Add --vpc-cidr flag

- automate splitting of subnets - create private subnets as well as public
eksctl-io · Oct 25, 2018 · 890d766 · 890d766
1 parent c696a2a
commit 890d766
Show file tree

Hide file tree

Showing 5 changed files with 106 additions and 33 deletions.
diff --git a/pkg/cfn/builder/api_test.go b/pkg/cfn/builder/api_test.go
@@ -13,6 +13,7 @@ import (
 	. "github.com/onsi/gomega"
 	. "github.com/weaveworks/eksctl/pkg/cfn/builder"
 	"github.com/weaveworks/eksctl/pkg/cloudconfig"
+	"github.com/weaveworks/eksctl/pkg/eks"
 	"github.com/weaveworks/eksctl/pkg/eks/api"
 	"github.com/weaveworks/eksctl/pkg/nodebootstrap"
 )
@@ -100,6 +101,8 @@ var _ = Describe("CloudFormation template builder API", func() {
 		cfg.AvailabilityZones = testAZs
 		ng.InstanceType = "t2.medium"
 
+		*cfg.VPC.CIDR = api.DefaultCIDR()
+
 		return cfg
 	}
 
@@ -127,24 +130,47 @@ var _ = Describe("CloudFormation template builder API", func() {
 				Subnets: map[api.SubnetTopology]map[string]api.Network{
 					"Public": map[string]api.Network{
 						"us-west-2b": {
-							ID: "subnet-0f98135715dfcf55f",
+							//ID: "subnet-0f98135715dfcf55f",
+							CIDR: &net.IPNet{
+								IP:   []byte{192, 168, 0, 0},
+								Mask: []byte{255, 255, 224, 0},
+							},
+						},
+						"us-west-2a": {
+							//ID: "subnet-0ade11bad78dced9e",
+							CIDR: &net.IPNet{
+								IP:   []byte{192, 168, 32, 0},
+								Mask: []byte{255, 255, 224, 0},
+							},
+						},
+						"us-west-2c": {
+							//ID: "subnet-0e2e63ff1712bf6ef",
 							CIDR: &net.IPNet{
 								IP:   []byte{192, 168, 64, 0},
-								Mask: []byte{255, 255, 192, 0},
+								Mask: []byte{255, 255, 224, 0},
+							},
+						},
+					},
+					"Private": map[string]api.Network{
+						"us-west-2b": {
+							//ID: "subnet-0f98135715dfcf55f",
+							CIDR: &net.IPNet{
+								IP:   []byte{192, 168, 96, 0},
+								Mask: []byte{255, 255, 224, 0},
 							},
 						},
 						"us-west-2a": {
-							ID: "subnet-0ade11bad78dced9e",
+							//ID: "subnet-0ade11bad78dced9e",
 							CIDR: &net.IPNet{
 								IP:   []byte{192, 168, 128, 0},
-								Mask: []byte{255, 255, 192, 0},
+								Mask: []byte{255, 255, 224, 0},
 							},
 						},
 						"us-west-2c": {
-							ID: "subnet-0e2e63ff1712bf6ef",
+							//ID: "subnet-0e2e63ff1712bf6ef",
 							CIDR: &net.IPNet{
-								IP:   []byte{192, 168, 192, 0},
-								Mask: []byte{255, 255, 192, 0},
+								IP:   []byte{192, 168, 160, 0},
+								Mask: []byte{255, 255, 224, 0},
 							},
 						},
 					},
@@ -160,8 +186,11 @@ var _ = Describe("CloudFormation template builder API", func() {
 		}
 
 		initial := newClusterConfig()
-
-		initial.SetSubnets()
+		ctl := eks.New(initial)
+		It("should not error when calling SetSubnets", func() {
+			err := ctl.SetSubnets()
+			Expect(err).ShouldNot(HaveOccurred())
+		})
 
 		rs := NewClusterResourceSet(initial)
 		rs.AddAllResources()

diff --git a/pkg/cfn/builder/vpc.go b/pkg/cfn/builder/vpc.go
@@ -8,7 +8,6 @@ import (
 )
 
 func (c *ClusterResourceSet) addSubnets(refRT *gfn.Value, topology api.SubnetTopology) {
-	c.subnets = make(map[api.SubnetTopology][]*gfn.Value)
 	for az, subnet := range c.spec.VPC.Subnets[topology] {
 		alias := strings.ToUpper(strings.Join(strings.Split(az, "-"), ""))
 		refSubnet := c.newResource("Subnet"+string(topology)+alias, &gfn.AWSEC2Subnet{
@@ -32,6 +31,8 @@ func (c *ClusterResourceSet) addResourcesForVPC() {
 		EnableDnsHostnames: gfn.True(),
 	})
 
+	c.subnets = make(map[api.SubnetTopology][]*gfn.Value)
+
 	refIG := c.newResource("InternetGateway", &gfn.AWSEC2InternetGateway{})
 	c.newResource("VPCGatewayAttachment", &gfn.AWSEC2VPCGatewayAttachment{
 		InternetGatewayId: refIG,

diff --git a/pkg/ctl/create/cluster.go b/pkg/ctl/create/cluster.go
@@ -90,6 +90,8 @@ func createClusterCmd() *cobra.Command {
 
 	fs.StringVar(&kopsClusterNameForVPC, "vpc-from-kops-cluster", "", "re-use VPC from a given kops cluster")
 
+	fs.IPNetVar(cfg.VPC.CIDR, "vpc-cidr", api.DefaultCIDR(), "global CIDR to use for VPC")
+
 	return cmd
 }
 
@@ -138,7 +140,9 @@ func doCreateCluster(cfg *api.ClusterConfig, ng *api.NodeGroup, name string) err
 		if err := ctl.SetAvailabilityZones(availabilityZones); err != nil {
 			return err
 		}
-		cfg.SetSubnets()
+		if err := ctl.SetSubnets(); err != nil {
+			return err
+		}
 	}
 
 	if err := ctl.EnsureAMI(ng); err != nil {

diff --git a/pkg/eks/api/api.go b/pkg/eks/api/api.go
@@ -38,7 +38,15 @@ var SupportedRegions = []string{
 var DefaultWaitTimeout = 20 * time.Minute
 
 // DefaultNodeCount defines the default number of nodes to be created
-var DefaultNodeCount = 2
+const DefaultNodeCount = 2
+
+// DefaultCIDR returns default global CIDR for VPC
+func DefaultCIDR() net.IPNet {
+	return net.IPNet{
+		IP:   []byte{192, 168, 0, 0},
+		Mask: []byte{255, 255, 0, 0},
+	}
+}
 
 // ClusterProvider provides an interface with the needed AWS APIs
 type ClusterProvider interface {
@@ -76,29 +84,13 @@ type ClusterConfig struct {
 // it doesn't include initial nodegroup, so user must
 // call NewNodeGroup to create one
 func NewClusterConfig() *ClusterConfig {
-	return &ClusterConfig{}
-}
-
-// SetSubnets defines CIDRs for each of the subnets,
-// it must be called after SetAvailabilityZones
-func (c *ClusterConfig) SetSubnets() {
-	_, c.VPC.CIDR, _ = net.ParseCIDR("192.168.0.0/16")
-
-	c.VPC.Subnets = map[SubnetTopology]map[string]Network{
-		SubnetTopologyPublic: map[string]Network{},
+	cfg := &ClusterConfig{
+		VPC: ClusterVPC{},
 	}
 
-	zoneCIDRs := []string{
-		"192.168.64.0/18",
-		"192.168.128.0/18",
-		"192.168.192.0/18",
-	}
-	for i, zone := range c.AvailabilityZones {
-		_, zoneCIDR, _ := net.ParseCIDR(zoneCIDRs[i])
-		c.VPC.Subnets[SubnetTopologyPublic][zone] = Network{
-			CIDR: zoneCIDR,
-		}
-	}
+	cfg.VPC.CIDR = &net.IPNet{}
+
+	return cfg
 }
 
 // NewNodeGroup crears new nodegroup inside cluster config,

diff --git a/pkg/eks/vpc.go b/pkg/eks/vpc.go
@@ -0,0 +1,47 @@
+package eks
+
+import (
+	"fmt"
+
+	"github.com/kubicorn/kubicorn/pkg/logger"
+	"k8s.io/kops/pkg/util/subnet"
+
+	"github.com/weaveworks/eksctl/pkg/eks/api"
+)
+
+// SetSubnets defines CIDRs for each of the subnets,
+// it must be called after SetAvailabilityZones
+func (c *ClusterProvider) SetSubnets() error {
+	var err error
+
+	c.Spec.VPC.Subnets = map[api.SubnetTopology]map[string]api.Network{
+		api.SubnetTopologyPublic:  map[string]api.Network{},
+		api.SubnetTopologyPrivate: map[string]api.Network{},
+	}
+
+	zoneCIDRs, err := subnet.SplitInto8(c.Spec.VPC.CIDR)
+	if err != nil {
+		return err
+	}
+
+	logger.Debug("VPC CIDR (%s) was divided into 8 subnets %v", c.Spec.VPC.CIDR.String(), zoneCIDRs)
+
+	zonesTotal := len(c.Spec.AvailabilityZones)
+	if 2*zonesTotal > len(zoneCIDRs) {
+		return fmt.Errorf("insuffience number of subnets (have %d, but need %d) for %d availability zones", len(zoneCIDRs), 2*zonesTotal, zonesTotal)
+	}
+
+	for i, zone := range c.Spec.AvailabilityZones {
+		public := zoneCIDRs[i]
+		private := zoneCIDRs[i+zonesTotal]
+		c.Spec.VPC.Subnets[api.SubnetTopologyPublic][zone] = api.Network{
+			CIDR: public,
+		}
+		c.Spec.VPC.Subnets[api.SubnetTopologyPrivate][zone] = api.Network{
+			CIDR: private,
+		}
+		logger.Info("subnets for %s - public:%s private:%s", zone, public.String(), private.String())
+	}
+
+	return nil
+}