From 490b1bf52c479b2026e445c690d076190c647e4a Mon Sep 17 00:00:00 2001 From: Michal Jura Date: Fri, 11 Jun 2021 17:36:18 +0200 Subject: [PATCH] Improve NetworkProfile configuration --- controller/aks-cluster-config-handler.go | 14 +++++++-- pkg/aks/create.go | 37 +++++++++--------------- 2 files changed, 25 insertions(+), 26 deletions(-) diff --git a/controller/aks-cluster-config-handler.go b/controller/aks-cluster-config-handler.go index 6569deb1..ac499c42 100644 --- a/controller/aks-cluster-config-handler.go +++ b/controller/aks-cluster-config-handler.go @@ -403,10 +403,18 @@ func (h *Handler) validateConfig(config *aksv1.AKSClusterConfig) error { return fmt.Errorf("at least one NodePool with mode System is required") } + if config.Spec.NetworkPlugin != nil && + to.String(config.Spec.NetworkPlugin) != string(containerservice.Kubenet) && + to.String(config.Spec.NetworkPlugin) != string(containerservice.Azure) { + return fmt.Errorf("invalid network plugin value [%s] for [%s] cluster config", to.String(config.Spec.NetworkPlugin), config.ClusterName) + } if config.Spec.NetworkPolicy != nil && - *config.Spec.NetworkPolicy != string(containerservice.NetworkPolicyAzure) && - *config.Spec.NetworkPolicy != string(containerservice.NetworkPolicyCalico) { - return fmt.Errorf("wrong network policy value for [%s] cluster config", config.ClusterName) + to.String(config.Spec.NetworkPolicy) != string(containerservice.NetworkPolicyAzure) && + to.String(config.Spec.NetworkPolicy) != string(containerservice.NetworkPolicyCalico) { + return fmt.Errorf("invalid network policy value [%s] for [%s] cluster config", to.String(config.Spec.NetworkPolicy), config.ClusterName) + } + if !(to.String(config.Spec.NetworkPlugin) == string(containerservice.Azure) && to.String(config.Spec.NetworkPolicy) == string(containerservice.NetworkPolicyAzure)) { + return fmt.Errorf("azure network policy can be used only with Azure CNI network plugin for [%s] cluster", config.ClusterName) } return nil } diff --git a/pkg/aks/create.go b/pkg/aks/create.go index b0051569..449cf381 100644 --- a/pkg/aks/create.go +++ b/pkg/aks/create.go @@ -39,13 +39,23 @@ func CreateOrUpdateCluster(ctx context.Context, cred *Credentials, clusterClient } var vmNetSubnetID *string - networkProfile := &containerservice.NetworkProfile{} - if hasCustomVirtualNetwork(spec) { + networkProfile := &containerservice.NetworkProfile{ + NetworkPlugin: containerservice.Kubenet, + NetworkPolicy: containerservice.NetworkPolicy(to.String(spec.NetworkPolicy)), + LoadBalancerSku: containerservice.Standard, + } + + if spec.LoadBalancerSKU != nil { + networkProfile.LoadBalancerSku = containerservice.LoadBalancerSku(to.String(spec.LoadBalancerSKU)) + } + + if containerservice.NetworkPlugin(to.String(spec.NetworkPlugin)) == containerservice.Azure { + networkProfile.NetworkPlugin = containerservice.NetworkPlugin(to.String(spec.NetworkPlugin)) virtualNetworkResourceGroup := spec.ResourceGroup //if virtual network resource group is set, use it, otherwise assume it is the same as the cluster if spec.VirtualNetworkResourceGroup != nil { - virtualNetworkResourceGroup = *spec.VirtualNetworkResourceGroup + virtualNetworkResourceGroup = to.String(spec.VirtualNetworkResourceGroup) } vmNetSubnetID = to.StringPtr(fmt.Sprintf( @@ -59,26 +69,7 @@ func CreateOrUpdateCluster(ctx context.Context, cred *Credentials, clusterClient networkProfile.DNSServiceIP = spec.NetworkDNSServiceIP networkProfile.DockerBridgeCidr = spec.NetworkDockerBridgeCIDR networkProfile.ServiceCidr = spec.NetworkServiceCIDR - - if spec.NetworkPlugin != nil { - networkProfile.NetworkPlugin = containerservice.NetworkPlugin(*spec.NetworkPlugin) - } else { - networkProfile.NetworkPlugin = containerservice.Kubenet - } - - // if network plugin is 'Azure', set PodCIDR - if networkProfile.NetworkPlugin == containerservice.Azure { - networkProfile.PodCidr = spec.NetworkPodCIDR - } - - if spec.LoadBalancerSKU != nil { - loadBalancerSku := containerservice.LoadBalancerSku(*spec.LoadBalancerSKU) - networkProfile.LoadBalancerSku = loadBalancerSku - } - - if spec.NetworkPolicy != nil { - networkProfile.NetworkPolicy = containerservice.NetworkPolicy(*spec.NetworkPolicy) - } + networkProfile.PodCidr = spec.NetworkPodCIDR } agentPoolProfiles := make([]containerservice.ManagedClusterAgentPoolProfile, 0, len(spec.NodePools))