Add Azure support

This commit contains all changes required to support Azure
(#3957).

cmd/kops-controller/BUILD.bazel

@@ -11,6 +11,7 @@ go_library(
         "//cmd/kops-controller/pkg/server:go_default_library",
         "//pkg/nodeidentity:go_default_library",
         "//pkg/nodeidentity/aws:go_default_library",
+        "//pkg/nodeidentity/azure:go_default_library",
         "//pkg/nodeidentity/do:go_default_library",
         "//pkg/nodeidentity/gce:go_default_library",
         "//pkg/nodeidentity/openstack:go_default_library",

cmd/kops-controller/main.go

@@ -32,6 +32,7 @@ import (
 	"k8s.io/kops/cmd/kops-controller/pkg/server"
 	"k8s.io/kops/pkg/nodeidentity"
 	nodeidentityaws "k8s.io/kops/pkg/nodeidentity/aws"
+	nodeidentityazure "k8s.io/kops/pkg/nodeidentity/azure"
 	nodeidentitydo "k8s.io/kops/pkg/nodeidentity/do"
 	nodeidentitygce "k8s.io/kops/pkg/nodeidentity/gce"
 	nodeidentityos "k8s.io/kops/pkg/nodeidentity/openstack"
@@ -174,6 +175,12 @@ func addNodeController(mgr manager.Manager, opt *config.Options) error {
 			return fmt.Errorf("error building identifier: %v", err)
 		}
 
+	case "azure":
+		identifier, err = nodeidentityazure.New(opt.CacheNodeidentityInfo)
+		if err != nil {
+			return fmt.Errorf("error building identifier: %v", err)
+		}
+
 	case "":
 		return fmt.Errorf("must specify cloud")
 

cmd/kops/create_cluster.go

@@ -298,6 +298,14 @@ func NewCmdCreateCluster(f *util.Factory, out io.Writer) *cobra.Command {
 	cmd.Flags().StringVar(&options.Project, "project", options.Project, "Project to use (must be set on GCE)")
 	cmd.Flags().StringVar(&options.GCEServiceAccount, "gce-service-account", options.GCEServiceAccount, "Service account with which the GCE VM runs. Warning: if not set, VMs will run as default compute service account.")
 
+	if featureflag.Azure.Enabled() {
+		cmd.Flags().StringVar(&options.AzureSubscriptionID, "azure-subscription-id", options.AzureSubscriptionID, "Azure subscription where a k8s cluster is created.")
+		cmd.Flags().StringVar(&options.AzureTenantID, "azure-tenant-id", options.AzureTenantID, "Azure tenant where a k8s cluster is created.")
+		cmd.Flags().StringVar(&options.AzureResourceGroupName, "azure-resource-group-name", options.AzureResourceGroupName, "Azure resource group name where a k8s cluster is created. If this is empty, kops will create a new resource group whose name is same as the cluster name. If this is not empty, kops will not create a new resource group, and it will just reuse the existing resource group of the name.")
+		cmd.Flags().StringVar(&options.AzureRouteTableName, "azure-route-table-name", options.AzureRouteTableName, "Azure route table name where a k8s cluster is created.")
+		cmd.Flags().StringVar(&options.AzureAdminUser, "azure-admin-user", options.AzureAdminUser, "Azure admin user of VM ScaleSet.")
+	}
+
 	if featureflag.Spotinst.Enabled() {
 		// Spotinst flags
 		cmd.Flags().StringVar(&options.SpotinstProduct, "spotinst-product", options.SpotinstProduct, "Set the product description (valid values: Linux/UNIX, Linux/UNIX (Amazon VPC), Windows and Windows (Amazon VPC))")

cmd/kops/delete_cluster.go

@@ -133,7 +133,7 @@ func RunDeleteCluster(ctx context.Context, f *util.Factory, out io.Writer, optio
 			}
 		}
 
-		allResources, err := resourceops.ListResources(cloud, clusterName, options.Region)
+		allResources, err := resourceops.ListResources(cloud, cluster, options.Region)
 		if err != nil {
 			return err
 		}

cmd/kops/toolbox_dump.go

@@ -130,7 +130,7 @@ func RunToolboxDump(ctx context.Context, f *util.Factory, out io.Writer, options
 	}
 
 	region := "" // Use default
-	resourceMap, err := resourceops.ListResources(cloud, options.ClusterName, region)
+	resourceMap, err := resourceops.ListResources(cloud, cluster, region)
 	if err != nil {
 		return err
 	}

docs/cli/kops_create_cluster.md

@@ -65,6 +65,7 @@ kops create cluster [flags]
 ### Options
 
 ```
+<<<<<<< HEAD
       --admin-access strings             Restrict API access to this CIDR.  If not set, access will not be restricted by IP. (default [0.0.0.0/0])
       --api-loadbalancer-type string     Sets the API loadbalancer type to either 'public' or 'internal'
       --api-ssl-certificate string       Currently only supported in AWS. Sets the ARN of the SSL Certificate to use for the API server loadbalancer.
@@ -120,6 +121,67 @@ kops create cluster [flags]
       --vpc string                       Set to use a shared VPC
   -y, --yes                              Specify --yes to immediately create the cluster
       --zones strings                    Zones in which to run the cluster
+=======
+      --admin-access strings               Restrict API access to this CIDR.  If not set, access will not be restricted by IP. (default [0.0.0.0/0])
+      --api-loadbalancer-type string       Sets the API loadbalancer type to either 'public' or 'internal'
+      --api-ssl-certificate string         Currently only supported in AWS. Sets the ARN of the SSL Certificate to use for the API server loadbalancer.
+      --associate-public-ip                Specify --associate-public-ip=[true|false] to enable/disable association of public IP for master ASG and nodes. Default is 'true'.
+      --authorization string               Authorization mode to use: AlwaysAllow or RBAC (default "RBAC")
+      --azure-admin-user string            Azure admin user of VM ScaleSet.
+      --azure-resource-group-name string   Azure resource group name where a k8s cluster is created. If this is empty, kops will create a new resource group whose name is same as the cluster name. If this is not empty, kops will not create a new resource group, and it will just reuse the existing resource group of the name.
+      --azure-route-table-name string      Azure route table name where a k8s cluster is created.
+      --azure-subscription-id string       Azure subscription where a k8s cluster is created.
+      --azure-tenant-id string             Azure tenant where a k8s cluster is created.
+      --bastion                            Pass the --bastion flag to enable a bastion instance group. Only applies to private topology.
+      --channel string                     Channel for default versions and configuration to use (default "stable")
+      --cloud string                       Cloud provider to use - gce, aws, vsphere, openstack
+      --cloud-labels string                A list of KV pairs used to tag all instance groups in AWS (e.g. "Owner=John Doe,Team=Some Team").
+      --container-runtime string           Container runtime to use: containerd, docker (default "docker")
+      --disable-subnet-tags                Set to disable automatic subnet tagging
+      --dns string                         DNS hosted zone to use: public|private. (default "Public")
+      --dns-zone string                    DNS hosted zone to use (defaults to longest matching zone)
+      --dry-run                            If true, only print the object that would be sent, without sending it. This flag can be used to create a cluster YAML or JSON manifest.
+      --encrypt-etcd-storage               Generate key in aws kms and use it for encrypt etcd volumes
+      --etcd-storage-type string           The default storage type for etc members
+      --gce-service-account string         Service account with which the GCE VM runs. Warning: if not set, VMs will run as default compute service account.
+  -h, --help                               help for cluster
+      --image string                       Image to use for all instances.
+      --kubernetes-version string          Version of kubernetes to run (defaults to version in channel)
+      --master-count int32                 Set the number of masters.  Defaults to one master per master-zone
+      --master-public-name string          Sets the public master public name
+      --master-security-groups strings     Add precreated additional security groups to masters.
+      --master-size string                 Set instance size for masters
+      --master-tenancy string              The tenancy of the master group on AWS. Can either be default or dedicated.
+      --master-volume-size int32           Set instance volume size (in GB) for masters
+      --master-zones strings               Zones in which to run masters (must be an odd number)
+      --model string                       Models to apply (separate multiple models with commas) (default "proto,cloudup")
+      --network-cidr string                Set to override the default network CIDR
+      --networking string                  Networking mode to use.  kubenet (default), classic, external, kopeio-vxlan (or kopeio), weave, flannel-vxlan (or flannel), flannel-udp, calico, canal, kube-router, romana, amazon-vpc-routed-eni, cilium, cni. (default "kubenet")
+      --node-count int32                   Set the number of nodes
+      --node-security-groups strings       Add precreated additional security groups to nodes.
+      --node-size string                   Set instance size for nodes
+      --node-tenancy string                The tenancy of the node group on AWS. Can be either default or dedicated.
+      --node-volume-size int32             Set instance volume size (in GB) for nodes
+      --os-dns-servers string              comma separated list of DNS Servers which is used in network
+      --os-ext-net string                  The name of the external network to use with the openstack router
+      --os-ext-subnet string               The name of the external floating subnet to use with the openstack router
+      --os-kubelet-ignore-az               If true kubernetes may attach volumes across availability zones
+      --os-lb-floating-subnet string       The name of the external subnet to use with the kubernetes api
+      --os-network string                  The ID of the existing OpenStack network to use
+      --os-octavia                         If true octavia loadbalancer api will be used
+      --out string                         Path to write any local output
+  -o, --output string                      Output format. One of json|yaml. Used with the --dry-run flag.
+      --project string                     Project to use (must be set on GCE)
+      --ssh-access strings                 Restrict SSH access to this CIDR.  If not set, access will not be restricted by IP. (default [0.0.0.0/0])
+      --ssh-public-key string              SSH public key to use (defaults to ~/.ssh/id_rsa.pub on AWS)
+      --subnets strings                    Set to use shared subnets
+      --target string                      Valid targets: direct, terraform, cloudformation. Set this flag to terraform if you want kops to generate terraform (default "direct")
+  -t, --topology string                    Controls network topology for the cluster: public|private. (default "public")
+      --utility-subnets strings            Set to use shared utility subnets
+      --vpc string                         Set to use a shared VPC
+  -y, --yes                                Specify --yes to immediately create the cluster
+      --zones strings                      Zones in which to run the cluster
+>>>>>>> 3dd5c9ca14... Add Azure support
 ```
 
 ### Options inherited from parent commands

go.mod

@@ -50,6 +50,12 @@ replace github.com/gophercloud/gophercloud => github.com/gophercloud/gophercloud
 
 require (
 	cloud.google.com/go v0.51.0
+	github.com/Azure/azure-pipeline-go v0.2.3
+	github.com/Azure/azure-sdk-for-go v47.1.0+incompatible
+	github.com/Azure/azure-storage-blob-go v0.10.0
+	github.com/Azure/go-autorest/autorest v0.11.9
+	github.com/Azure/go-autorest/autorest/azure/auth v0.5.3
+	github.com/Azure/go-autorest/autorest/to v0.2.0
 	github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd
 	github.com/Masterminds/semver v1.3.1 // indirect
 	github.com/Masterminds/sprig v2.17.1+incompatible
@@ -98,7 +104,7 @@ require (
 	github.com/weaveworks/mesh v0.0.0-20170419100114-1f158d31de55
 	github.com/zclconf/go-cty v1.3.1
 	go.uber.org/zap v1.10.0
-	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
+	golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0
 	golang.org/x/net v0.0.0-20200707034311-ab3426394381
 	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
 	golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4
@@ -116,6 +122,7 @@ require (
 	k8s.io/component-base v0.19.0
 	k8s.io/gengo v0.0.0-20200710205751-c0d492a0f3ca
 	k8s.io/helm v2.9.0+incompatible
+	k8s.io/klog v1.0.0
 	k8s.io/klog/v2 v2.3.0
 	k8s.io/kubectl v0.0.0
 	k8s.io/legacy-cloud-providers v0.0.0