Change hosted azure template to include control plane subnet

k0rdent · Dec 2, 2024 · a8e07a1 · a8e07a1
1 parent fe0a5e9
commit a8e07a1
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 25 deletions.
diff --git a/templates/cluster/azure-hosted-cp/templates/azurecluster.yaml b/templates/cluster/azure-hosted-cp/templates/azurecluster.yaml
@@ -18,11 +18,17 @@ spec:
     subnets:
       - name: {{ .Values.network.nodeSubnetName }}
         # TODO this is just a test, if this works we need to consider changing this to be able to specify multiple subnets
-        role: cluster
+        role: node
         routeTable:
-          name: {{ .Values.network.routeTableName }}
+          name: {{ .Values.network.nodeRouteTableName }}
         securityGroup:
-          name: {{ .Values.network.securityGroupName }}
+          name: {{ .Values.network.nodeSecurityGroupName }}
+      - name: {{ .Values.network.cpSubnetName }}
+        role: control-plane
+        routeTable:
+          name: {{ .Values.network.cpRouteTableName }}
+        securityGroup:
+          name: {{ .Values.network.cpSecurityGroupName }}
   location: {{ .Values.location }}
   {{- if .Values.bastion.enabled }}
   {{- with .Values.bastion.bastionSpec }}

diff --git a/templates/cluster/azure-hosted-cp/values.schema.json b/templates/cluster/azure-hosted-cp/values.schema.json
@@ -101,7 +101,10 @@
         "vnetName",
         "nodeSubnetName",
         "routeTableName",
-        "securityGroupName"
+        "securityGroupName",
+        "cpSubnetName",
+        "cpRouteTableName",
+        "cpSecurityGroupName"
       ],
       "properties": {
         "vnetName": {

diff --git a/templates/cluster/azure-hosted-cp/values.yaml b/templates/cluster/azure-hosted-cp/values.yaml
@@ -24,8 +24,11 @@ resourceGroup: ""
 network:
   vnetName: ""
   nodeSubnetName: ""
-  routeTableName: ""
-  securityGroupName: ""
+  nodeRouteTableName: ""
+  nodeSecurityGroupName: ""
+  cpSubnetName: ""
+  cpRouteTableName: ""
+  cpSecurityGroupName: ""
 # Azure machines parameters
 
 sshPublicKey: ""

diff --git a/test/e2e/managedcluster/azure/azure.go b/test/e2e/managedcluster/azure/azure.go
@@ -87,26 +87,27 @@ func SetAzureEnvironmentVariables(clusterName string, kc *kubeclient.KubeClient)
 		Expect(exists).To(BeTrue())
 		routeTableName := routeTable["name"]
 
-		if routeTableName != nil && len(fmt.Sprintf("%s", routeTableName)) > 0 {
-			subnetMap = sMap
-			break
-		}
-	}
+		subnetName := sMap["name"]
 
-	subnetName := subnetMap["name"]
-	GinkgoT().Setenv("AZURE_NODE_SUBNET", fmt.Sprintf("%s", subnetName))
+		securityGroup, found, err := unstructured.NestedMap(subnetMap, "securityGroup")
+		Expect(err).NotTo(HaveOccurred())
+		Expect(found).To(BeTrue())
+		securityGroupName := securityGroup["name"]
 
-	securityGroup, found, err := unstructured.NestedMap(subnetMap, "securityGroup")
-	Expect(err).NotTo(HaveOccurred())
-	Expect(found).To(BeTrue())
-	securityGroupName := securityGroup["name"]
-	GinkgoT().Setenv("AZURE_SECURITY_GROUP", fmt.Sprintf("%s", securityGroupName))
+		role, exists, err := unstructured.NestedString(sMap, "role")
+		Expect(err).NotTo(HaveOccurred())
+		Expect(exists).To(BeTrue())
 
-	routeTable, found, err := unstructured.NestedMap(subnetMap, "routeTable")
-	Expect(err).NotTo(HaveOccurred())
-	Expect(found).To(BeTrue())
-	routeTableName := routeTable["name"]
-	GinkgoT().Setenv("AZURE_ROUTE_TABLE", fmt.Sprintf("%s", routeTableName))
+		if role == "control-plane" {
+			GinkgoT().Setenv("AZURE_CP_SUBNET", fmt.Sprintf("%s", subnetName))
+			GinkgoT().Setenv("AZURE_CP_SECURITY_GROUP", fmt.Sprintf("%s", securityGroupName))
+			GinkgoT().Setenv("AZURE_CP_ROUTE_TABLE", fmt.Sprintf("%s", routeTableName))
+		} else {
+			GinkgoT().Setenv("AZURE_NODE_SUBNET", fmt.Sprintf("%s", subnetName))
+			GinkgoT().Setenv("AZURE_NODE_SECURITY_GROUP", fmt.Sprintf("%s", securityGroupName))
+			GinkgoT().Setenv("AZURE_NODE_ROUTE_TABLE", fmt.Sprintf("%s", routeTableName))
+		}
+	}
 }
 
 // CreateDefaultStorageClass configures the default storage class for Azure

diff --git a/test/e2e/managedcluster/resources/azure-hosted-cp.yaml.tpl b/test/e2e/managedcluster/resources/azure-hosted-cp.yaml.tpl
@@ -17,8 +17,11 @@ spec:
     network:
       vnetName: "${AZURE_VM_NET_NAME}"
       nodeSubnetName: "${AZURE_NODE_SUBNET}"
-      routeTableName: "${AZURE_ROUTE_TABLE}"
-      securityGroupName: "${AZURE_SECURITY_GROUP}"
+      nodeRouteTableName: "${AZURE_NODE_ROUTE_TABLE}"
+      nodeSecurityGroupName: "${AZURE_NODE_SECURITY_GROUP}"
+      cpSubnetName: "${AZURE_CP_SUBNET}"
+      cpRouteTableName: "${AZURE_CP_ROUTE_TABLE}"
+      cpSecurityGroupName: "${AZURE_CP_SECURITY_GROUP}"
     tenantID: "${AZURE_TENANT_ID}"
     clientID: "${AZURE_CLIENT_ID}"
     clientSecret: "${AZURE_CLIENT_SECRET}"