Adding additional tags to various AWS components

This PR adds the base tags to DHCP Options, IGW, and Route Tables.
These components are not tagged correctly, and this can cause issues
with deletion. Name tags are not added to shared resources, as we allow
shared resources to have maintained names.  A owned/shared tags with the
syntax  "kubernetes.io/cluster/$CLUSTERNAME" = "owned" is added to the
resources as well.  We are maintaining the Name tag value for private
route tables, as these resources do not use the standard value.

pkg/model/network.go

@@ -39,10 +39,10 @@ var _ fi.ModelBuilder = &NetworkModelBuilder{}
 func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error {
 	sharedVPC := b.Cluster.SharedVPC()
 	vpcName := b.ClusterName()
+	tags := b.CloudTags(vpcName, sharedVPC)
 
 	// VPC that holds everything for the cluster
 	{
-		tags := b.CloudTags(vpcName, sharedVPC)
 
 		t := &awstasks.VPC{
 			Name:             s(vpcName),
@@ -78,6 +78,9 @@ func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error {
 			Name:              s(b.ClusterName()),
 			Lifecycle:         b.Lifecycle,
 			DomainNameServers: s("AmazonProvidedDNS"),
+
+			Tags:   tags,
+			Shared: fi.Bool(sharedVPC),
 		}
 		if b.Region == "us-east-1" {
 			dhcp.DomainName = s("ec2.internal")
@@ -114,6 +117,8 @@ func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error {
 			Lifecycle: b.Lifecycle,
 			VPC:       b.LinkToVPC(),
 			Shared:    fi.Bool(sharedVPC),
+
+			Tags: tags,
 		}
 		c.AddTask(igw)
 
@@ -123,6 +128,9 @@ func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error {
 				Lifecycle: b.Lifecycle,
 
 				VPC: b.LinkToVPC(),
+
+				Tags:   tags,
+				Shared: fi.Bool(sharedVPC),
 			}
 			c.AddTask(publicRouteTable)
 
@@ -268,6 +276,24 @@ func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error {
 			c.AddTask(ngw)
 		}
 
+		// kops needs to have the correct shared or owned tag on private route tables,
+		// but the 'Name' tag  for the private route table does not match the standard
+		// 'Name' tag value.
+		// Making a copy of the map to use for private route tables, and maintaining the 'Name'
+		// tag with a value like "private-us-test-1a.privatedns1.example.com" instead of using
+		// the usual value like "privatedns1.example.com".
+		privateTags := make(map[string]string)
+		for k, v := range tags {
+			privateTags[k] = v
+		}
+		// We do not set the Name on shared resources remove it if it exists
+		// otherwise set it.
+		if sharedVPC {
+			delete(privateTags, "Name")
+		} else {
+			privateTags["Name"] = b.NamePrivateRouteTableInZone(zone)
+		}
+
 		// Private Route Table
 		//
 		// The private route table that will route to the NAT Gateway
@@ -275,6 +301,9 @@ func (b *NetworkModelBuilder) Build(c *fi.ModelBuilderContext) error {
 			Name:      s(b.NamePrivateRouteTableInZone(zone)),
 			VPC:       b.LinkToVPC(),
 			Lifecycle: b.Lifecycle,
+
+			Shared: fi.Bool(sharedVPC),
+			Tags:   privateTags,
 		}
 		c.AddTask(rt)
 

upup/pkg/fi/cloudup/awstasks/dhcp_options.go

@@ -38,6 +38,12 @@ type DHCPOptions struct {
 	ID                *string
 	DomainName        *string
 	DomainNameServers *string
+
+	// Shared is set if this is a shared DHCPOptions
+	Shared *bool
+
+	// Tags is a map of aws tags that are added to the InternetGateway
+	Tags map[string]string
 }
 
 var _ fi.CompareWithID = &DHCPOptions{}
@@ -157,7 +163,7 @@ func (_ *DHCPOptions) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *DHCPOption
 		e.ID = response.DhcpOptions.DhcpOptionsId
 	}
 
-	return t.AddAWSTags(*e.ID, t.Cloud.BuildTags(e.Name))
+	return t.AddAWSTags(*e.ID, e.Tags)
 }
 
 type terraformDHCPOptions struct {
@@ -167,11 +173,9 @@ type terraformDHCPOptions struct {
 }
 
 func (_ *DHCPOptions) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *DHCPOptions) error {
-	cloud := t.Cloud.(awsup.AWSCloud)
-
 	tf := &terraformDHCPOptions{
 		DomainName: e.DomainName,
-		Tags:       cloud.BuildTags(e.Name),
+		Tags:       e.Tags,
 	}
 
 	if e.DomainNameServers != nil {
@@ -192,11 +196,9 @@ type cloudformationDHCPOptions struct {
 }
 
 func (_ *DHCPOptions) RenderCloudformation(t *cloudformation.CloudformationTarget, a, e, changes *DHCPOptions) error {
-	cloud := t.Cloud.(awsup.AWSCloud)
-
 	cf := &cloudformationDHCPOptions{
 		DomainName: e.DomainName,
-		Tags:       buildCloudformationTags(cloud.BuildTags(e.Name)),
+		Tags:       buildCloudformationTags(e.Tags),
 	}
 
 	if e.DomainNameServers != nil {

upup/pkg/fi/cloudup/awstasks/internetgateway.go

@@ -32,9 +32,13 @@ type InternetGateway struct {
 	Name      *string
 	Lifecycle *fi.Lifecycle
 
-	ID     *string
-	VPC    *VPC
+	ID  *string
+	VPC *VPC
+	// Shared is set if this is a shared InternetGateway
 	Shared *bool
+
+	// Tags is a map of aws tags that are added to the InternetGateway
+	Tags map[string]string
 }
 
 var _ fi.CompareWithID = &InternetGateway{}
@@ -163,12 +167,7 @@ func (_ *InternetGateway) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *Intern
 		}
 	}
 
-	tags := t.Cloud.BuildTags(e.Name)
-	if shared {
-		// Don't tag shared resources
-		tags = nil
-	}
-	return t.AddAWSTags(*e.ID, tags)
+	return t.AddAWSTags(*e.ID, e.Tags)
 }
 
 type terraformInternetGateway struct {
@@ -203,11 +202,9 @@ func (_ *InternetGateway) RenderTerraform(t *terraform.TerraformTarget, a, e, ch
 		return nil
 	}
 
-	cloud := t.Cloud.(awsup.AWSCloud)
-
 	tf := &terraformInternetGateway{
 		VPCID: e.VPC.TerraformLink(),
-		Tags:  cloud.BuildTags(e.Name),
+		Tags:  e.Tags,
 	}
 
 	return t.RenderResource("aws_internet_gateway", *e.Name, tf)
@@ -263,11 +260,9 @@ func (_ *InternetGateway) RenderCloudformation(t *cloudformation.CloudformationT
 		return nil
 	}
 
-	cloud := t.Cloud.(awsup.AWSCloud)
-
 	{
 		cf := &cloudformationInternetGateway{
-			Tags: buildCloudformationTags(cloud.BuildTags(e.Name)),
+			Tags: buildCloudformationTags(e.Tags),
 		}
 
 		err := t.RenderResource("AWS::EC2::InternetGateway", *e.Name, cf)

upup/pkg/fi/cloudup/awstasks/routetable.go

@@ -34,6 +34,11 @@ type RouteTable struct {
 
 	ID  *string
 	VPC *VPC
+
+	// Shared is set if this is a shared RouteTable
+	Shared *bool
+	// Tags is a map of aws tags that are added to the RouteTable
+	Tags map[string]string
 }
 
 var _ fi.CompareWithID = &RouteTable{}
@@ -131,7 +136,7 @@ func (_ *RouteTable) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *RouteTable)
 		e.ID = rt.RouteTableId
 	}
 
-	return t.AddAWSTags(*e.ID, t.Cloud.BuildTags(e.Name))
+	return t.AddAWSTags(*e.ID, e.Tags)
 }
 
 type terraformRouteTable struct {
@@ -140,11 +145,9 @@ type terraformRouteTable struct {
 }
 
 func (_ *RouteTable) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *RouteTable) error {
-	cloud := t.Cloud.(awsup.AWSCloud)
-
 	tf := &terraformRouteTable{
 		VPCID: e.VPC.TerraformLink(),
-		Tags:  cloud.BuildTags(e.Name),
+		Tags:  e.Tags,
 	}
 
 	return t.RenderResource("aws_route_table", *e.Name, tf)
@@ -160,11 +163,9 @@ type cloudformationRouteTable struct {
 }
 
 func (_ *RouteTable) RenderCloudformation(t *cloudformation.CloudformationTarget, a, e, changes *RouteTable) error {
-	cloud := t.Cloud.(awsup.AWSCloud)
-
 	cf := &cloudformationRouteTable{
 		VPCID: e.VPC.CloudformationLink(),
-		Tags:  buildCloudformationTags(cloud.BuildTags(e.Name)),
+		Tags:  buildCloudformationTags(e.Tags),
 	}
 
 	return t.RenderResource("AWS::EC2::RouteTable", *e.Name, cf)