Skip to content

Commit

Permalink
Merge pull request kubernetes-sigs#539 from nilo19/feat/vmset-mask
Browse files Browse the repository at this point in the history 
feat: implement cloud cidr allocator for VMSS
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Mar 10, 2021
2 parents 65c753b + e4624f4 commit f8b6aaf
Show file tree
Hide file tree
Showing 57 changed files with 2,017 additions and 943 deletions.
6 changes: 3 additions & 3 deletions cmd/cloud-controller-manager/app/core.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ import (
netutils "k8s.io/utils/net"

cloudcontrollerconfig "sigs.k8s.io/cloud-provider-azure/cmd/cloud-controller-manager/app/config"
cloudcontrolleroptions "sigs.k8s.io/cloud-provider-azure/cmd/cloud-controller-manager/app/options"
"sigs.k8s.io/cloud-provider-azure/pkg/consts"
nodeipamcontroller "sigs.k8s.io/cloud-provider-azure/pkg/nodeipam"
nodeipamconfig "sigs.k8s.io/cloud-provider-azure/pkg/nodeipam/config"
"sigs.k8s.io/cloud-provider-azure/pkg/nodeipam/ipam"
Expand Down Expand Up @@ -257,7 +257,7 @@ func startNodeIpamController(ctx *cloudcontrollerconfig.CompletedConfig, cloud c
// setNodeCIDRMaskSizes returns the IPv4 and IPv6 node cidr mask sizes.
// If --node-cidr-mask-size not set, then it will return default IPv4 and IPv6 cidr mask sizes.
func setNodeCIDRMaskSizes(cfg nodeipamconfig.NodeIPAMControllerConfiguration) (int, int, error) {
ipv4Mask, ipv6Mask := cloudcontrolleroptions.DefaultNodeMaskCIDRIPv4, cloudcontrolleroptions.DefaultNodeMaskCIDRIPv6
ipv4Mask, ipv6Mask := consts.DefaultNodeMaskCIDRIPv4, consts.DefaultNodeMaskCIDRIPv6
// NodeCIDRMaskSizeIPv4 and NodeCIDRMaskSizeIPv6 can be used only for dual-stack clusters
if cfg.NodeCIDRMaskSizeIPv4 != 0 || cfg.NodeCIDRMaskSizeIPv6 != 0 {
return ipv4Mask, ipv6Mask, errors.New("usage of --node-cidr-mask-size-ipv4 and --node-cidr-mask-size-ipv6 are not allowed with non dual-stack clusters")
Expand All @@ -273,7 +273,7 @@ func setNodeCIDRMaskSizes(cfg nodeipamconfig.NodeIPAMControllerConfiguration) (i
// for --node-cidr-mask-size-ipv4 and --node-cidr-mask-size-ipv6 respectively. If value not provided,
// then it will return default IPv4 and IPv6 cidr mask sizes.
func setNodeCIDRMaskSizesDualStack(cfg nodeipamconfig.NodeIPAMControllerConfiguration) (int, int, error) {
ipv4Mask, ipv6Mask := cloudcontrolleroptions.DefaultNodeMaskCIDRIPv4, cloudcontrolleroptions.DefaultNodeMaskCIDRIPv6
ipv4Mask, ipv6Mask := consts.DefaultNodeMaskCIDRIPv4, consts.DefaultNodeMaskCIDRIPv6
// NodeCIDRMaskSize can be used only for single stack clusters
if cfg.NodeCIDRMaskSize != 0 {
return ipv4Mask, ipv6Mask, errors.New("usage of --node-cidr-mask-size is not allowed with dual-stack clusters")
Expand Down
14 changes: 3 additions & 11 deletions cmd/cloud-controller-manager/app/options/nodeipamcontroller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,10 @@ import (

"github.com/spf13/pflag"

"sigs.k8s.io/cloud-provider-azure/pkg/consts"
nodeipamconfig "sigs.k8s.io/cloud-provider-azure/pkg/nodeipam/config"
)

const (
// DefaultNodeMaskCIDRIPv4 is default mask size for IPv4 node cidr
DefaultNodeMaskCIDRIPv4 = 24
// DefaultNodeMaskCIDRIPv6 is default mask size for IPv6 node cidr
DefaultNodeMaskCIDRIPv6 = 64
// DefaultNodeCIDRMaskSize is the default mask size for node cidr
DefaultNodeCIDRMaskSize = 24
)

// NodeIPAMControllerOptions holds the NodeIpamController options.
type NodeIPAMControllerOptions struct {
*nodeipamconfig.NodeIPAMControllerConfiguration
Expand All @@ -45,7 +37,7 @@ func (o *NodeIPAMControllerOptions) AddFlags(fs *pflag.FlagSet) {
return
}
fs.StringVar(&o.ServiceCIDR, "service-cluster-ip-range", "", "CIDR Range for Services in cluster. Requires --allocate-node-cidrs to be true")
fs.Int32Var(&o.NodeCIDRMaskSize, "node-cidr-mask-size", DefaultNodeCIDRMaskSize, "Mask size for node cidr in cluster. Default is 24 for IPv4 and 64 for IPv6.")
fs.Int32Var(&o.NodeCIDRMaskSize, "node-cidr-mask-size", consts.DefaultNodeCIDRMaskSize, "Mask size for node cidr in cluster. Default is 24 for IPv4 and 64 for IPv6.")
fs.Int32Var(&o.NodeCIDRMaskSizeIPv4, "node-cidr-mask-size-ipv4", 0, "Mask size for IPv4 node cidr in dual-stack cluster. Default is 24.")
fs.Int32Var(&o.NodeCIDRMaskSizeIPv6, "node-cidr-mask-size-ipv6", 0, "Mask size for IPv6 node cidr in dual-stack cluster. Default is 64.")
}
Expand Down Expand Up @@ -91,7 +83,7 @@ func defaultNodeIPAMControllerOptions() *NodeIPAMControllerOptions {
return &NodeIPAMControllerOptions{
&nodeipamconfig.NodeIPAMControllerConfiguration{
ServiceCIDR: "",
NodeCIDRMaskSize: DefaultNodeCIDRMaskSize,
NodeCIDRMaskSize: consts.DefaultNodeCIDRMaskSize,
NodeCIDRMaskSizeIPv4: 0,
NodeCIDRMaskSizeIPv6: 0,
},
Expand Down
4 changes: 2 additions & 2 deletions cmd/cloud-controller-manager/app/options/options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ import (
"k8s.io/klog"

cloudcontrollerconfig "sigs.k8s.io/cloud-provider-azure/cmd/cloud-controller-manager/app/config"
azureprovider "sigs.k8s.io/cloud-provider-azure/pkg/provider"
"sigs.k8s.io/cloud-provider-azure/pkg/consts"

// add the kubernetes feature gates
_ "k8s.io/kubernetes/pkg/features"
Expand Down Expand Up @@ -112,7 +112,7 @@ func NewCloudControllerManagerOptions() (*CloudControllerManagerOptions, error)
s.Authorization.AlwaysAllowPaths = []string{"/healthz"}

// Set cloud provider name to Azure.
s.KubeCloudShared.CloudProvider.Name = azureprovider.CloudProviderName
s.KubeCloudShared.CloudProvider.Name = consts.CloudProviderName

// Set the PairName but leave certificate directory blank to generate in-memory by default
s.SecureServing.ServerCert.CertDirectory = ""
Expand Down
5 changes: 3 additions & 2 deletions cmd/cloud-controller-manager/app/options/options_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ import (
componentbaseconfig "k8s.io/component-base/config"
kubectrlmgrconfig "k8s.io/controller-manager/config"
cmoptions "k8s.io/controller-manager/options"
"sigs.k8s.io/cloud-provider-azure/pkg/consts"
"sigs.k8s.io/cloud-provider-azure/pkg/nodeipam/config"
)

Expand Down Expand Up @@ -94,7 +95,7 @@ func TestDefaultFlags(t *testing.T) {
},
NodeIPAMController: &NodeIPAMControllerOptions{
NodeIPAMControllerConfiguration: &config.NodeIPAMControllerConfiguration{
NodeCIDRMaskSize: DefaultNodeCIDRMaskSize,
NodeCIDRMaskSize: consts.DefaultNodeCIDRMaskSize,
},
},
SecureServing: (&apiserveroptions.SecureServingOptions{
Expand Down Expand Up @@ -237,7 +238,7 @@ func TestAddFlags(t *testing.T) {
},
NodeIPAMController: &NodeIPAMControllerOptions{
NodeIPAMControllerConfiguration: &config.NodeIPAMControllerConfiguration{
NodeCIDRMaskSize: DefaultNodeCIDRMaskSize,
NodeCIDRMaskSize: consts.DefaultNodeCIDRMaskSize,
},
},
SecureServing: (&apiserveroptions.SecureServingOptions{
Expand Down
14 changes: 6 additions & 8 deletions pkg/auth/azure_auth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,12 @@ import (

"github.com/Azure/go-autorest/autorest/adal"
"github.com/Azure/go-autorest/autorest/azure"

"golang.org/x/crypto/pkcs12"

"k8s.io/klog/v2"
)

const (
// ADFSIdentitySystem is the override value for tenantID on Azure Stack clouds.
ADFSIdentitySystem = "adfs"
"sigs.k8s.io/cloud-provider-azure/pkg/consts"
)

var (
Expand Down Expand Up @@ -84,8 +82,8 @@ type AzureAuthConfig struct {
// For tokens for VM/VMSS and network resource ones, please check GetMultiTenantServicePrincipalToken and GetNetworkResourceServicePrincipalToken.
func GetServicePrincipalToken(config *AzureAuthConfig, env *azure.Environment) (*adal.ServicePrincipalToken, error) {
var tenantID string
if strings.EqualFold(config.IdentitySystem, ADFSIdentitySystem) {
tenantID = ADFSIdentitySystem
if strings.EqualFold(config.IdentitySystem, consts.ADFSIdentitySystem) {
tenantID = consts.ADFSIdentitySystem
} else {
tenantID = config.TenantID
}
Expand Down Expand Up @@ -266,7 +264,7 @@ func azureStackOverrides(env *azure.Environment, resourceManagerEndpoint, identi
env.ServiceManagementEndpoint = env.TokenAudience
env.ResourceManagerVMDNSSuffix = strings.Replace(resourceManagerEndpoint, "https://management.", "cloudapp.", -1)
env.ResourceManagerVMDNSSuffix = strings.TrimSuffix(env.ResourceManagerVMDNSSuffix, "/")
if strings.EqualFold(identitySystem, ADFSIdentitySystem) {
if strings.EqualFold(identitySystem, consts.ADFSIdentitySystem) {
env.ActiveDirectoryEndpoint = strings.TrimSuffix(env.ActiveDirectoryEndpoint, "/")
env.ActiveDirectoryEndpoint = strings.TrimSuffix(env.ActiveDirectoryEndpoint, "adfs")
}
Expand All @@ -278,7 +276,7 @@ func (config *AzureAuthConfig) checkConfigWhenNetworkResourceInDifferentTenant()
return fmt.Errorf("NetworkResourceTenantID and NetworkResourceSubscriptionID must be configured")
}

if strings.EqualFold(config.IdentitySystem, ADFSIdentitySystem) {
if strings.EqualFold(config.IdentitySystem, consts.ADFSIdentitySystem) {
return fmt.Errorf("ADFS identity system is not supported")
}

Expand Down
4 changes: 3 additions & 1 deletion pkg/auth/azure_auth_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ import (
"github.com/Azure/go-autorest/autorest/adal"
"github.com/Azure/go-autorest/autorest/azure"
"github.com/stretchr/testify/assert"

"sigs.k8s.io/cloud-provider-azure/pkg/consts"
)

var (
Expand All @@ -37,7 +39,7 @@ var (
AADClientSecret: "AADClientSecret",
NetworkResourceTenantID: "NetworkResourceTenantID",
NetworkResourceSubscriptionID: "NetworkResourceSubscriptionID",
IdentitySystem: ADFSIdentitySystem,
IdentitySystem: consts.ADFSIdentitySystem,
},
{
TenantID: "TenantID",
Expand Down
3 changes: 2 additions & 1 deletion pkg/azureclients/armclient/azure_armclient_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ import (
"github.com/Azure/go-autorest/autorest"
"github.com/stretchr/testify/assert"

"sigs.k8s.io/cloud-provider-azure/pkg/consts"
"sigs.k8s.io/cloud-provider-azure/pkg/retry"
)

Expand Down Expand Up @@ -118,7 +119,7 @@ func TestSendFailure(t *testing.T) {
func TestSendThrottled(t *testing.T) {
count := 0
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set(retry.RetryAfterHeaderKey, "30")
w.Header().Set(consts.RetryAfterHeaderKey, "30")
http.Error(w, "failed", http.StatusTooManyRequests)
count++
}))
Expand Down
Loading

0 comments on commit f8b6aaf

Please sign in to comment.