✨ Introduce edge subnets to support AWS Local Zones #4882
Merged
Commits on Apr 22, 2024
-
✨ edge subnets: support Local Zones provisioning networks
Introducing the mechanism to query the zone information from the subnet's AvailabilityZone, saving the ZoneType and the ParentZoneName in the SubnetSpec, both for managed and unmanaged. The ZoneType is used to group the zones from regular and the edge zones. Regular zones are with type 'availability-zone', and the edge zones are types 'local-zone' and 'wavelength-zone'. The following statements are valid for edge subnets: - private subnets supports egress traffic only using NAT Gateway in the region. - IPv6 subnets is not supported in edge zones - subnet tags (kubernetes.io/role/*) for load balancer are not set in edge subnets. Edge subnets should not be elected by CCM to create service load balancers. Use ALB ingress instead. ✨ edge subnets/test: unit for subnets in Local Zones Added unit tests to validate scenarios suing managed and unmanaged subnets in AWS Local Zones, alongside new describe availability zones API calls introduced in the subnet reconciliation loop. ✨ edge subnets/unit: fixes unit tests to describe zone calls The edge subnets feature introduce a new AWS API call to describe zones, DescribeAvailabilityZonesWithContext, to lookup zone attributes based in the zone names in the reconciliator, and the create subnets. The two new calls is required to support unmanaged subnets (BYO VPC), where the method createSubnet() is not called. There are some unit tests calling the create subnet flow, this change add the mock calls for those calls.
-
✨ edge subnets/gateway: add gateway routing for Local Zones
✨ edge subnets/routes: supporting custom routes for Local Zones Isolate the route table lookup into dedicated methods for private and public subnets to allow more complex requirements for edge zones, as well introduce unit tests for each scenario to cover edge cases. There is no change for private and public subnets for regular zones (standard flow), and the routes will be assigned accordainly the existing flow: private subnets uses nat gateways per public zone, and internet gateway for public zones's tables. For private and public subnets in edge zones, the following changes is introduced according to each rule: General: - IPv6 subnets is not be supported in AWS Local Zones, zone, consequently no ip6 routes will be created - nat gateways is not supported, default gateway's route for private subnets will use nat gateways from the zones in the Region (availability-zone's zone type) - one route table by zone's role by zone (standard flow) Private tables for Local Zones: - default route's gateways is assigned using nat gateway created in the region (availability-zones). Public tables for Local Zones: - default route's gateway is assigned using internet gateway The changes in the standard flow (without edge subnets' support) was isolated in the PR kubernetes-sigs#4900 ✨ edge subnets/nat-gw: support private routing in Local Zones Introduce the support to lookup a nat gateway for edge zones when creating private subnets. Currently CAPA requires a NAT Gateway in the public subnet for each zone which requires private subnets to define default nat gateway in the private route table for each zone. NAT Gateway resource isn't globally supported by Local Zones, thus private subnets in Local Zones are created with default route gateway using a nat gateway selected in the Region (regular availability zones) based in the Parent Zone* for the edge subnet. *each edge zone is "tied" to a zone named "Parent Zone", a zone type availability-zone (regular zones) in the region.
-
✨ edge subnets/API: support edge subnets for Local Zones
This change introduce support of required network components to deploy subnets on AWS Local Zones infrastructure. The SubnetSpec API is introducing the field ZoneType and ParentZoneName to handle the zone information for the subnet, discovered when reconciling the subnet. ✨ edge subnets/API/gen: introduce edge subnets for Local Zones Generate API changes to suppoer edge subnets for Local Zones. ✨ edge subnets/API/test: added unit to Local Zones Testing new methods and workflow added to the API to SubnetSpec (zone information). ✨ edge subnets/docs: added guide subnets on Local and Wavelength zones Create a dedicated document, "topic", with instructions to deploy network infrastructure (subnets, gateways and route tables) in "edge zones" - Local Zone and Wavelength Zone infrastructure.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.