More progress - getting out to Github so I can switch laptops... will be needing 8 cores today :D

docs/topology.md

@@ -14,6 +14,17 @@ Kops supports the following topologies on AWS
 |   Private Cluster |   private  | All masters/nodes will be launched in a **private subnet** in the VPC                                       |
 |     Private Masters Public Nodes    |   privatemasters  | All masters will be launched into a **private subnet**, All nodes will be launched into a **public subnet** |
 
+[More information](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) on Public and Private subnets in AWS
+
+Taken from the AWS documentation :
+
+##### Public Subnet
+If a subnet's traffic is routed to an Internet gateway, the subnet is known as a public subnet.
+
+##### Private Subnet
+If a subnet doesn't have a route to the Internet gateway, the subnet is known as a private subnet.-
+
+
 
 #### Defining a topology on create
 
@@ -38,4 +49,5 @@ Where kops will default to a public topology
 ```
 topology:
     type: public
-```
+```
+

upup/models/cloudup/_aws/topologies/private.yaml

@@ -1,5 +1,27 @@
 {{ if IsTopologyPrivate }}
 
+# Okay so we need to create some private VPC subnets..
+# So lets start with a VPC
+  vpc/{{ ClusterName }}:
+    id: {{ .NetworkID }}
+    shared: {{ SharedVPC }}
+    cidr: {{ .NetworkCIDR }}
+    enableDnsSupport: true
+    enableDnsHostnames: true
+
+#
+#
+#
+# ---------------------------------------------------------------
+#
+# Kris is working here - incomplete
+#
+# ---------------------------------------------------------------
+#
+#
+#
+#
+
 
 
 {{ end }}

upup/models/cloudup/_aws/topologies/privatemasters.yaml

@@ -1,53 +1,3 @@
 {{ if IsTopologyPrivateMasters }}
-  vpc/{{ ClusterName }}:
-    id: {{ .NetworkID }}
-    shared: {{ SharedVPC }}
-    cidr: {{ .NetworkCIDR }}
-    enableDnsSupport: true
-    enableDnsHostnames: true
-
-
-  {{ if not SharedVPC }}
-  # TODO: would be good to create these as shared, to verify them
-  dhcpOptions/{{ ClusterName }}:
-    domainNameServers: AmazonProvidedDNS
-  {{ if eq Region "us-east-1" }}
-    domainName: ec2.internal
-  {{ else }}
-    domainName: {{ Region }}.compute.internal
-  {{ end }}
-
-  vpcDHDCPOptionsAssociation/{{ ClusterName }}:
-    vpc: vpc/{{ ClusterName }}
-    dhcpOptions: dhcpOptions/{{ ClusterName }}
-  {{ end }}
-
-  internetGateway/{{ ClusterName }}:
-    shared: {{ SharedVPC }}
-    vpc: vpc/{{ ClusterName }}
-
-  routeTable/{{ ClusterName }}:
-    vpc: vpc/{{ ClusterName }}
-
-  route/0.0.0.0/0:
-    routeTable: routeTable/{{ ClusterName }}
-    cidr: 0.0.0.0/0
-    internetGateway: internetGateway/{{ ClusterName }}
-    vpc: vpc/{{ ClusterName }}
-
-  {{ range $zone := .Zones }}
-
-  subnet/{{ $zone.Name }}.{{ ClusterName }}:
-    vpc: vpc/{{ ClusterName }}
-    availabilityZone: {{ $zone.Name }}
-    cidr: {{ $zone.CIDR }}
-    id: {{ $zone.ProviderID }}
-    shared: {{ SharedZone $zone }}
-
-  {{ if not (SharedZone $zone) }}
-  routeTableAssociation/{{ $zone.Name }}.{{ ClusterName }}:
-    routeTable: routeTable/{{ ClusterName }}
-    subnet: subnet/{{ $zone.Name }}.{{ ClusterName }}
-  {{ end}}
-{{ end }}
+  # TODO This is not yet supported
 {{ end }}

upup/pkg/fi/cloudup/awstasks/natgateway.go

@@ -1,152 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package awstasks
-
-import (
-	"fmt"
-	"github.com/aws/aws-sdk-go/service/ec2"
-	"github.com/golang/glog"
-	"k8s.io/kops/upup/pkg/fi"
-	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
-	"k8s.io/kops/upup/pkg/fi/cloudup/terraform"
-)
-
-//go:generate fitask -type=natgateway
-type NATGateway struct {
-	Name         *string
-	ID           *string // AWS ID for the object
-	AllocationID *string // Pointer to an elastic IP
-	SubnetID     *string // Pointer to a subnet in the VPC
-	VPCID        *string // Unique identifier of the VPC for this NAT gateway
-}
-
-var _ fi.CompareWithID = &NATGateway{} // Validate the IDs
-
-func (e *NATGateway) CompareWithID() *string {
-	return e.ID
-}
-
-func (e *NATGateway) Find(c *fi.Context) (*NATGateway, error) {
-	cloud := c.Cloud.(awsup.AWSCloud)
-
-	request := &ec2.DescribeNatGatewaysInput{}
-
-	if fi.StringValue(e.ID) != "" {
-		request.NatGatewayIds = []*string{e.ID}
-	} else {
-		request.Filter = cloud.BuildFilters(e.SubnetID)
-	}
-
-	response, err := cloud.EC2().DescribeNatGateways(request)
-	if err != nil {
-		return nil, fmt.Errorf("error listing NAT Gateways: %v", err)
-	}
-	if response == nil || len(response.NatGateways) == 0 {
-		return nil, nil
-	}
-
-	if len(response.NatGateways) != 1 {
-		return nil, fmt.Errorf("found multiple NAT Gateways matching tags")
-	}
-	ngw := response.NatGateways[0]
-	actual := &NATGateway{
-		ID:   ngw.NatGatewayId,
-		VPCID: ngw.VpcId,
-		SubnetID: ngw.SubnetId,
-	}
-
-	glog.V(4).Infof("found matching NAT gateway %v", actual)
-
-	// Allocation ID
-	if actual.ID != nil {
-		request := &ec2.DescribeAddressesInput{}
-		request.Filters = cloud.BuildFilters(e.VPCID)
-		response, err := cloud.EC2().DescribeAddresses(request)
-		if err != nil || len(response.Addresses) != 1 {
-			return nil, fmt.Errorf("error querying for elastic ip support: %v", err)
-		}
-		actual.AllocationID = response.Addresses[0].AllocationId
-	}
-
-	if e.ID == nil {
-		e.ID = actual.ID
-	}
-
-	return actual, nil
-}
-
-func (s *NATGateway) CheckChanges(a, e, changes *NATGateway) error {
-	if a == nil {
-		if e.AllocationID == nil {
-			return fi.RequiredField("AllocationID")
-		}
-		if e.SubnetID == nil {
-			return fi.RequiredField("SubnetID")
-		}
-	}
-	if a != nil {
-		if changes.AllocationID != nil {
-			// TODO: Do we want to destroy & recreate the VPC?
-			return fi.CannotChangeField("AllocationID")
-		}
-	}
-	return nil
-}
-
-func (e *NATGateway) Run(c *fi.Context) error {
-	return fi.DefaultDeltaRunMethod(e, c)
-}
-
-func (_ *NATGateway) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *NATGateway) error {
-	if a == nil {
-		glog.V(2).Infof("Creating NGW with Allocation ID: %q", *e.AllocationID)
-
-		request := &ec2.CreateNatGatewayInput{
-			AllocationId: e.AllocationID,
-			SubnetId: e.SubnetID,
-		}
-
-		response, err := t.Cloud.EC2().CreateNatGateway(request)
-		if err != nil {
-			return fmt.Errorf("error creating Nat gateway: %v", err)
-		}
-
-		e.ID = response.NatGateway.NatGatewayId
-	}
-
-	return nil
-}
-
-type terraformNatGateway struct {
-	AllocationId *string           `json:"AllocationID,omitempty"`
-	SubnetID     *bool             `json:"SubnetID,omitempty"`
-}
-
-func (_ *NATGateway) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *NATGateway) error {
-	//	cloud := t.Cloud.(awsup.AWSCloud)
-
-	tf := &terraformNatGateway{
-		AllocationId:  e.AllocationID,
-		//SubnetID:      e.SubnetID,
-	}
-
-	return t.RenderResource("aws_natgateway", *e.AllocationID, tf)
-}
-
-func (e *NATGateway) TerraformLink() *terraform.Literal {
-	return terraform.LiteralProperty("aws_natgateway", *e.AllocationID, "id")
-}

upup/pkg/fi/cloudup/template_functions.go

@@ -92,7 +92,7 @@ func (tf *TemplateFunctions) AddTo(dest template.FuncMap) {
 	// Network topology definitions
 	dest["IsTopologyPublic"]  = tf.IsTopologyPublic
 	dest["IsTopologyPrivate"] = tf.IsTopologyPrivate
-	dest["IsTopologyPrivateMasters"] = tf.IsTopologyPrivateMasters()
+	dest["IsTopologyPrivateMasters"] = tf.IsTopologyPrivateMasters
 
 	dest["SharedZone"] = tf.SharedZone
 	dest["WellKnownServiceIP"] = tf.WellKnownServiceIP