cluster networking fields

syseleven · Dec 4, 2020 · 5b9d085 · phiphi282 · Dec 10, 2020 · furkhat
1 parent 2ca0b49
commit 5b9d085
Show file tree

Hide file tree

Showing 6 changed files with 134 additions and 25 deletions.
diff --git a/docs/resources/cluster.md b/docs/resources/cluster.md
@@ -55,6 +55,9 @@ The following arguments are supported:
 * `audit_logging` - (Optional) Audit logging settings.
 * `pod_security_policy` - (Optional) Pod security policies allow detailed authorization of pod creation and updates.
 * `pod_node_selector` - (Optional) Configure PodNodeSelector admission plugin at the apiserver
+* `services_cidr` - (Optional) Internal IP range for ClusterIP Services.
+* `pods_cidr` - (Optional) Internal IP range for Pods.
+* `domain_name` - (Optional) Cluster domain name.
 
 ### `cloud`
 

diff --git a/metakube/resource_cluster.go b/metakube/resource_cluster.go
@@ -137,17 +137,31 @@ func resourceClusterCreate(d *schema.ResourceData, m interface{}) error {
 		return err
 	}
 
-	p.SetProjectID(pID)
-	p.SetDC(dc.Spec.Seed)
-	p.SetBody(&models.CreateClusterSpec{
+	clusterSpec := expandClusterSpec(d.Get("spec").([]interface{}), d.Get("dc_name").(string))
+	createClusterSpec := &models.CreateClusterSpec{
 		Cluster: &models.Cluster{
 			Name:       d.Get("name").(string),
-			Spec:       expandClusterSpec(d.Get("spec").([]interface{}), d.Get("dc_name").(string)),
+			Spec:       clusterSpec,
 			Type:       d.Get("type").(string),
 			Labels:     getLabels(d),
 			Credential: d.Get("credential").(string),
 		},
-	})
+	}
+	if n := clusterSpec.ClusterNetwork; n != nil {
+		if n.DNSDomain != "" {
+			createClusterSpec.DNSDomain = n.DNSDomain
+		}
+		if v := clusterSpec.ClusterNetwork.Pods; v != nil && len(v.CIDRBlocks) == 1 {
+			createClusterSpec.PodsCIDR = v.CIDRBlocks[0]
+		}
+		if v := clusterSpec.ClusterNetwork.Services; v != nil && len(v.CIDRBlocks) == 1 {
+			createClusterSpec.ServicesCIDR = v.CIDRBlocks[0]
+		}
+	}
+
+	p.SetProjectID(pID)
+	p.SetDC(dc.Spec.Seed)
+	p.SetBody(createClusterSpec)
 
 	r, err := k.client.Project.CreateCluster(p, k.auth)
 	if err != nil {
@@ -459,10 +473,14 @@ func patchClusterFields(d *schema.ResourceData, k *metakubeProviderMeta) error {
 	p.SetDC(seedDC)
 	p.SetClusterID(clusterID)
 	name := d.Get("name").(string)
-	version := d.Get("spec.0.version").(string)
-	auditLogging := d.Get("spec.0.audit_logging").(bool)
 	labels := d.Get("labels")
-	p.SetPatch(newClusterPatch(name, version, auditLogging, labels))
+	clusterSpec := expandClusterSpec(d.Get("spec").([]interface{}), d.Get("dc_name").(string))
+	// p.SetPatch(newClusterPatch(name, version, auditLogging, labels))
+	p.SetPatch(map[string]interface{}{
+		"name":   name,
+		"labels": labels,
+		"spec":   clusterSpec,
+	})
 
 	err = resource.Retry(d.Timeout(schema.TimeoutUpdate), func() *resource.RetryError {
 		_, err := k.client.Project.PatchCluster(p, k.auth)
@@ -570,20 +588,6 @@ func waitClusterReady(k *metakubeProviderMeta, d *schema.ResourceData, projectID
 	})
 }
 
-func newClusterPatch(name, version string, auditLogging bool, labels interface{}) interface{} {
-	// TODO(furkhat): change to dedicated struct when API has it.
-	return map[string]interface{}{
-		"name":   name,
-		"labels": labels,
-		"spec": map[string]interface{}{
-			"auditLogging": map[string]bool{
-				"enabled": auditLogging,
-			},
-			"version": version,
-		},
-	}
-}
-
 func resourceClusterDelete(d *schema.ResourceData, m interface{}) error {
 	k := m.(*metakubeProviderMeta)
 	projectID, seedDC, clusterID, err := metakubeClusterParseID(d.Id())

diff --git a/metakube/resource_cluster_test.go b/metakube/resource_cluster_test.go
@@ -37,6 +37,9 @@ func TestAccMetaKubeCluster_Openstack_Basic(t *testing.T) {
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "labels.%", "0"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.#", "1"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.version", versionK8s17),
+					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.domain_name", "foodomain.local"),
+					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.services_cidr", "10.240.16.0/18"),
+					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.pods_cidr", "172.25.0.0/18"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.cloud.#", "1"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.cloud.0.bringyourown.#", "0"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.cloud.0.aws.#", "0"),
@@ -130,6 +133,11 @@ func TestAccMetaKubeCluster_Openstack_Basic(t *testing.T) {
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "labels.test-key", "test-value"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.#", "1"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.version", versionK8s17),
+					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.domain_name", "foodomain.local"),
+					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.services_cidr", "10.240.16.0/18"),
+					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.pods_cidr", "172.25.0.0/18"),
+					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.pod_node_selector", "true"),
+					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.pod_security_policy", "true"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.cloud.#", "1"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.cloud.0.bringyourown.#", "0"),
 					resource.TestCheckResourceAttr("metakube_cluster.acctest_cluster", "spec.0.cloud.0.aws.#", "0"),
@@ -270,8 +278,12 @@ func testAccCheckMetaKubeClusterOpenstackBasic(testName, username, password, ten
 					floating_ip_pool = "ext-net"
 				}
 			}
+			domain_name = "foodomain.local"
+			services_cidr = "10.240.16.0/18"
+			pods_cidr = "172.25.0.0/18"
 		}
-	}`
+	}
+`
 
 	return fmt.Sprintf(config, testName, testName, nodeDC, version, tenant, username, password)
 }
@@ -310,6 +322,12 @@ func testAccCheckMetaKubeClusterOpenstackBasic2(testName, username, password, te
 
 			# enable audit logging
 			audit_logging = true
+
+			pod_node_selector = true
+			pod_security_policy = true
+			domain_name = "foodomain.local"
+			services_cidr = "10.240.16.0/18"
+			pods_cidr = "172.25.0.0/18"
 		}
 	}`
 	return fmt.Sprintf(config, testName, testName, nodeDC, k8sVersion, tenant, username, password)

diff --git a/metakube/schema_cluster.go b/metakube/schema_cluster.go
@@ -94,6 +94,27 @@ func clusterSpecFields() map[string]*schema.Schema {
 			Default:     false,
 			Description: "Configure PodNodeSelector admission plugin at the apiserver",
 		},
+		"services_cidr": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			ForceNew:    true,
+			Computed:    true,
+			Description: "Internal IP range for ClusterIP Services",
+		},
+		"pods_cidr": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			ForceNew:    true,
+			Computed:    true,
+			Description: "Internal IP range for Pods",
+		},
+		"domain_name": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			ForceNew:    true,
+			Computed:    true,
+			Description: "Internal IP range for ClusterIP Pods",
+		},
 	}
 }
 

diff --git a/metakube/structure_cluster.go b/metakube/structure_cluster.go
@@ -30,6 +30,18 @@ func flattenClusterSpec(values clusterPreserveValues, in *models.ClusterSpec) []
 
 	att["pod_node_selector"] = in.UsePodNodeSelectorAdmissionPlugin
 
+	if network := in.ClusterNetwork; network != nil {
+		if network.DNSDomain != "" {
+			att["domain_name"] = network.DNSDomain
+		}
+		if v := network.Pods; len(v.CIDRBlocks) > 0 && v.CIDRBlocks[0] != "" {
+			att["pods_cidr"] = v.CIDRBlocks[0]
+		}
+		if v := network.Services; len(v.CIDRBlocks) > 0 && v.CIDRBlocks[0] != "" {
+			att["services_cidr"] = v.CIDRBlocks[0]
+		}
+	}
+
 	if in.Cloud != nil {
 		att["cloud"] = flattenClusterCloudSpec(values, in.Cloud)
 	}
@@ -254,6 +266,31 @@ func expandClusterSpec(p []interface{}, dcName string) *models.ClusterSpec {
 		obj.UsePodNodeSelectorAdmissionPlugin = v.(bool)
 	}
 
+	if v, ok := in["services_cidr"]; ok {
+		if obj.ClusterNetwork == nil {
+			obj.ClusterNetwork = &models.ClusterNetworkingConfig{}
+		}
+		obj.ClusterNetwork.Services = &models.NetworkRanges{
+			CIDRBlocks: []string{v.(string)},
+		}
+	}
+
+	if v, ok := in["pods_cidr"]; ok {
+		if obj.ClusterNetwork == nil {
+			obj.ClusterNetwork = &models.ClusterNetworkingConfig{}
+		}
+		obj.ClusterNetwork.Pods = &models.NetworkRanges{
+			CIDRBlocks: []string{v.(string)},
+		}
+	}
+
+	if v, ok := in["domain_name"]; ok {
+		if obj.ClusterNetwork == nil {
+			obj.ClusterNetwork = &models.ClusterNetworkingConfig{}
+		}
+		obj.ClusterNetwork.DNSDomain = v.(string)
+	}
+
 	if v, ok := in["cloud"]; ok {
 		obj.Cloud = expandClusterCloudSpec(v.([]interface{}), dcName)
 	}

diff --git a/metakube/structure_cluster_test.go b/metakube/structure_cluster_test.go
@@ -22,13 +22,25 @@ func TestFlattenClusterSpec(t *testing.T) {
 					DatacenterName: "eu-west-1",
 					Bringyourown:   map[string]interface{}{},
 				},
+				ClusterNetwork: &models.ClusterNetworkingConfig{
+					DNSDomain: "foocluster.local",
+					Services: &models.NetworkRanges{
+						CIDRBlocks: []string{"1.1.1.0/20"},
+					},
+					Pods: &models.NetworkRanges{
+						CIDRBlocks: []string{"2.2.0.0/16"},
+					},
+				},
 			},
 			[]interface{}{
 				map[string]interface{}{
 					"version":             "1.18.8",
 					"audit_logging":       false,
 					"pod_security_policy": false,
 					"pod_node_selector":   false,
+					"services_cidr":       "1.1.1.0/20",
+					"pods_cidr":           "2.2.0.0/16",
+					"domain_name":         "foocluster.local",
 					"cloud": []interface{}{
 						map[string]interface{}{
 							"bringyourown": []interface{}{map[string]interface{}{}},
@@ -321,6 +333,10 @@ func TestExpandClusterSpec(t *testing.T) {
 					"machine_networks":    []interface{}{},
 					"audit_logging":       false,
 					"pod_security_policy": true,
+					"pod_node_selector":   true,
+					"services_cidr":       "1.1.1.0/20",
+					"pods_cidr":           "2.2.0.0/16",
+					"domain_name":         "foocluster.local",
 					"cloud": []interface{}{
 						map[string]interface{}{
 							"bringyourown": []interface{}{
@@ -335,6 +351,16 @@ func TestExpandClusterSpec(t *testing.T) {
 				MachineNetworks:                     nil,
 				AuditLogging:                        &models.AuditLoggingSettings{},
 				UsePodSecurityPolicyAdmissionPlugin: true,
+				UsePodNodeSelectorAdmissionPlugin:   true,
+				ClusterNetwork: &models.ClusterNetworkingConfig{
+					Services: &models.NetworkRanges{
+						CIDRBlocks: []string{"1.1.1.0/20"},
+					},
+					Pods: &models.NetworkRanges{
+						CIDRBlocks: []string{"2.2.0.0/16"},
+					},
+					DNSDomain: "foocluster.local",
+				},
 				Cloud: &models.CloudSpec{
 					DatacenterName: "eu-west-1",
 					Bringyourown:   map[string]interface{}{},
@@ -494,7 +520,7 @@ func TestExpandAWSCloudSpec(t *testing.T) {
 	}
 }
 
-func TestExpandAzureCloudSpec(t *testing.T) {
+func TestExpandOpenstackCloudSpec(t *testing.T) {
 	cases := []struct {
 		Input          []interface{}
 		ExpectedOutput *models.OpenstackCloudSpec
@@ -538,7 +564,7 @@ func TestExpandAzureCloudSpec(t *testing.T) {
 	}
 }
 
-func TestExpandOpenstackCloudSpec(t *testing.T) {
+func TestExpandAzureCloudSpec(t *testing.T) {
 	cases := []struct {
 		Input          []interface{}
 		ExpectedOutput *models.AzureCloudSpec