	}, nil
+}