Skip to content

Add private LB and DNS #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
+736 −153
Open

Add private LB and DNS #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 46 additions & 6 deletions api/v1alpha1/scalewaycluster_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,18 @@ import (
const ClusterFinalizer = "scalewaycluster.infrastructure.cluster.x-k8s.io/sc-protection"

// ScalewayClusterSpec defines the desired state of ScalewayCluster.
//
// +kubebuilder:validation:XValidation:rule="!has(oldSelf.controlPlaneEndpoint) || has(self.controlPlaneEndpoint)", message="controlPlaneEndpoint is required once set"
//
// +kubebuilder:validation:XValidation:rule="(has(self.network) && has(self.network.controlPlaneDNS)) == (has(oldSelf.network) && has(oldSelf.network.controlPlaneDNS))",message="controlPlaneDNS cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="(has(self.network) && has(self.network.controlPlanePrivateDNS)) == (has(oldSelf.network) && has(oldSelf.network.controlPlanePrivateDNS))",message="controlPlanePrivateDNS cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="(has(self.network) && has(self.network.privateNetwork)) == (has(oldSelf.network) && has(oldSelf.network.privateNetwork))",message="privateNetwork cannot be added or removed"
//
// +kubebuilder:validation:XValidation:rule="(has(self.network) && has(self.network.controlPlaneLoadBalancer) && has(self.network.controlPlaneLoadBalancer.port)) == (has(oldSelf.network) && has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.port))",message="port cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="(has(self.network) && has(self.network.controlPlaneLoadBalancer) && has(self.network.controlPlaneLoadBalancer.private)) == (has(oldSelf.network) && has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.private))",message="private cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="(has(self.network) && has(self.network.controlPlaneLoadBalancer) && has(self.network.controlPlaneLoadBalancer.ip)) == (has(oldSelf.network) && has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.ip))",message="ip cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="(has(self.network) && has(self.network.controlPlaneLoadBalancer) && has(self.network.controlPlaneLoadBalancer.zone)) == (has(oldSelf.network) && has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.zone))",message="zone cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="(has(self.network) && has(self.network.controlPlaneLoadBalancer) && has(self.network.controlPlaneLoadBalancer.privateIP)) == (has(oldSelf.network) && has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.privateIP))",message="privateIP cannot be added or removed"
type ScalewayClusterSpec struct {
// ProjectID is the Scaleway project ID where the cluster will be created.
// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
Expand Down Expand Up @@ -42,10 +53,12 @@ type ScalewayClusterSpec struct {
}

// NetworkSpec defines network specific settings.
// +kubebuilder:validation:XValidation:rule="!has(self.controlPlaneExtraLoadBalancers) || has(self.controlPlaneDNS)",message="controlPlaneDNS is required when controlPlaneExtraLoadBalancers is set"
// +kubebuilder:validation:XValidation:rule="has(self.controlPlaneDNS) == has(oldSelf.controlPlaneDNS)",message="controlPlaneDNS cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="has(self.privateNetwork) == has(oldSelf.privateNetwork)",message="privateNetwork cannot be added or removed"
//
// +kubebuilder:validation:XValidation:rule="!has(self.controlPlaneExtraLoadBalancers) || has(self.controlPlaneDNS) || has(self.controlPlanePrivateDNS)",message="controlPlaneDNS or controlPlanePrivateDNS is required when controlPlaneExtraLoadBalancers is set"
// +kubebuilder:validation:XValidation:rule="!has(self.publicGateways) || has(self.privateNetwork) && self.privateNetwork.enabled",message="privateNetwork is required when publicGateways is set"
// +kubebuilder:validation:XValidation:rule="!has(self.controlPlaneLoadBalancer) || !has(self.controlPlaneLoadBalancer.private) || !self.controlPlaneLoadBalancer.private || has(self.privateNetwork) && self.privateNetwork.enabled",message="privateNetwork is required when private LoadBalancer is enabled"
// +kubebuilder:validation:XValidation:rule="!has(self.controlPlanePrivateDNS) || has(self.controlPlaneLoadBalancer.private) && self.controlPlaneLoadBalancer.private",message="private LoadBalancer must be enabled to set controlPlanePrivateDNS"
// +kubebuilder:validation:XValidation:rule="(has(self.controlPlaneDNS) ? 1 : 0) + (has(self.controlPlanePrivateDNS) ? 1 : 0) < 2",message="controlPlaneDNS and controlPlanePrivateDNS cannot be set at the same time"
type NetworkSpec struct {
// ControlPlaneLoadBalancer contains loadbalancer settings.
// +optional
Expand All @@ -65,6 +78,14 @@ type NetworkSpec struct {
// +optional
ControlPlaneDNS *ControlPlaneDNSSpec `json:"controlPlaneDNS,omitempty"`

// ControlPlanePrivateDNS allows configuring the DNS Zone of the VPC with
// records that point to the control plane LoadBalancers. This field is only
// available when the control plane LoadBalancers are private. Only one of
// ControlPlaneDNS or ControlPlanePrivateDNS can be set.
// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
// +optional
ControlPlanePrivateDNS *ControlPlanePrivateDNSSpec `json:"controlPlanePrivateDNS,omitempty"`

// PrivateNetwork allows attaching machines of the cluster to a Private Network.
// +optional
PrivateNetwork *PrivateNetworkSpec `json:"privateNetwork,omitempty"`
Expand Down Expand Up @@ -92,15 +113,18 @@ type LoadBalancerSpec struct {
// +kubebuilder:validation:Format=ipv4
// +optional
IP *string `json:"ip,omitempty"`

// Private IP to use when attaching a loadbalancer to a Private Network.
// +kubebuilder:validation:Format=ipv4
// +optional
PrivateIP *string `json:"privateIP,omitempty"`
}

// ControlPlaneLoadBalancerSpec defines control-plane loadbalancer settings for the cluster.
// +kubebuilder:validation:XValidation:rule="has(self.port) == has(oldSelf.port)",message="port cannot be added or removed"
type ControlPlaneLoadBalancerSpec struct {
// +kubebuilder:validation:XValidation:rule="has(self.ip) == has(oldSelf.ip)",message="ip cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="!has(oldSelf.ip) || self.ip == oldSelf.ip",message="ip is immutable"
// +kubebuilder:validation:XValidation:rule="has(self.zone) == has(oldSelf.zone)",message="zone cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="!has(oldSelf.zone) || self.zone == oldSelf.zone",message="zone is immutable"
// +kubebuilder:validation:XValidation:rule="!has(oldSelf.privateIP) || self.privateIP == oldSelf.privateIP",message="privateIP is immutable"
LoadBalancerSpec `json:",inline"`

// Port configured on the Load Balancer. It must be valid port range (1-65535).
Expand All @@ -118,6 +142,11 @@ type ControlPlaneLoadBalancerSpec struct {
// +listType=set
// +optional
AllowedRanges []CIDR `json:"allowedRanges,omitempty"`

// Private disables the creation of a public IP on the LoadBalancers when it's set to true.
// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
// +optional
Private *bool `json:"private,omitempty"`
}

// CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8").
Expand All @@ -137,6 +166,13 @@ type ControlPlaneDNSSpec struct {
Name string `json:"name"`
}

type ControlPlanePrivateDNSSpec struct {
// Name is the DNS short name of the record (non-FQDN). The format must consist of
// alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character.
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9.]*[a-z0-9])?$
Name string `json:"name"`
}

// PrivateNetworkSpec defines Private Network settings for the cluster.
// +kubebuilder:validation:XValidation:rule="has(self.vpcID) == has(oldSelf.vpcID)",message="vpcID cannot be added or removed"
// +kubebuilder:validation:XValidation:rule="has(self.id) == has(oldSelf.id)",message="id cannot be added or removed"
Expand Down Expand Up @@ -203,6 +239,10 @@ type ScalewayClusterStatus struct {

// NetworkStatus contains information about network resources of the cluster.
type NetworkStatus struct {
// VPCID is set if the cluster has an associated Private Network.
// +optional
VPCID *string `json:"vpcID,omitempty"`

// PrivateNetworkID is set if the cluster has an associated Private Network.
// +optional
PrivateNetworkID *string `json:"privateNetworkID,omitempty"`
Expand Down
35 changes: 35 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

100 changes: 87 additions & 13 deletions config/crd/bases/infrastructure.cluster.x-k8s.io_scalewayclusters.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,11 @@ spec:
description: IP to use when creating a loadbalancer.
format: ipv4
type: string
privateIP:
description: Private IP to use when attaching a loadbalancer
to a Private Network.
format: ipv4
type: string
type:
default: LB-S
description: Load Balancer commercial offer type.
Expand Down Expand Up @@ -175,6 +180,18 @@ spec:
x-kubernetes-validations:
- message: Value is immutable
rule: self == oldSelf
private:
description: Private disables the creation of a public IP
on the LoadBalancers when it's set to true.
type: boolean
x-kubernetes-validations:
- message: Value is immutable
rule: self == oldSelf
privateIP:
description: Private IP to use when attaching a loadbalancer
to a Private Network.
format: ipv4
type: string
type:
default: LB-S
description: Load Balancer commercial offer type.
Expand All @@ -186,16 +203,31 @@ spec:
type: string
type: object
x-kubernetes-validations:
- message: port cannot be added or removed
rule: has(self.port) == has(oldSelf.port)
- message: ip cannot be added or removed
rule: has(self.ip) == has(oldSelf.ip)
- message: ip is immutable
rule: '!has(oldSelf.ip) || self.ip == oldSelf.ip'
- message: zone cannot be added or removed
rule: has(self.zone) == has(oldSelf.zone)
- message: zone is immutable
rule: '!has(oldSelf.zone) || self.zone == oldSelf.zone'
- message: privateIP is immutable
rule: '!has(oldSelf.privateIP) || self.privateIP == oldSelf.privateIP'
controlPlanePrivateDNS:
description: |-
ControlPlanePrivateDNS allows configuring the DNS Zone of the VPC with
records that point to the control plane LoadBalancers. This field is only
available when the control plane LoadBalancers are private. Only one of
ControlPlaneDNS or ControlPlanePrivateDNS can be set.
properties:
name:
description: |-
Name is the DNS short name of the record (non-FQDN). The format must consist of
alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character.
pattern: ^[a-z0-9]([-a-z0-9.]*[a-z0-9])?$
type: string
required:
- name
type: object
x-kubernetes-validations:
- message: Value is immutable
rule: self == oldSelf
privateNetwork:
description: PrivateNetwork allows attaching machines of the cluster
to a Private Network.
Expand Down Expand Up @@ -270,16 +302,25 @@ spec:
type: array
type: object
x-kubernetes-validations:
- message: controlPlaneDNS is required when controlPlaneExtraLoadBalancers
is set
rule: '!has(self.controlPlaneExtraLoadBalancers) || has(self.controlPlaneDNS)'
- message: controlPlaneDNS cannot be added or removed
rule: has(self.controlPlaneDNS) == has(oldSelf.controlPlaneDNS)
- message: privateNetwork cannot be added or removed
rule: has(self.privateNetwork) == has(oldSelf.privateNetwork)
- message: controlPlaneDNS or controlPlanePrivateDNS is required when
controlPlaneExtraLoadBalancers is set
rule: '!has(self.controlPlaneExtraLoadBalancers) || has(self.controlPlaneDNS)
|| has(self.controlPlanePrivateDNS)'
- message: privateNetwork is required when publicGateways is set
rule: '!has(self.publicGateways) || has(self.privateNetwork) &&
self.privateNetwork.enabled'
- message: privateNetwork is required when private LoadBalancer is
enabled
rule: '!has(self.controlPlaneLoadBalancer) || !has(self.controlPlaneLoadBalancer.private)
|| !self.controlPlaneLoadBalancer.private || has(self.privateNetwork)
&& self.privateNetwork.enabled'
- message: private LoadBalancer must be enabled to set controlPlanePrivateDNS
rule: '!has(self.controlPlanePrivateDNS) || has(self.controlPlaneLoadBalancer.private)
&& self.controlPlaneLoadBalancer.private'
- message: controlPlaneDNS and controlPlanePrivateDNS cannot be set
at the same time
rule: '(has(self.controlPlaneDNS) ? 1 : 0) + (has(self.controlPlanePrivateDNS)
? 1 : 0) < 2'
projectID:
description: ProjectID is the Scaleway project ID where the cluster
will be created.
Expand Down Expand Up @@ -310,6 +351,35 @@ spec:
x-kubernetes-validations:
- message: controlPlaneEndpoint is required once set
rule: '!has(oldSelf.controlPlaneEndpoint) || has(self.controlPlaneEndpoint)'
- message: controlPlaneDNS cannot be added or removed
rule: (has(self.network) && has(self.network.controlPlaneDNS)) == (has(oldSelf.network)
&& has(oldSelf.network.controlPlaneDNS))
- message: controlPlanePrivateDNS cannot be added or removed
rule: (has(self.network) && has(self.network.controlPlanePrivateDNS))
== (has(oldSelf.network) && has(oldSelf.network.controlPlanePrivateDNS))
- message: privateNetwork cannot be added or removed
rule: (has(self.network) && has(self.network.privateNetwork)) == (has(oldSelf.network)
&& has(oldSelf.network.privateNetwork))
- message: port cannot be added or removed
rule: (has(self.network) && has(self.network.controlPlaneLoadBalancer)
&& has(self.network.controlPlaneLoadBalancer.port)) == (has(oldSelf.network)
&& has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.port))
- message: private cannot be added or removed
rule: (has(self.network) && has(self.network.controlPlaneLoadBalancer)
&& has(self.network.controlPlaneLoadBalancer.private)) == (has(oldSelf.network)
&& has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.private))
- message: ip cannot be added or removed
rule: (has(self.network) && has(self.network.controlPlaneLoadBalancer)
&& has(self.network.controlPlaneLoadBalancer.ip)) == (has(oldSelf.network)
&& has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.ip))
- message: zone cannot be added or removed
rule: (has(self.network) && has(self.network.controlPlaneLoadBalancer)
&& has(self.network.controlPlaneLoadBalancer.zone)) == (has(oldSelf.network)
&& has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.zone))
- message: privateIP cannot be added or removed
rule: (has(self.network) && has(self.network.controlPlaneLoadBalancer)
&& has(self.network.controlPlaneLoadBalancer.privateIP)) == (has(oldSelf.network)
&& has(oldSelf.network.controlPlaneLoadBalancer) && has(oldSelf.network.controlPlaneLoadBalancer.privateIP))
status:
description: ScalewayClusterStatus defines the observed state of ScalewayCluster.
properties:
Expand Down Expand Up @@ -355,6 +425,10 @@ spec:
items:
type: string
type: array
vpcID:
description: VPCID is set if the cluster has an associated Private
Network.
type: string
type: object
ready:
description: |-
Expand Down
Loading