From 6fefd74286d9ce3961658d2ae2e310f0ac4ebd8c Mon Sep 17 00:00:00 2001 From: Andreas Sommer Date: Wed, 6 Dec 2023 22:26:38 +0100 Subject: [PATCH] Fill `AWSCluster.spec.network.subnets[*].id` field for managed subnets for compatibility with CAPA v2.3.0 (#439) --- CHANGELOG.md | 6 ++- README.md | 41 ++++++++++++--------- helm/cluster-aws/templates/_aws_cluster.tpl | 8 +++- helm/cluster-aws/values.schema.json | 4 ++ 4 files changed, 38 insertions(+), 21 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2dfa07c1..6ebdf468 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Changed + +- Fill `AWSCluster.spec.network.subnets[*].id` field for managed subnets for compatibility with CAPA v2.3.0 + ## [0.50.0] - 2023-12-04
@@ -56,7 +60,7 @@ yq eval --inplace 'with(select(.metadata != null); .global.metadata = .metada with(select(.controlPlane != null); .global.controlPlane = .controlPlane) | with(select(.nodePools != null); .global.nodePools = .nodePools) | with(select(.managementCluster != null); .global.managementCluster = .managementCluster ) | - + with(select(.providerSpecific != null); .global.providerSpecific = .providerSpecific) | with(select(.baseDomain != null); .global.connectivity.baseDomain = .baseDomain) | diff --git a/README.md b/README.md index 1bcab632..6d198a86 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,8 @@ connectivity: vpcCidr: 10.0.0.0/16 subnets: # Control plane nodes subnets - - cidrBlocks: + - id: control-plane-nodes + cidrBlocks: - cidr: 10.0.32.0/19 availabilityZone: a - cidr: 10.0.64.0/19 @@ -30,7 +31,8 @@ connectivity: tags: subnet.giantswarm.io/role: control-plane # Worker nodes subnets - - cidrBlocks: + - id: worker-nodes + cidrBlocks: - cidr: 10.0.128.0/19 availabilityZone: a - cidr: 10.0.160.0/19 @@ -41,7 +43,8 @@ connectivity: tags: subnet.giantswarm.io/role: workers # Bastion nodes subnets - - cidrBlocks: + - id: bastion-nodes + cidrBlocks: - cidr: 10.0.0.0/24 availabilityZone: a - cidr: 10.0.1.0/24 @@ -52,7 +55,8 @@ connectivity: tags: subnet.giantswarm.io/role: bastion # Ingress load balancer subnets - - cidrBlocks: + - id: load-balancer + cidrBlocks: - cidr: 10.0.3.0/24 availabilityZone: a tags: @@ -73,19 +77,20 @@ connectivity: The desired subnet can then be targetted by using the `subnetTags` value to set the AWS tags to match on. For example: ```yaml +global: + connectivity: + bastion: + subnetTags: + - subnet.giantswarm.io/role: bastion -bastion: - subnetTags: - - subnet.giantswarm.io/role: bastion - -controlPlane: - subnetTags: - - subnet.giantswarm.io/role: control-plane - -machinePools: - def00: + controlPlane: subnetTags: - - subnet.giantswarm.io/role: workers + - subnet.giantswarm.io/role: control-plane + + nodePools: + def00: + subnetTags: + - subnet.giantswarm.io/role: workers ``` ### API-server ELB subnets @@ -146,7 +151,7 @@ If the `subnet.giantswarm.io/tgw-attachments: "true"` tag isn't found on any sub ## Maintaining `values.schema.json` and `values.yaml` -**tldr**: +**tldr**: We only maintain `values.schema.json` and automatically generate `values.yaml` from it. ``` make normalize-schema @@ -163,7 +168,7 @@ To succesfully do this, we have some requirements on the `values.schema.json`, w These requirements can be checked with [schemalint](https://github.com/giantswarm/schemalint). `schemalint` does a couple of things: -- Normalize JSON schema (indentation, white space, sorting) +- Normalize JSON schema (indentation, white space, sorting) - Validate whether your schema is valid JSON schema - Validate whether the requirements for cluster app schemas are met - Check whether schema is normalized @@ -178,7 +183,7 @@ make validate-schema ``` The JSON schema in `values.schema.json` should contain defaults defined with the `default` keyword. -These defaults should be same as those defined in `values.yaml`. +These defaults should be same as those defined in `values.yaml`. This allows us to generate `values.yaml` from `values.schema.json` with: ``` diff --git a/helm/cluster-aws/templates/_aws_cluster.tpl b/helm/cluster-aws/templates/_aws_cluster.tpl index cb60f265..32ba3b9a 100644 --- a/helm/cluster-aws/templates/_aws_cluster.tpl +++ b/helm/cluster-aws/templates/_aws_cluster.tpl @@ -72,19 +72,23 @@ spec: natGatewayId: {{ $subnet.natGatewayId }} {{- end }} {{- else }} - {{- range $i, $cidr := $subnet.cidrBlocks }} - - cidrBlock: "{{ $cidr.cidr }}" + {{- range $i, $cidr := $subnet.cidrBlocks -}} + {{/* CAPA v2.3.0 defaults to using the `id` field as subnet name unless it's an unmanaged one (`id` starts with `subnet-`), so use CAPA's previous standard subnet naming scheme */}} + - id: "{{ include "resource.default.name" $ }}-subnet-{{ $subnet.isPublic | default false | ternary "public" "private" }}-{{ if eq (len $cidr.availabilityZone) 1 }}{{ include "aws-region" $ }}{{ end }}{{ $cidr.availabilityZone }}" + cidrBlock: "{{ $cidr.cidr }}" {{- if eq (len $cidr.availabilityZone) 1 }} availabilityZone: "{{ include "aws-region" $ }}{{ $cidr.availabilityZone }}" {{- else }} availabilityZone: "{{ $cidr.availabilityZone }}" {{- end }} isPublic: {{ $subnet.isPublic | default false }} + {{- if or $subnet.tags $cidr.tags }} tags: {{- toYaml $subnet.tags | nindent 8 }} {{- if $cidr.tags }} {{- toYaml $cidr.tags | nindent 8 }} {{- end }} + {{- end }} {{- end }} {{- end }} {{- end }} diff --git a/helm/cluster-aws/values.schema.json b/helm/cluster-aws/values.schema.json index 284cafc3..14979e5c 100644 --- a/helm/cluster-aws/values.schema.json +++ b/helm/cluster-aws/values.schema.json @@ -444,6 +444,10 @@ "title": "Network", "items": { "type": "object", + "required": [ + "availabilityZone", + "cidr" + ], "properties": { "availabilityZone": { "type": "string",