Skip to content

Commit

Permalink
terraform: always output node cidr (#2481)
Browse files Browse the repository at this point in the history
* terraform: always output node cidr
  • Loading branch information
3u13r authored Oct 23, 2023
1 parent 5d640ff commit e053d1f
Show file tree
Hide file tree
Showing 13 changed files with 74 additions and 46 deletions.
5 changes: 2 additions & 3 deletions cli/internal/helm/loader_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,8 @@ func TestLoadReleases(t *testing.T) {
state.New().
SetInfrastructure(state.Infrastructure{
GCP: &state.GCP{
ProjectID: "test-project-id",
IPCidrNode: "test-node-cidr",
IPCidrPod: "test-pod-cidr",
ProjectID: "test-project-id",
IPCidrPod: "test-pod-cidr",
},
}).
SetClusterValues(state.ClusterValues{MeasurementSalt: []byte{0x41}}),
Expand Down
6 changes: 3 additions & 3 deletions cli/internal/state/state.go
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,9 @@ type Infrastructure struct {
// Name used in the cluster's named resources.
Name string `yaml:"name"`
// description: |
// CIDR range of the cluster's nodes.
IPCidrNode string `yaml:"ipCidrNode"`
// description: |
// Values specific to a Constellation cluster running on Azure.
Azure *Azure `yaml:"azure,omitempty"`
// description: |
Expand All @@ -119,9 +122,6 @@ type GCP struct {
// Project ID of the GCP project the cluster is running in.
ProjectID string `yaml:"projectID"`
// description: |
// CIDR range of the cluster's nodes.
IPCidrNode string `yaml:"ipCidrNode"`
// description: |
// CIDR range of the cluster's pods.
IPCidrPod string `yaml:"ipCidrPod"`
}
Expand Down
36 changes: 18 additions & 18 deletions cli/internal/state/state_doc.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions cli/internal/state/state_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ func defaultState() *State {
"api-server-cert-san-test",
"api-server-cert-san-test-2",
},
IPCidrNode: "test-cidr-node",
Azure: &Azure{
ResourceGroup: "test-rg",
SubscriptionID: "test-sub",
Expand All @@ -38,9 +39,8 @@ func defaultState() *State {
AttestationURL: "test-maaUrl",
},
GCP: &GCP{
ProjectID: "test-project",
IPCidrNode: "test-cidr-node",
IPCidrPod: "test-cidr-pod",
ProjectID: "test-project",
IPCidrPod: "test-cidr-pod",
},
},
ClusterValues: ClusterValues{
Expand Down
24 changes: 12 additions & 12 deletions cli/internal/terraform/terraform.go
Original file line number Diff line number Diff line change
Expand Up @@ -239,13 +239,23 @@ func (c *Client) ShowInfrastructure(ctx context.Context, provider cloudprovider.
return state.Infrastructure{}, errors.New("invalid type in name output: not a string")
}

cidrNodesOutput, ok := tfState.Values.Outputs["ip_cidr_nodes"]
if !ok {
return state.Infrastructure{}, errors.New("no ip_cidr_nodes output found")
}
cidrNodes, ok := cidrNodesOutput.Value.(string)
if !ok {
return state.Infrastructure{}, errors.New("invalid type in ip_cidr_nodes output: not a string")
}

res := state.Infrastructure{
ClusterEndpoint: outOfClusterEndpoint,
InClusterEndpoint: inClusterEndpoint,
APIServerCertSANs: apiServerCertSANs,
InitSecret: []byte(secret),
UID: uid,
Name: name,
IPCidrNode: cidrNodes,
}

switch provider {
Expand All @@ -259,15 +269,6 @@ func (c *Client) ShowInfrastructure(ctx context.Context, provider cloudprovider.
return state.Infrastructure{}, errors.New("invalid type in project output: not a string")
}

cidrNodesOutput, ok := tfState.Values.Outputs["ip_cidr_nodes"]
if !ok {
return state.Infrastructure{}, errors.New("no ip_cidr_nodes output found")
}
cidrNodes, ok := cidrNodesOutput.Value.(string)
if !ok {
return state.Infrastructure{}, errors.New("invalid type in ip_cidr_nodes output: not a string")
}

cidrPodsOutput, ok := tfState.Values.Outputs["ip_cidr_pods"]
if !ok {
return state.Infrastructure{}, errors.New("no ip_cidr_pods output found")
Expand All @@ -278,9 +279,8 @@ func (c *Client) ShowInfrastructure(ctx context.Context, provider cloudprovider.
}

res.GCP = &state.GCP{
ProjectID: gcpProject,
IPCidrNode: cidrNodes,
IPCidrPod: cidrPods,
ProjectID: gcpProject,
IPCidrPod: cidrPods,
}
case cloudprovider.Azure:
attestationURLOutput, ok := tfState.Values.Outputs["attestationURL"]
Expand Down
11 changes: 6 additions & 5 deletions cli/internal/terraform/terraform/aws/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,11 @@ provider "aws" {
}

locals {
uid = random_id.uid.hex
name = "${var.name}-${local.uid}"
initSecretHash = random_password.initSecret.bcrypt_hash
ports_node_range = "30000-32767"
uid = random_id.uid.hex
name = "${var.name}-${local.uid}"
initSecretHash = random_password.initSecret.bcrypt_hash
cidr_vpc_subnet_nodes = "192.168.176.0/20"
ports_node_range = "30000-32767"
load_balancer_ports = flatten([
{ name = "kubernetes", port = "6443", health_check = "HTTPS" },
{ name = "bootstrapper", port = "9000", health_check = "TCP" },
Expand Down Expand Up @@ -75,7 +76,7 @@ module "public_private_subnet" {
source = "./modules/public_private_subnet"
name = local.name
vpc_id = aws_vpc.vpc.id
cidr_vpc_subnet_nodes = "192.168.176.0/20"
cidr_vpc_subnet_nodes = local.cidr_vpc_subnet_nodes
cidr_vpc_subnet_internet = "192.168.0.0/20"
zone = var.zone
zones = local.zones
Expand Down
4 changes: 4 additions & 0 deletions cli/internal/terraform/terraform/aws/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -31,3 +31,7 @@ output "initSecret" {
output "name" {
value = local.name
}

output "ip_cidr_nodes" {
value = local.cidr_vpc_subnet_nodes
}
1 change: 0 additions & 1 deletion cli/internal/terraform/terraform/azure/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ locals {
}
ports_node_range = "30000-32767"
cidr_vpc_subnet_nodes = "192.168.178.0/24"
cidr_vpc_subnet_pods = "10.10.0.0/16"
ports = flatten([
{ name = "kubernetes", port = "6443", health_check_protocol = "Https", path = "/readyz", priority = 100 },
{ name = "bootstrapper", port = "9000", health_check_protocol = "Tcp", path = null, priority = 101 },
Expand Down
4 changes: 4 additions & 0 deletions cli/internal/terraform/terraform/azure/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -58,3 +58,7 @@ output "subscription_id" {
output "name" {
value = local.name
}

output "ip_cidr_nodes" {
value = local.cidr_vpc_subnet_nodes
}
4 changes: 4 additions & 0 deletions cli/internal/terraform/terraform/openstack/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,7 @@ output "initSecret" {
output "name" {
value = local.name
}

output "ip_cidr_nodes" {
value = local.cidr_vpc_subnet_nodes
}
8 changes: 7 additions & 1 deletion cli/internal/terraform/terraform/qemu/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,12 @@ provider "docker" {
host = "unix:///var/run/docker.sock"
}

locals {
cidr_vpc_subnet_nodes = "10.42.0.0/22"
cidr_vpc_subnet_control_planes = "10.42.1.0/24"
cidr_vpc_subnet_worker = "10.42.2.0/24"
}

resource "random_password" "initSecret" {
length = 32
special = true
Expand Down Expand Up @@ -61,7 +67,7 @@ module "node_group" {
vcpus = each.value.vcpus
memory = each.value.memory
machine = var.machine
cidr = each.value.role == "control-plane" ? "10.42.1.0/24" : "10.42.2.0/24"
cidr = each.value.role == "control-plane" ? local.cidr_vpc_subnet_control_planes : local.cidr_vpc_subnet_worker
network_id = libvirt_network.constellation.id
pool = libvirt_pool.cluster.name
boot_mode = var.constellation_boot_mode
Expand Down
4 changes: 4 additions & 0 deletions cli/internal/terraform/terraform/qemu/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -46,3 +46,7 @@ output "validate_constellation_cmdline" {
output "name" {
value = "${var.name}-qemu" // placeholder, as per "uid" output
}

output "ip_cidr_nodes" {
value = local.cidr_vpc_subnet_nodes
}
7 changes: 7 additions & 0 deletions cli/internal/terraform/terraform_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -230,6 +230,9 @@ func TestCreateCluster(t *testing.T) {
"name": {
Value: "constell-12345abc",
},
"ip_cidr_nodes": {
Value: "192.0.2.103/32",
},
},
},
}
Expand Down Expand Up @@ -275,6 +278,9 @@ func TestCreateCluster(t *testing.T) {
"name": {
Value: "constell-12345abc",
},
"ip_cidr_nodes": {
Value: "192.0.2.103/32",
},
},
},
}
Expand Down Expand Up @@ -487,6 +493,7 @@ func TestCreateCluster(t *testing.T) {
assert.Equal(state.HexBytes("initSecret"), infraState.InitSecret)
assert.Equal("12345abc", infraState.UID)
assert.Equal("192.0.2.101", infraState.InClusterEndpoint)
assert.Equal("192.0.2.103/32", infraState.IPCidrNode)
if tc.provider == cloudprovider.Azure {
assert.Equal(tc.expectedAttestationURL, infraState.Azure.AttestationURL)
}
Expand Down

0 comments on commit e053d1f

Please sign in to comment.