Azure Stack Support #5532
Azure Stack Support #5532
Conversation
k8s-ci-robot
added
kind/feature
k8s-ci-robot
added
the
cncf-cla: yes
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Welcome @patrickdillon! |
|
Hi @patrickdillon. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
needs-ok-to-test
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
Adds AzureStack as a valid cloud environment. The value "HybridEnvironment" is the value provided by the Azure autorest package. It would be possible to have a different user-facing value, such as AzureStackCloud, but internally within the code it is necessary to check for the value "HybridEnvironment" returned by autorest. This commit opts to use a single value, rather than separate user-facing and internal values.
Adds the ARMEndpoint field for specifying the ARM Resource Manager Endpoint for use with Azure Stack deployments. The endpoint is used to configure the environment as well as manage resources.
Uses ARMEndpoint from Cluster scope to configure Azure Stack settings for Azure Client and Authorizer, which will be used to configure ARM options for the V2 SDK.
Sets ARM Client Options when using the Azure Stack environment. Extends ARMClientOptions to accept an ARMEndpoint, which can be obtained from the authorizer interface, the same source the cloud environment. Sets the APIVersion to a hybrid cloud profile to ensure compatibility with hybrid environments.
Azure Stack Hub does not support private dns zones, so skip them.
The Resource SKU API for availability sets may not be available in an Azure Stack environment. The cache is used to determine the fault domain count. For Azure Stack, we can default to 2. Future work could potentially set this programatically or expose the fault domain count in the API.
The tag service using the V2 SDK is not available in azure stack. Skip tag reconciliation in Azure Stack environments.
The standard 2020-06-01 API Version is not supported for disk operations in Azure Stack, so change to the compatible 2018-06-01 profile.
Azure Stack returns a 400 error when trying to delete a VM with the force flag and the error message suggests retrying without the flag.
patrickdillon
force-pushed
the
azurestack
branch
from
6e775e8 to
4605c9e
Compare
k8s-ci-robot
removed
the
needs-rebase
|
Don't think anybody has looked at this yet so I went ahead and force pushed to rebase, and fixed the unit test failure (due to newly wrappd error). |
| @@ -48,6 +48,7 @@ type AzureClusterClassSpec struct { | |||
| // - GermanCloud: "AzureGermanCloud" | |||
| // - PublicCloud: "AzurePublicCloud" | |||
| // - USGovernmentCloud: "AzureUSGovernmentCloud" | |||
| // - StackCloud: "HybridEnvironment" | |||
There was a problem hiding this comment.
Is Azure Stack officially supported? Autorest is a deprecated library. I don't see Azure Stack listed in the new Cloud library - https://github.com/Azure/azure-sdk-for-go/blob/d165f8083de58e12135bce2102205081eaade930/sdk/azcore/cloud/cloud.go#L10.
There was a problem hiding this comment.
For example, the GermanCloud isn't supported anymore.
There was a problem hiding this comment.
I know there is an issue too to try and get rid of the autorest library implementations in CAPZ - #2974
There was a problem hiding this comment.
I know there is an issue too to try and get rid of the autorest library implementations in CAPZ
Right, I discussed this a little in the issue #5201. AFAIK there is no available alternative.
There was a problem hiding this comment.
No idea whether it is still supported, although I'm pretty sure it is still sold.
k8s-ci-robot
added
the
needs-rebase
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
| @@ -48,6 +48,7 @@ type AzureClusterClassSpec struct { | |||
| // - GermanCloud: "AzureGermanCloud" | |||
| // - PublicCloud: "AzurePublicCloud" | |||
| // - USGovernmentCloud: "AzureUSGovernmentCloud" | |||
| // - StackCloud: "HybridEnvironment" | |||
There was a problem hiding this comment.
On further testing, it seems "AzureStackCloud" may indeed be required by some components. I will iron this out.
|
/assign @willie-yao @jackfrancis |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #5532 +/- ##
==========================================
- Coverage 52.86% 52.81% -0.05%
==========================================
Files 272 272
Lines 29474 29520 +46
==========================================
+ Hits 15582 15592 +10
- Misses 13080 13113 +33
- Partials 812 815 +3 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
| @@ -48,6 +48,7 @@ type AzureClusterClassSpec struct { | |||
| // - GermanCloud: "AzureGermanCloud" | |||
| // - PublicCloud: "AzurePublicCloud" | |||
| // - USGovernmentCloud: "AzureUSGovernmentCloud" | |||
| // - StackCloud: "HybridEnvironment" | |||
There was a problem hiding this comment.
Should this be renamed to AzureStackCloud to keep it consistent with the other clouds, or is it required to be called "HybridCloud"?
| @@ -186,6 +193,7 @@ type AzureManagedControlPlaneClassSpec struct { | |||
| // - PublicCloud: "AzurePublicCloud" | |||
| // - USGovernmentCloud: "AzureUSGovernmentCloud" | |||
| // | |||
| // | |||
There was a problem hiding this comment.
Is it intended to add AzureStack to the comment here as well?
| @@ -27,6 +27,7 @@ import ( | |||
| "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" | |||
| "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5" | |||
| "github.com/Azure/azure-sdk-for-go/sdk/tracing/azotel" | |||
| "github.com/Azure/go-autorest/autorest/azure" | |||
There was a problem hiding this comment.
| "github.com/Azure/go-autorest/autorest/azure" | |
| azureautorest "github.com/Azure/go-autorest/autorest/azure" |
| @@ -109,6 +112,16 @@ const ( | |||
| CustomHeaderPrefix = "infrastructure.cluster.x-k8s.io/custom-header-" | |||
| ) | |||
|
|
|||
| const ( | |||
| // StackAPIVersion is the API version profile to set for ARM clients. See: | |||
There was a problem hiding this comment.
| // StackAPIVersion is the API version profile to set for ARM clients. See: | |
| // StackAPIVersionProfile is the API version profile to set for ARM clients. See: |
| case StackCloudName: | ||
| cloudEnv, err := azure.EnvironmentFromURL(armEndpoint) | ||
| if err != nil { | ||
| return nil, fmt.Errorf("unable to get Azure Stack cloud environment: %w", err) | ||
| } | ||
| opts.APIVersion = StackAPIVersionProfile | ||
| opts.Cloud = cloud.Configuration{ | ||
| ActiveDirectoryAuthorityHost: cloudEnv.ActiveDirectoryEndpoint, | ||
| Services: map[cloud.ServiceName]cloud.ServiceConfiguration{ | ||
| cloud.ResourceManager: { | ||
| Audience: cloudEnv.TokenAudience, | ||
| Endpoint: cloudEnv.ResourceManagerEndpoint, | ||
| }, | ||
| }, | ||
| } |
There was a problem hiding this comment.
Can you add a unit test case for this in TestARMClientOptions?
| @@ -150,7 +150,8 @@ func (m *MachineScope) InitMachineCache(ctx context.Context) error { | |||
| } | |||
|
|
|||
| m.cache.availabilitySetSKU, err = skuCache.Get(ctx, string(armcompute.AvailabilitySetSKUTypesAligned), resourceskus.AvailabilitySets) | |||
| if err != nil { | |||
| // Resource SKU API for availability sets may not be available in Azure Stack environments. | |||
| if err != nil && !strings.EqualFold(m.CloudEnvironment(), "HybridEnvironment") { | |||
There was a problem hiding this comment.
| if err != nil && !strings.EqualFold(m.CloudEnvironment(), "HybridEnvironment") { | |
| if err != nil && !strings.EqualFold(m.CloudEnvironment(), azure.StackCloudName) { |
| @@ -98,3 +91,27 @@ func (s *AvailabilitySetSpec) Parameters(_ context.Context, existing interface{} | |||
|
|
|||
| return asParams, nil | |||
| } | |||
|
|
|||
| func getFaultDomainCount(SKU *resourceskus.SKU, cloudEnvironment string) (*int32, error) { | |||
There was a problem hiding this comment.
| func getFaultDomainCount(SKU *resourceskus.SKU, cloudEnvironment string) (*int32, error) { | |
| func getFaultDomainCount(sku *resourceskus.SKU, cloudEnvironment string) (*int32, error) { |
| if strings.EqualFold(cloudEnvironment, azure.StackCloudName) { | ||
| return ptr.To(int32(2)), nil | ||
| } |
There was a problem hiding this comment.
Can you add a unit test case for when cloud environment is Azure Stack to TestParameters in spec_test.go?
| } | ||
| if err != nil { | ||
| return nil, err | ||
| } |
There was a problem hiding this comment.
This looks like a good improvement, but is it related to Azure Stack support? What problem is it trying to solve?
There was a problem hiding this comment.
Yes, azure stack throws a 400 error that says the force flag is not supported... Should I add a comment?
| if !strings.EqualFold(machineScope.CloudEnvironment(), azure.StackCloudName) { | ||
| ams.services = append(ams.services, tagsSvc) | ||
| } |
There was a problem hiding this comment.
Is this needed because Azure Stack doesn't support the tags service? If so, I think a code comment here would be helpful.
|
@willie-yao thanks for the in-depth review and feedback. I am just back today from vacation, & will incorporate the changes ASAP. |
|
Hey @patrickdillon , how is this PR coming along ? How can we help you push this forward ? |
What type of PR is this?
/kind feature
What this PR does / why we need it:
This PR adds infrastructure provisioning support on Azure Stack. Currently Azure Stack is completely unsupported, but with the changes in this PR I was able to fully provision an OpenShift cluster.
This PR adds a new field
armEndpointto the cluster spec, and extendsazureEnvironmentto accept a new value,HybridEnvironment, to indicate installation to Azure Stack:Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
#5201
Special notes for your reviewer:
This is a large PR, which I know is not preferred, but I have laid out the commits logically and with messages so they should be easy to follow in that manner. I would be happy to break it up into smaller PRs if that would help.
Furthermore, there were some significant challenges in this implementation. Particularly: I could not get tag reconciliation using the tagging service to work: an inscrutable 500 error was returned. Therefore, 88fc6ea skips adding the tagging service for azure stack. Perhaps I should do the same for MachinePool?
I was pretty satisfied with how other challenges were addressed, but definitely happy to discuss them. Thanks!
TODOs:
Release note: