mirror of https://github.com/kubernetes/kops.git
Merge pull request #2474 from justinsb/subnet_tagging
Use explicit tag management in network tasks
This commit is contained in:
Justin Santa Barbara
GitHub
commit
b351696476
|
|
@ -29,7 +29,9 @@ import (
|
||||||
"k8s.io/kops/pkg/apis/kops/util"
|
"k8s.io/kops/pkg/apis/kops/util"
|
||||||
"k8s.io/kops/pkg/featureflag"
|
"k8s.io/kops/pkg/featureflag"
|
||||||
"k8s.io/kops/pkg/model/components"
|
"k8s.io/kops/pkg/model/components"
|
||||||
|
"k8s.io/kops/upup/pkg/fi"
|
||||||
"k8s.io/kops/upup/pkg/fi/cloudup/awstasks"
|
"k8s.io/kops/upup/pkg/fi/cloudup/awstasks"
|
||||||
|
"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
|
||||||
)
|
)
|
||||||
|
|
||||||
var UseLegacyELBName = featureflag.New("UseLegacyELBName", featureflag.Bool(false))
|
var UseLegacyELBName = featureflag.New("UseLegacyELBName", featureflag.Bool(false))
|
||||||
|
|
@ -189,6 +191,27 @@ func (m *KopsModelContext) CloudTagsForInstanceGroup(ig *kops.InstanceGroup) (ma
|
||||||
return labels, nil
|
return labels, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// CloudTags computes the tags to apply to a normal cloud resource with the specified name
|
||||||
|
func (m *KopsModelContext) CloudTags(name string, shared bool) map[string]string {
|
||||||
|
tags := make(map[string]string)
|
||||||
|
|
||||||
|
switch fi.CloudProviderID(m.Cluster.Spec.CloudProvider) {
|
||||||
|
case fi.CloudProviderAWS:
|
||||||
|
tags[awsup.TagClusterName] = m.Cluster.ObjectMeta.Name
|
||||||
|
if name != "" {
|
||||||
|
tags["Name"] = name
|
||||||
|
}
|
||||||
|
|
||||||
|
if shared {
|
||||||
|
tags["kubernetes.io/cluster/"+m.Cluster.ObjectMeta.Name] = "shared"
|
||||||
|
} else {
|
||||||
|
tags["kubernetes.io/cluster/"+m.Cluster.ObjectMeta.Name] = "owned"
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
return tags
|
||||||
|
}
|
||||||
|
|
||||||
func (m *KopsModelContext) UsesBastionDns() bool {
|
func (m *KopsModelContext) UsesBastionDns() bool {
|
||||||
if m.Cluster.Spec.Topology.Bastion != nil && m.Cluster.Spec.Topology.Bastion.BastionPublicName != "" {
|
if m.Cluster.Spec.Topology.Bastion != nil && m.Cluster.Spec.Topology.Bastion.BastionPublicName != "" {
|
||||||
return true
|
return true
|
||||||
|
|
|
||||||
|
|
@ -40,13 +40,17 @@ func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
sharedVPC := b.Cluster.SharedVPC()
|
sharedVPC := b.Cluster.SharedVPC()
|
||||||
|
vpcName := b.ClusterName()
|
||||||
|
|
||||||
// VPC that holds everything for the cluster
|
// VPC that holds everything for the cluster
|
||||||
{
|
{
|
||||||
|
tags := b.CloudTags(vpcName, sharedVPC)
|
||||||
|
|
||||||
t := &awstasks.VPC{
|
t := &awstasks.VPC{
|
||||||
Name: s(b.ClusterName()),
|
Name: s(vpcName),
|
||||||
Shared: fi.Bool(sharedVPC),
|
Shared: fi.Bool(sharedVPC),
|
||||||
EnableDNSSupport: fi.Bool(true),
|
EnableDNSSupport: fi.Bool(true),
|
||||||
|
Tags: tags,
|
||||||
}
|
}
|
||||||
|
|
||||||
if sharedVPC && VersionGTE(kubernetesVersion, 1, 5) {
|
if sharedVPC && VersionGTE(kubernetesVersion, 1, 5) {
|
||||||
|
|
@ -133,13 +137,16 @@ func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
for i := range b.Cluster.Spec.Subnets {
|
for i := range b.Cluster.Spec.Subnets {
|
||||||
subnetSpec := &b.Cluster.Spec.Subnets[i]
|
subnetSpec := &b.Cluster.Spec.Subnets[i]
|
||||||
sharedSubnet := subnetSpec.ProviderID != ""
|
sharedSubnet := subnetSpec.ProviderID != ""
|
||||||
|
subnetName := subnetSpec.Name + "." + b.ClusterName()
|
||||||
|
tags := b.CloudTags(subnetName, sharedSubnet)
|
||||||
|
|
||||||
subnet := &awstasks.Subnet{
|
subnet := &awstasks.Subnet{
|
||||||
Name: s(subnetSpec.Name + "." + b.ClusterName()),
|
Name: s(subnetName),
|
||||||
VPC: b.LinkToVPC(),
|
VPC: b.LinkToVPC(),
|
||||||
AvailabilityZone: s(subnetSpec.Zone),
|
AvailabilityZone: s(subnetSpec.Zone),
|
||||||
CIDR: s(subnetSpec.CIDR),
|
CIDR: s(subnetSpec.CIDR),
|
||||||
Shared: fi.Bool(sharedSubnet),
|
Shared: fi.Bool(sharedSubnet),
|
||||||
|
Tags: tags,
|
||||||
}
|
}
|
||||||
|
|
||||||
if subnetSpec.ProviderID != "" {
|
if subnetSpec.ProviderID != "" {
|
||||||
|
|
|
||||||
|
|
@ -342,8 +342,9 @@ resource "aws_subnet" "us-test-1a-complex-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "complex.example.com"
|
KubernetesCluster = "complex.example.com"
|
||||||
Name = "us-test-1a.complex.example.com"
|
Name = "us-test-1a.complex.example.com"
|
||||||
|
"kubernetes.io/cluster/complex.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -353,8 +354,9 @@ resource "aws_vpc" "complex-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "complex.example.com"
|
KubernetesCluster = "complex.example.com"
|
||||||
Name = "complex.example.com"
|
Name = "complex.example.com"
|
||||||
|
"kubernetes.io/cluster/complex.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -512,8 +512,9 @@ resource "aws_subnet" "us-test-1a-ha-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "ha.example.com"
|
KubernetesCluster = "ha.example.com"
|
||||||
Name = "us-test-1a.ha.example.com"
|
Name = "us-test-1a.ha.example.com"
|
||||||
|
"kubernetes.io/cluster/ha.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -523,8 +524,9 @@ resource "aws_subnet" "us-test-1b-ha-example-com" {
|
||||||
availability_zone = "us-test-1b"
|
availability_zone = "us-test-1b"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "ha.example.com"
|
KubernetesCluster = "ha.example.com"
|
||||||
Name = "us-test-1b.ha.example.com"
|
Name = "us-test-1b.ha.example.com"
|
||||||
|
"kubernetes.io/cluster/ha.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -534,8 +536,9 @@ resource "aws_subnet" "us-test-1c-ha-example-com" {
|
||||||
availability_zone = "us-test-1c"
|
availability_zone = "us-test-1c"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "ha.example.com"
|
KubernetesCluster = "ha.example.com"
|
||||||
Name = "us-test-1c.ha.example.com"
|
Name = "us-test-1c.ha.example.com"
|
||||||
|
"kubernetes.io/cluster/ha.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -545,8 +548,9 @@ resource "aws_vpc" "ha-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "ha.example.com"
|
KubernetesCluster = "ha.example.com"
|
||||||
Name = "ha.example.com"
|
Name = "ha.example.com"
|
||||||
|
"kubernetes.io/cluster/ha.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -342,8 +342,9 @@ resource "aws_subnet" "us-test-1a-minimal-141-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "minimal-141.example.com"
|
KubernetesCluster = "minimal-141.example.com"
|
||||||
Name = "us-test-1a.minimal-141.example.com"
|
Name = "us-test-1a.minimal-141.example.com"
|
||||||
|
"kubernetes.io/cluster/minimal-141.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -353,8 +354,9 @@ resource "aws_vpc" "minimal-141-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "minimal-141.example.com"
|
KubernetesCluster = "minimal-141.example.com"
|
||||||
Name = "minimal-141.example.com"
|
Name = "minimal-141.example.com"
|
||||||
|
"kubernetes.io/cluster/minimal-141.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -397,6 +397,10 @@
|
||||||
{
|
{
|
||||||
"Key": "Name",
|
"Key": "Name",
|
||||||
"Value": "us-test-1a.minimal.example.com"
|
"Value": "us-test-1a.minimal.example.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Key": "kubernetes.io/cluster/minimal.example.com",
|
||||||
|
"Value": "owned"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
@ -437,6 +441,10 @@
|
||||||
{
|
{
|
||||||
"Key": "Name",
|
"Key": "Name",
|
||||||
"Value": "minimal.example.com"
|
"Value": "minimal.example.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Key": "kubernetes.io/cluster/minimal.example.com",
|
||||||
|
"Value": "owned"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -342,8 +342,9 @@ resource "aws_subnet" "us-test-1a-minimal-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "minimal.example.com"
|
KubernetesCluster = "minimal.example.com"
|
||||||
Name = "us-test-1a.minimal.example.com"
|
Name = "us-test-1a.minimal.example.com"
|
||||||
|
"kubernetes.io/cluster/minimal.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -353,8 +354,9 @@ resource "aws_vpc" "minimal-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "minimal.example.com"
|
KubernetesCluster = "minimal.example.com"
|
||||||
Name = "minimal.example.com"
|
Name = "minimal.example.com"
|
||||||
|
"kubernetes.io/cluster/minimal.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -614,8 +614,9 @@ resource "aws_subnet" "us-test-1a-privatecalico-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatecalico.example.com"
|
KubernetesCluster = "privatecalico.example.com"
|
||||||
Name = "us-test-1a.privatecalico.example.com"
|
Name = "us-test-1a.privatecalico.example.com"
|
||||||
|
"kubernetes.io/cluster/privatecalico.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -625,8 +626,9 @@ resource "aws_subnet" "utility-us-test-1a-privatecalico-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatecalico.example.com"
|
KubernetesCluster = "privatecalico.example.com"
|
||||||
Name = "utility-us-test-1a.privatecalico.example.com"
|
Name = "utility-us-test-1a.privatecalico.example.com"
|
||||||
|
"kubernetes.io/cluster/privatecalico.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -636,8 +638,9 @@ resource "aws_vpc" "privatecalico-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatecalico.example.com"
|
KubernetesCluster = "privatecalico.example.com"
|
||||||
Name = "privatecalico.example.com"
|
Name = "privatecalico.example.com"
|
||||||
|
"kubernetes.io/cluster/privatecalico.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -605,8 +605,9 @@ resource "aws_subnet" "us-test-1a-privatecanal-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatecanal.example.com"
|
KubernetesCluster = "privatecanal.example.com"
|
||||||
Name = "us-test-1a.privatecanal.example.com"
|
Name = "us-test-1a.privatecanal.example.com"
|
||||||
|
"kubernetes.io/cluster/privatecanal.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -616,8 +617,9 @@ resource "aws_subnet" "utility-us-test-1a-privatecanal-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatecanal.example.com"
|
KubernetesCluster = "privatecanal.example.com"
|
||||||
Name = "utility-us-test-1a.privatecanal.example.com"
|
Name = "utility-us-test-1a.privatecanal.example.com"
|
||||||
|
"kubernetes.io/cluster/privatecanal.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -627,8 +629,9 @@ resource "aws_vpc" "privatecanal-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatecanal.example.com"
|
KubernetesCluster = "privatecanal.example.com"
|
||||||
Name = "privatecanal.example.com"
|
Name = "privatecanal.example.com"
|
||||||
|
"kubernetes.io/cluster/privatecanal.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -610,8 +610,9 @@ resource "aws_subnet" "us-test-1a-privatedns1-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatedns1.example.com"
|
KubernetesCluster = "privatedns1.example.com"
|
||||||
Name = "us-test-1a.privatedns1.example.com"
|
Name = "us-test-1a.privatedns1.example.com"
|
||||||
|
"kubernetes.io/cluster/privatedns1.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -621,8 +622,9 @@ resource "aws_subnet" "utility-us-test-1a-privatedns1-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatedns1.example.com"
|
KubernetesCluster = "privatedns1.example.com"
|
||||||
Name = "utility-us-test-1a.privatedns1.example.com"
|
Name = "utility-us-test-1a.privatedns1.example.com"
|
||||||
|
"kubernetes.io/cluster/privatedns1.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -632,8 +634,9 @@ resource "aws_vpc" "privatedns1-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatedns1.example.com"
|
KubernetesCluster = "privatedns1.example.com"
|
||||||
Name = "privatedns1.example.com"
|
Name = "privatedns1.example.com"
|
||||||
|
"kubernetes.io/cluster/privatedns1.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -596,8 +596,9 @@ resource "aws_subnet" "us-test-1a-privatedns2-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatedns2.example.com"
|
KubernetesCluster = "privatedns2.example.com"
|
||||||
Name = "us-test-1a.privatedns2.example.com"
|
Name = "us-test-1a.privatedns2.example.com"
|
||||||
|
"kubernetes.io/cluster/privatedns2.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -607,7 +608,8 @@ resource "aws_subnet" "utility-us-test-1a-privatedns2-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatedns2.example.com"
|
KubernetesCluster = "privatedns2.example.com"
|
||||||
Name = "utility-us-test-1a.privatedns2.example.com"
|
Name = "utility-us-test-1a.privatedns2.example.com"
|
||||||
|
"kubernetes.io/cluster/privatedns2.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -605,8 +605,9 @@ resource "aws_subnet" "us-test-1a-privateflannel-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privateflannel.example.com"
|
KubernetesCluster = "privateflannel.example.com"
|
||||||
Name = "us-test-1a.privateflannel.example.com"
|
Name = "us-test-1a.privateflannel.example.com"
|
||||||
|
"kubernetes.io/cluster/privateflannel.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -616,8 +617,9 @@ resource "aws_subnet" "utility-us-test-1a-privateflannel-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privateflannel.example.com"
|
KubernetesCluster = "privateflannel.example.com"
|
||||||
Name = "utility-us-test-1a.privateflannel.example.com"
|
Name = "utility-us-test-1a.privateflannel.example.com"
|
||||||
|
"kubernetes.io/cluster/privateflannel.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -627,8 +629,9 @@ resource "aws_vpc" "privateflannel-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privateflannel.example.com"
|
KubernetesCluster = "privateflannel.example.com"
|
||||||
Name = "privateflannel.example.com"
|
Name = "privateflannel.example.com"
|
||||||
|
"kubernetes.io/cluster/privateflannel.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -596,8 +596,9 @@ resource "aws_subnet" "us-test-1a-privatekopeio-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatekopeio.example.com"
|
KubernetesCluster = "privatekopeio.example.com"
|
||||||
Name = "us-test-1a.privatekopeio.example.com"
|
Name = "us-test-1a.privatekopeio.example.com"
|
||||||
|
"kubernetes.io/cluster/privatekopeio.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -607,8 +608,9 @@ resource "aws_subnet" "utility-us-test-1a-privatekopeio-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatekopeio.example.com"
|
KubernetesCluster = "privatekopeio.example.com"
|
||||||
Name = "utility-us-test-1a.privatekopeio.example.com"
|
Name = "utility-us-test-1a.privatekopeio.example.com"
|
||||||
|
"kubernetes.io/cluster/privatekopeio.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -618,8 +620,9 @@ resource "aws_vpc" "privatekopeio-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privatekopeio.example.com"
|
KubernetesCluster = "privatekopeio.example.com"
|
||||||
Name = "privatekopeio.example.com"
|
Name = "privatekopeio.example.com"
|
||||||
|
"kubernetes.io/cluster/privatekopeio.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -605,8 +605,9 @@ resource "aws_subnet" "us-test-1a-privateweave-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privateweave.example.com"
|
KubernetesCluster = "privateweave.example.com"
|
||||||
Name = "us-test-1a.privateweave.example.com"
|
Name = "us-test-1a.privateweave.example.com"
|
||||||
|
"kubernetes.io/cluster/privateweave.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -616,8 +617,9 @@ resource "aws_subnet" "utility-us-test-1a-privateweave-example-com" {
|
||||||
availability_zone = "us-test-1a"
|
availability_zone = "us-test-1a"
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privateweave.example.com"
|
KubernetesCluster = "privateweave.example.com"
|
||||||
Name = "utility-us-test-1a.privateweave.example.com"
|
Name = "utility-us-test-1a.privateweave.example.com"
|
||||||
|
"kubernetes.io/cluster/privateweave.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -627,8 +629,9 @@ resource "aws_vpc" "privateweave-example-com" {
|
||||||
enable_dns_support = true
|
enable_dns_support = true
|
||||||
|
|
||||||
tags = {
|
tags = {
|
||||||
KubernetesCluster = "privateweave.example.com"
|
KubernetesCluster = "privateweave.example.com"
|
||||||
Name = "privateweave.example.com"
|
Name = "privateweave.example.com"
|
||||||
|
"kubernetes.io/cluster/privateweave.example.com" = "owned"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -40,11 +40,13 @@ func TestElasticIPCreate(t *testing.T) {
|
||||||
vpc1 := &VPC{
|
vpc1 := &VPC{
|
||||||
Name: s("vpc1"),
|
Name: s("vpc1"),
|
||||||
CIDR: s("172.20.0.0/16"),
|
CIDR: s("172.20.0.0/16"),
|
||||||
|
Tags: map[string]string{"Name": "vpc1"},
|
||||||
}
|
}
|
||||||
subnet1 := &Subnet{
|
subnet1 := &Subnet{
|
||||||
Name: s("subnet1"),
|
Name: s("subnet1"),
|
||||||
VPC: vpc1,
|
VPC: vpc1,
|
||||||
CIDR: s("172.20.1.0/24"),
|
CIDR: s("172.20.1.0/24"),
|
||||||
|
Tags: map[string]string{"Name": "subnet1"},
|
||||||
}
|
}
|
||||||
eip1 := &ElasticIP{
|
eip1 := &ElasticIP{
|
||||||
Name: s("eip1"),
|
Name: s("eip1"),
|
||||||
|
|
|
||||||
|
|
@ -102,6 +102,7 @@ func TestSecurityGroupCreate(t *testing.T) {
|
||||||
vpc1 := &VPC{
|
vpc1 := &VPC{
|
||||||
Name: s("vpc1"),
|
Name: s("vpc1"),
|
||||||
CIDR: s("172.20.0.0/16"),
|
CIDR: s("172.20.0.0/16"),
|
||||||
|
Tags: map[string]string{"Name": "vpc1"},
|
||||||
}
|
}
|
||||||
sg1 := &SecurityGroup{
|
sg1 := &SecurityGroup{
|
||||||
Name: s("sg1"),
|
Name: s("sg1"),
|
||||||
|
|
|
||||||
|
|
@ -37,6 +37,8 @@ type Subnet struct {
|
||||||
AvailabilityZone *string
|
AvailabilityZone *string
|
||||||
CIDR *string
|
CIDR *string
|
||||||
Shared *bool
|
Shared *bool
|
||||||
|
|
||||||
|
Tags map[string]string
|
||||||
}
|
}
|
||||||
|
|
||||||
var _ fi.CompareWithID = &Subnet{}
|
var _ fi.CompareWithID = &Subnet{}
|
||||||
|
|
@ -71,6 +73,7 @@ func (e *Subnet) Find(c *fi.Context) (*Subnet, error) {
|
||||||
CIDR: subnet.CidrBlock,
|
CIDR: subnet.CidrBlock,
|
||||||
Name: findNameTag(subnet.Tags),
|
Name: findNameTag(subnet.Tags),
|
||||||
Shared: e.Shared,
|
Shared: e.Shared,
|
||||||
|
Tags: intersectTags(subnet.Tags, e.Tags),
|
||||||
}
|
}
|
||||||
|
|
||||||
glog.V(2).Infof("found matching subnet %q", *actual.ID)
|
glog.V(2).Infof("found matching subnet %q", *actual.ID)
|
||||||
|
|
@ -172,7 +175,7 @@ func (_ *Subnet) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *Subnet) error {
|
||||||
e.ID = response.Subnet.SubnetId
|
e.ID = response.Subnet.SubnetId
|
||||||
}
|
}
|
||||||
|
|
||||||
return t.AddAWSTags(*e.ID, t.Cloud.BuildTags(e.Name))
|
return t.AddAWSTags(*e.ID, e.Tags)
|
||||||
}
|
}
|
||||||
|
|
||||||
func subnetSlicesEqualIgnoreOrder(l, r []*Subnet) bool {
|
func subnetSlicesEqualIgnoreOrder(l, r []*Subnet) bool {
|
||||||
|
|
@ -199,8 +202,6 @@ type terraformSubnet struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (_ *Subnet) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *Subnet) error {
|
func (_ *Subnet) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *Subnet) error {
|
||||||
cloud := t.Cloud.(awsup.AWSCloud)
|
|
||||||
|
|
||||||
shared := fi.BoolValue(e.Shared)
|
shared := fi.BoolValue(e.Shared)
|
||||||
if shared {
|
if shared {
|
||||||
// Not terraform owned / managed
|
// Not terraform owned / managed
|
||||||
|
|
@ -211,7 +212,7 @@ func (_ *Subnet) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *Su
|
||||||
VPCID: e.VPC.TerraformLink(),
|
VPCID: e.VPC.TerraformLink(),
|
||||||
CIDR: e.CIDR,
|
CIDR: e.CIDR,
|
||||||
AvailabilityZone: e.AvailabilityZone,
|
AvailabilityZone: e.AvailabilityZone,
|
||||||
Tags: cloud.BuildTags(e.Name),
|
Tags: e.Tags,
|
||||||
}
|
}
|
||||||
|
|
||||||
return t.RenderResource("aws_subnet", *e.Name, tf)
|
return t.RenderResource("aws_subnet", *e.Name, tf)
|
||||||
|
|
@ -239,8 +240,6 @@ type cloudformationSubnet struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (_ *Subnet) RenderCloudformation(t *cloudformation.CloudformationTarget, a, e, changes *Subnet) error {
|
func (_ *Subnet) RenderCloudformation(t *cloudformation.CloudformationTarget, a, e, changes *Subnet) error {
|
||||||
cloud := t.Cloud.(awsup.AWSCloud)
|
|
||||||
|
|
||||||
shared := fi.BoolValue(e.Shared)
|
shared := fi.BoolValue(e.Shared)
|
||||||
if shared {
|
if shared {
|
||||||
// Not cloudformation owned / managed
|
// Not cloudformation owned / managed
|
||||||
|
|
@ -251,7 +250,7 @@ func (_ *Subnet) RenderCloudformation(t *cloudformation.CloudformationTarget, a,
|
||||||
VPCID: e.VPC.CloudformationLink(),
|
VPCID: e.VPC.CloudformationLink(),
|
||||||
CIDR: e.CIDR,
|
CIDR: e.CIDR,
|
||||||
AvailabilityZone: e.AvailabilityZone,
|
AvailabilityZone: e.AvailabilityZone,
|
||||||
Tags: buildCloudformationTags(cloud.BuildTags(e.Name)),
|
Tags: buildCloudformationTags(e.Tags),
|
||||||
}
|
}
|
||||||
|
|
||||||
return t.RenderResource("AWS::EC2::Subnet", *e.Name, cf)
|
return t.RenderResource("AWS::EC2::Subnet", *e.Name, cf)
|
||||||
|
|
|
||||||
|
|
@ -40,3 +40,21 @@ func findNameTag(tags []*ec2.Tag) *string {
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// intersectTags returns the tags of interest from a specified list of AWS tags;
|
||||||
|
// because we only add tags, this set of tags of interest is the tags that occur in the desired seet.
|
||||||
|
func intersectTags(tags []*ec2.Tag, desired map[string]string) map[string]string {
|
||||||
|
if tags == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
actual := make(map[string]string)
|
||||||
|
for _, t := range tags {
|
||||||
|
k := aws.StringValue(t.Key)
|
||||||
|
v := aws.StringValue(t.Value)
|
||||||
|
|
||||||
|
if _, found := desired[k]; found {
|
||||||
|
actual[k] = v
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return actual
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -39,6 +39,8 @@ type VPC struct {
|
||||||
|
|
||||||
// Shared is set if this is a shared VPC
|
// Shared is set if this is a shared VPC
|
||||||
Shared *bool
|
Shared *bool
|
||||||
|
|
||||||
|
Tags map[string]string
|
||||||
}
|
}
|
||||||
|
|
||||||
var _ fi.CompareWithID = &VPC{}
|
var _ fi.CompareWithID = &VPC{}
|
||||||
|
|
@ -74,6 +76,7 @@ func (e *VPC) Find(c *fi.Context) (*VPC, error) {
|
||||||
ID: vpc.VpcId,
|
ID: vpc.VpcId,
|
||||||
CIDR: vpc.CidrBlock,
|
CIDR: vpc.CidrBlock,
|
||||||
Name: findNameTag(vpc.Tags),
|
Name: findNameTag(vpc.Tags),
|
||||||
|
Tags: intersectTags(vpc.Tags, e.Tags),
|
||||||
}
|
}
|
||||||
|
|
||||||
glog.V(4).Infof("found matching VPC %v", actual)
|
glog.V(4).Infof("found matching VPC %v", actual)
|
||||||
|
|
@ -183,7 +186,7 @@ func (_ *VPC) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *VPC) error {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
tags := t.Cloud.BuildTags(e.Name)
|
tags := e.Tags
|
||||||
if shared {
|
if shared {
|
||||||
// Don't tag shared resources
|
// Don't tag shared resources
|
||||||
tags = nil
|
tags = nil
|
||||||
|
|
@ -199,8 +202,6 @@ type terraformVPC struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (_ *VPC) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *VPC) error {
|
func (_ *VPC) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *VPC) error {
|
||||||
cloud := t.Cloud.(awsup.AWSCloud)
|
|
||||||
|
|
||||||
if err := t.AddOutputVariable("vpc_id", e.TerraformLink()); err != nil {
|
if err := t.AddOutputVariable("vpc_id", e.TerraformLink()); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
@ -213,7 +214,7 @@ func (_ *VPC) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *VPC)
|
||||||
|
|
||||||
tf := &terraformVPC{
|
tf := &terraformVPC{
|
||||||
CIDR: e.CIDR,
|
CIDR: e.CIDR,
|
||||||
Tags: cloud.BuildTags(e.Name),
|
Tags: e.Tags,
|
||||||
EnableDNSHostnames: e.EnableDNSHostnames,
|
EnableDNSHostnames: e.EnableDNSHostnames,
|
||||||
EnableDNSSupport: e.EnableDNSSupport,
|
EnableDNSSupport: e.EnableDNSSupport,
|
||||||
}
|
}
|
||||||
|
|
@ -243,8 +244,6 @@ type cloudformationVPC struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (_ *VPC) RenderCloudformation(t *cloudformation.CloudformationTarget, a, e, changes *VPC) error {
|
func (_ *VPC) RenderCloudformation(t *cloudformation.CloudformationTarget, a, e, changes *VPC) error {
|
||||||
cloud := t.Cloud.(awsup.AWSCloud)
|
|
||||||
|
|
||||||
shared := fi.BoolValue(e.Shared)
|
shared := fi.BoolValue(e.Shared)
|
||||||
if shared {
|
if shared {
|
||||||
// Not cloudformation owned / managed
|
// Not cloudformation owned / managed
|
||||||
|
|
@ -255,7 +254,7 @@ func (_ *VPC) RenderCloudformation(t *cloudformation.CloudformationTarget, a, e,
|
||||||
CidrBlock: e.CIDR,
|
CidrBlock: e.CIDR,
|
||||||
EnableDnsHostnames: e.EnableDNSHostnames,
|
EnableDnsHostnames: e.EnableDNSHostnames,
|
||||||
EnableDnsSupport: e.EnableDNSSupport,
|
EnableDnsSupport: e.EnableDNSSupport,
|
||||||
Tags: buildCloudformationTags(cloud.BuildTags(e.Name)),
|
Tags: buildCloudformationTags(e.Tags),
|
||||||
}
|
}
|
||||||
|
|
||||||
return t.RenderResource("AWS::EC2::VPC", *e.Name, tf)
|
return t.RenderResource("AWS::EC2::VPC", *e.Name, tf)
|
||||||
|
|
|
||||||
|
|
@ -36,6 +36,7 @@ func TestVPCCreate(t *testing.T) {
|
||||||
vpc1 := &VPC{
|
vpc1 := &VPC{
|
||||||
Name: s("vpc1"),
|
Name: s("vpc1"),
|
||||||
CIDR: s("172.21.0.0/16"),
|
CIDR: s("172.21.0.0/16"),
|
||||||
|
Tags: map[string]string{"Name": "vpc1"},
|
||||||
}
|
}
|
||||||
return map[string]fi.Task{
|
return map[string]fi.Task{
|
||||||
"vpc1": vpc1,
|
"vpc1": vpc1,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue