зеркало из https://github.com/Azure/ARO-RP.git
allow cluster route table to be overridden for testing
This commit is contained in:
Jim Minter
bennerv
Родитель
382a3a8887
Коммит
1e8b4135a8
|
|
@ -18,6 +18,10 @@
|
|||
"masterAddressPrefix": {
|
||||
"type": "string"
|
||||
},
|
||||
"routes": {
|
||||
"type": "array",
|
||||
"defaultValue": []
|
||||
},
|
||||
"vnetAddressPrefix": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -41,6 +45,9 @@
|
|||
"apiVersion": "2020-08-01"
|
||||
},
|
||||
{
|
||||
"properties": {
|
||||
"routes": "[parameters('routes')]"
|
||||
},
|
||||
"name": "[concat(parameters('clusterName'), '-rt')]",
|
||||
"type": "Microsoft.Network/routeTables",
|
||||
"location": "[resourceGroup().location]",
|
||||
|
|
@ -65,13 +72,18 @@
|
|||
},
|
||||
{
|
||||
"properties": {
|
||||
"addressPrefix": "[parameters('workerAddressPrefix')]"
|
||||
"addressPrefix": "[parameters('workerAddressPrefix')]",
|
||||
"routeTable": {
|
||||
"id": "[resourceid('Microsoft.Network/routeTables', concat(parameters('clusterName'), '-rt'))]",
|
||||
"tags": null
|
||||
}
|
||||
},
|
||||
"name": "[concat('dev-vnet/', parameters('clusterName'), '-worker')]",
|
||||
"type": "Microsoft.Network/virtualNetworks/subnets",
|
||||
"apiVersion": "2020-08-01",
|
||||
"dependsOn": [
|
||||
"[resourceid('Microsoft.Network/virtualNetworks/subnets', 'dev-vnet', concat(parameters('clusterName'), '-master'))]"
|
||||
"[resourceid('Microsoft.Network/virtualNetworks/subnets', 'dev-vnet', concat(parameters('clusterName'), '-master'))]",
|
||||
"[resourceid('Microsoft.Network/routeTables', concat(parameters('clusterName'), '-rt'))]"
|
||||
],
|
||||
"location": "[resourceGroup().location]"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -96,7 +96,7 @@ func (fi bindataFileInfo) Sys() interface{} {
|
|||
return nil
|
||||
}
|
||||
|
||||
var _clusterPredeployJson = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xdc\x55\x4f\x8f\xda\x3e\x10\xbd\xf3\x29\xa2\xfc\x7e\x52\x40\xca\x3f\x90\x2a\x55\xdc\x7a\xaa\x7a\xe8\x76\xa5\x5d\xed\x05\x71\x18\x9c\x81\x75\xeb\xd8\x96\x3d\xa1\xdd\xae\xf8\xee\x95\x09\x09\xe4\x0f\x94\xd2\xec\xa5\xe2\x42\xec\x99\x79\x33\x6f\xde\x4b\x5e\x47\x9e\xe7\x79\xfe\xff\x96\x3d\x63\x0e\xfe\xdc\xf3\x9f\x89\xb4\x9d\x27\x49\x79\x12\xe7\x20\x61\x83\x39\x4a\x8a\xe1\x67\x61\x30\x66\x2a\x3f\xdc\xd9\x64\x96\x4e\xdf\x45\xe9\x34\x4a\xa7\x49\x86\x5a\xa8\x17\x17\xf7\x88\xb9\x16\x40\x18\x7f\xb5\x4a\xfe\xe7\x87\x25\x02\x53\x92\x50\xd2\x13\x1a\xcb\x95\x74\x40\xd3\x38\x75\xbf\x2a\x40\x83\x81\x1c\x09\x8d\xf5\xe7\x5e\xd9\x56\x99\xc8\x1b\xcf\xfb\x33\x7a\xd1\xe8\x4a\xac\x94\x12\x87\xfc\xfa\x2e\xc3\x35\x14\x82\x9e\x40\x14\x2e\x66\x0d\xc2\x62\x1d\xb1\x0b\x4f\x0a\x8b\xc2\x12\x9a\x3b\xc8\xf1\x3c\x82\x25\xc3\xe5\xc6\xbf\x54\xe0\x01\xcd\x96\x33\xbc\x37\x5c\x32\xae\x41\x7c\xca\x6e\x2b\xb7\xd6\x43\x55\xca\xc1\xf5\xf5\x21\xcb\x0c\x5a\x7b\x6f\x70\xcd\x7f\xdc\x56\x68\x2b\x91\x06\x28\xf3\x5d\x99\x6f\xb7\xf7\x33\x3a\x29\xe7\x1b\xb4\xaa\x30\x0c\x9d\x48\x16\x75\x4c\xab\x94\x36\x4a\xa3\x21\x8e\xb6\x03\xb3\xbf\x87\xb2\x93\x07\x0d\xac\xbb\xfa\x76\x54\xd9\x6f\x0b\xb0\x13\xbc\x38\xca\x77\x1c\x74\x68\x0b\x26\x4b\xbf\x37\x77\xd9\x39\xdd\x35\x4e\x76\x2d\x71\xcb\x52\xac\x7e\x86\xdb\xc8\xa1\xb4\xc5\x5f\x91\xf8\x99\x33\xa3\xac\x5a\x53\x7c\x87\xe4\xe8\x4f\xb6\xdc\x50\x01\xe2\xf0\x68\xdb\x89\x42\x31\xa0\x83\x31\x17\x15\xc9\x1f\x8d\x2a\xf4\x78\x12\x57\x97\xcb\x76\x16\x53\x32\xe3\x75\xda\x29\x05\x8c\xbb\x99\x5b\xe1\xa0\xf9\x89\xff\x67\xe9\x2c\x8d\xd2\xf7\x51\x3a\xed\x55\xcd\x6b\xff\xe4\x0b\xa6\x24\x03\x1a\x37\xc0\x8e\x4e\x0e\x26\xa1\x17\x44\x86\x7a\xd0\xcf\x73\x63\x54\x41\xf8\x08\x2b\x81\x03\xf1\xf2\x37\x83\x5e\x29\xde\xda\x46\x4d\xde\x7b\xac\xdf\xa5\x62\x5f\xe7\x38\xf4\x79\x0b\xf0\xac\x31\x37\xcf\xc6\xc1\x45\xf6\x82\xd0\xbb\x76\x3d\xbd\x4d\x95\x7b\x82\x8d\x1b\x5d\x16\x42\xdc\xe8\x8e\x4a\x23\x41\x65\x93\x24\x08\xbd\x8b\x1d\x95\xb4\xfd\x91\x68\x5a\x86\x4a\x6c\xb1\x92\x48\x1d\x01\x9d\x95\x42\xe7\xb3\xa5\x51\x66\xf6\x8b\xec\x7d\xcf\xfc\x6e\x07\xad\x66\x82\xd0\xab\x67\x3f\xb3\xfe\xb7\x5a\x6a\x03\x69\x79\x9b\x9b\xde\xdc\x25\x3d\x1f\xa4\xce\x2b\x7a\x38\x71\x95\x68\xff\x8c\xb8\xaa\x66\x1a\x22\xbb\x4e\x23\x95\xcd\x06\xd7\xc9\xfe\xdf\x72\xb4\x1b\xfd\x0a\x00\x00\xff\xff\xe0\xba\x23\xfe\xd0\x0a\x00\x00")
|
||||
var _clusterPredeployJson = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x55\x4d\x8f\xda\x30\x10\xbd\xf3\x2b\xa2\xb4\x52\x40\xca\x17\x48\x95\x2a\x6e\x3d\x55\x3d\x74\xbb\xd2\xae\xf6\x82\x72\x18\x9c\x81\x75\xeb\xd8\x96\xed\xd0\xd2\x8a\xff\x5e\x25\x21\x81\x38\x09\xec\x22\x38\xb4\x5a\xed\x65\x63\xcf\x8c\xdf\xbc\x37\x6f\xf8\x33\x72\x1c\xc7\x71\xdf\x6b\xf2\x8c\x19\xb8\x73\xc7\x7d\x36\x46\xea\x79\x14\x55\x27\x61\x06\x1c\xd6\x98\x21\x37\x21\xfc\xce\x15\x86\x44\x64\xfb\x3b\x1d\xcd\xe2\xe9\x87\x20\x9e\x06\xf1\x34\x4a\x51\x32\xb1\x2d\xe2\x1e\x31\x93\x0c\x0c\x86\xdf\xb5\xe0\xef\x5c\xbf\x7a\x81\x08\x6e\x90\x9b\x27\x54\x9a\x0a\x5e\x3c\x34\x0d\xe3\xe2\xaf\x0e\x90\xa0\x20\x43\x83\x4a\xbb\x73\xa7\x82\x55\x25\xd2\xd6\x77\x79\x66\xb6\x12\x8b\x12\x4b\x21\xd8\x3e\xbf\xb9\x4b\x71\x05\x39\x33\x4f\xc0\xf2\x22\x66\x05\x4c\x63\x13\xb1\xf3\x8f\x0a\xb3\x5c\x1b\x54\x77\x90\xe1\xf0\x0b\xda\x28\xca\xd7\xee\xa9\x02\x0f\xa8\x36\x94\xe0\xbd\xa2\x9c\x50\x09\xec\x4b\x7a\x59\xb9\x95\xbc\x56\xa5\x0c\x0a\x5c\x9f\xd2\x54\xa1\xd6\xf7\x0a\x57\xf4\xd7\x65\x85\x94\xc8\x0d\xea\xe1\x5c\x50\x0a\xb6\x67\x04\x58\x24\xbd\xa5\x37\x1c\xcd\x15\x10\xfe\x14\xea\xc7\xe5\xad\x8e\x8e\xca\xb9\x0a\xb5\xc8\x15\x29\xfb\x5d\x34\x31\x56\x29\xa9\x84\x44\x65\x68\x0f\x2b\xe5\x3d\x54\x48\x1e\x24\x90\xee\x54\xd9\x51\x15\x5e\xeb\xc1\x4e\xf0\xe2\xe0\x8c\xb1\xd7\xa1\xcd\x9b\x24\x6e\x6f\x6e\xd2\x39\xdd\xb5\x4e\x76\x96\x6c\xbc\xf2\x81\x9b\xe2\x26\x28\x5e\xb1\x65\xad\x49\xfc\x4a\x89\x12\x5a\xac\x4c\x78\x87\xa6\xa0\x3f\xda\x50\x65\x72\x60\xfb\x4f\x6d\x27\x32\x41\xc0\xec\x3d\xbf\xa8\x49\xfe\xac\x44\x2e\xc7\x93\xb0\xbe\x4c\xec\x2c\x22\x78\x4a\x9b\xb4\x63\x0a\x08\x2d\x7a\xb6\xc2\x41\xd2\xa3\xd5\x32\x8b\x67\x71\x10\x7f\x0c\xe2\x69\xef\xd4\xbc\x52\xd3\xc6\x05\x6d\x1c\xd5\x71\x87\xff\x21\x5e\x17\x44\x70\x02\x66\xdc\x6a\xe5\xb0\x82\xbc\x89\xef\x78\x81\x32\x3d\xbd\x0d\x33\x5f\x42\x78\x84\x25\xc3\x2b\xb1\x7e\x4b\x1a\xc1\x32\x69\x9b\xcd\x9e\x9d\xd5\xa5\xe2\x20\x47\xd9\xf4\xb0\xc1\x68\xda\xea\x9b\xa6\x63\xef\x24\x7b\x9e\xef\xbc\x54\x9e\x5e\x50\x95\x4e\xb0\x2e\x5a\xe7\x39\x63\x17\x7a\xaf\x9e\x11\xaf\x36\x61\xe4\xf9\xce\x49\x44\x15\x6d\xaf\x1a\x1a\xcb\xae\x91\xce\x97\x1c\x4d\x67\x80\x06\x47\xa1\xb3\xee\x25\xf2\x54\x7f\xe3\xbd\x5b\xec\x9c\x06\x16\x18\xcf\x77\x9a\xde\x07\xe4\xbf\x95\xa8\xad\x97\x92\xcb\xdc\x74\x73\x97\xf4\xfc\xdc\xbd\xb9\xe4\xbc\x4b\x2a\xda\xfe\x1b\x97\xd4\x60\x5a\x6e\x79\x99\x36\xf5\xbe\xf8\x97\xbd\x55\xfe\x97\x8c\x76\xa3\xbf\x01\x00\x00\xff\xff\x9c\xba\xe7\x92\xbd\x0c\x00\x00")
|
||||
|
||||
func clusterPredeployJsonBytes() ([]byte, error) {
|
||||
return bindataRead(
|
||||
|
|
|
|||
|
|
@ -16,12 +16,17 @@ func (g *generator) clusterVnet() *arm.Resource {
|
|||
}
|
||||
|
||||
func (g *generator) clusterRouteTable() *arm.Resource {
|
||||
return &arm.Resource{
|
||||
Resource: &mgmtnetwork.RouteTable{
|
||||
rt := &mgmtnetwork.RouteTable{
|
||||
RouteTablePropertiesFormat: &mgmtnetwork.RouteTablePropertiesFormat{
|
||||
Routes: &[]mgmtnetwork.Route{},
|
||||
},
|
||||
Name: to.StringPtr("[concat(parameters('clusterName'), '-rt')]"),
|
||||
Type: to.StringPtr("Microsoft.Network/routeTables"),
|
||||
Location: to.StringPtr("[resourceGroup().location]"),
|
||||
},
|
||||
}
|
||||
|
||||
return &arm.Resource{
|
||||
Resource: rt,
|
||||
APIVersion: azureclient.APIVersion("Microsoft.Network"),
|
||||
}
|
||||
}
|
||||
|
|
@ -52,6 +57,9 @@ func (g *generator) clusterWorkerSubnet() *arm.Resource {
|
|||
Resource: &mgmtnetwork.Subnet{
|
||||
SubnetPropertiesFormat: &mgmtnetwork.SubnetPropertiesFormat{
|
||||
AddressPrefix: to.StringPtr("[parameters('workerAddressPrefix')]"),
|
||||
RouteTable: &mgmtnetwork.RouteTable{
|
||||
ID: to.StringPtr("[resourceid('Microsoft.Network/routeTables', concat(parameters('clusterName'), '-rt'))]"),
|
||||
},
|
||||
},
|
||||
Name: to.StringPtr("[concat('dev-vnet/', parameters('clusterName'), '-worker')]"),
|
||||
},
|
||||
|
|
@ -60,6 +68,7 @@ func (g *generator) clusterWorkerSubnet() *arm.Resource {
|
|||
APIVersion: azureclient.APIVersion("Microsoft.Network"),
|
||||
DependsOn: []string{
|
||||
"[resourceid('Microsoft.Network/virtualNetworks/subnets', 'dev-vnet', concat(parameters('clusterName'), '-master'))]",
|
||||
"[resourceid('Microsoft.Network/routeTables', concat(parameters('clusterName'), '-rt'))]",
|
||||
},
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -48,6 +48,7 @@ func (g *generator) templateFixup(t *arm.Template) ([]byte, error) {
|
|||
b = bytes.ReplaceAll(b, []byte(`"capacity": 1338`), []byte(`"capacity": "[parameters('rpVmssCapacity')]"`))
|
||||
b = bytes.ReplaceAll(b, []byte(`"capacity": 1339`), []byte(`"capacity": "[parameters('gatewayVmssCapacity')]"`))
|
||||
b = bytes.ReplaceAll(b, []byte(`"zones": []`), []byte(`"zones": "[pickZones('Microsoft.Network', 'publicIPAddresses', resourceGroup().location, 3)]"`))
|
||||
b = bytes.ReplaceAll(b, []byte(`"routes": []`), []byte(`"routes": "[parameters('routes')]"`))
|
||||
if g.production {
|
||||
b = regexp.MustCompile(`(?m)"accessPolicies": \[[^]]*`+clusterAccessPolicyHack+`[^]]*\]`).ReplaceAll(b, []byte(`"accessPolicies": "[concat(variables('clusterKeyvaultAccessPolicies'), parameters('extraClusterKeyvaultAccessPolicies'))]"`))
|
||||
b = regexp.MustCompile(`(?m)"accessPolicies": \[[^]]*`+dbTokenAccessPolicyHack+`[^]]*\]`).ReplaceAll(b, []byte(`"accessPolicies": "[concat(variables('dbTokenKeyvaultAccessPolicies'), parameters('extraDBTokenKeyvaultAccessPolicies'))]"`))
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ func (g *generator) clusterPredeploy() *arm.Template {
|
|||
"clusterServicePrincipalId",
|
||||
"fpServicePrincipalId",
|
||||
"ci",
|
||||
"routes",
|
||||
"vnetAddressPrefix",
|
||||
"masterAddressPrefix",
|
||||
"workerAddressPrefix",
|
||||
|
|
@ -26,6 +27,9 @@ func (g *generator) clusterPredeploy() *arm.Template {
|
|||
case "ci":
|
||||
p.Type = "bool"
|
||||
p.DefaultValue = false
|
||||
case "routes":
|
||||
p.Type = "array"
|
||||
p.DefaultValue = []interface{}{}
|
||||
}
|
||||
t.Parameters[param] = p
|
||||
}
|
||||
|
|
|
|||
|
|
@ -142,6 +142,10 @@ func (c *Cluster) Create(ctx context.Context, vnetResourceGroup, clusterName str
|
|||
|
||||
visibility := api.VisibilityPublic
|
||||
|
||||
if os.Getenv("NO_INTERNET") != "" {
|
||||
visibility = api.VisibilityPrivate
|
||||
}
|
||||
|
||||
if c.ci {
|
||||
c.log.Infof("creating resource group")
|
||||
_, err = c.groups.CreateOrUpdate(ctx, vnetResourceGroup, mgmtfeatures.ResourceGroup{
|
||||
|
|
@ -178,6 +182,21 @@ func (c *Cluster) Create(ctx context.Context, vnetResourceGroup, clusterName str
|
|||
"workerAddressPrefix": {Value: workerSubnet},
|
||||
}
|
||||
|
||||
// TODO: ick
|
||||
if os.Getenv("NO_INTERNET") != "" {
|
||||
parameters["routes"] = &arm.ParametersParameter{
|
||||
Value: []mgmtnetwork.Route{
|
||||
{
|
||||
RoutePropertiesFormat: &mgmtnetwork.RoutePropertiesFormat{
|
||||
AddressPrefix: to.StringPtr("0.0.0.0/0"),
|
||||
NextHopType: mgmtnetwork.RouteNextHopTypeNone,
|
||||
},
|
||||
Name: to.StringPtr("blackhole"),
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
armctx, cancel := context.WithTimeout(ctx, 10*time.Minute)
|
||||
defer cancel()
|
||||
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче