Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Support for Azure CNI without overlay & BYO CNI #365

Merged
Merged
Show file tree
Hide file tree
Changes from 71 commits
Commits
Show all changes
75 commits
Select commit Hold shift + click to select a range
9ef7fd4
feat: adding --network-plugin-mode flag to options
Bryce-Soghigian Apr 28, 2024
c666565
test: adding --network-plugin-mode to test env
Bryce-Soghigian Apr 28, 2024
a1f47c3
feat: conditionally setting labels based on network-policy and networ…
Bryce-Soghigian Apr 28, 2024
fbfcf55
test: validating that network plugin labels are not placed on nodes f…
Bryce-Soghigian Apr 28, 2024
5ec81ef
style: make presubmit golangci-lint
Bryce-Soghigian Apr 28, 2024
fec18f4
feat: adding network-plugin-mode to helm values
Bryce-Soghigian Apr 29, 2024
60d85ee
fix: modiying comment to specify network policy rather than network p…
Bryce-Soghigian Apr 30, 2024
8f49918
style: better comment for NetworkPluginMode
Bryce-Soghigian Apr 30, 2024
5421f1f
Merge branch 'main' into bsoghigian/overlay-plumbing
Bryce-Soghigian Apr 30, 2024
d13abc7
chore: removing ciliummm conditional logic
Bryce-Soghigian May 1, 2024
eed47a6
Merge branch 'main' into bsoghigian/overlay-plumbing
Bryce-Soghigian May 10, 2024
b5e0423
refactor: MaxPods into utils and adding a new consts package for shar…
Bryce-Soghigian May 10, 2024
d7f215c
feat: set secondary ipconfigs on the nic when podnetwork type is not …
Bryce-Soghigian May 10, 2024
ce0784e
test: adding new cluster create commands
Bryce-Soghigian May 12, 2024
e140d38
fix: do not allocate additional ips for host network addons
Bryce-Soghigian May 13, 2024
a277cd6
fix: properly counting max ips
Bryce-Soghigian May 14, 2024
06d94c6
test: running e2es on azure cni v1
Bryce-Soghigian May 14, 2024
bb26d2e
fix: az-configure-values should be aware of the network configuration…
Bryce-Soghigian May 18, 2024
db41576
fix: cleaning up tests and DefaultMaxPods calc
Bryce-Soghigian May 19, 2024
6356024
refactor: removing maxPods from launch template as we have no intenti…
Bryce-Soghigian May 19, 2024
6fd6759
test: validating nic configurations still valid for azurecni with ove…
Bryce-Soghigian May 19, 2024
8368a5e
style: grammar fixes after a read through
Bryce-Soghigian May 21, 2024
0152faf
test: adding ginkgo helper for checking kubelet flags
Bryce-Soghigian May 21, 2024
664da18
test: modifying instancetypes tests to use the ExpectKubeletFlags helper
Bryce-Soghigian May 21, 2024
84deccb
fix: resetting cluster state in instance provider suite test since we…
Bryce-Soghigian May 21, 2024
1631143
ci: running golangci-lint
Bryce-Soghigian May 21, 2024
124d6ab
Merge branch 'main' into bsoghigian/azurecni-v1-clean
Bryce-Soghigian May 21, 2024
3f7e27e
Merge branch 'bsoghigian/azurecni-v1-clean' of github.com:Bryce-Soghi…
Bryce-Soghigian May 21, 2024
9d21235
Update Makefile-az.mk
Bryce-Soghigian May 21, 2024
fd5d988
refactor: moving final case over to use new Assert helper
Bryce-Soghigian May 21, 2024
560c04a
ci: make ci-non-test
Bryce-Soghigian May 22, 2024
cba91f6
fix: removing the ip config deficit added for static addons
Bryce-Soghigian May 22, 2024
956896d
Update pkg/operator/options/options_validation.go
Bryce-Soghigian May 22, 2024
2b54188
Update Makefile-az.mk
Bryce-Soghigian May 22, 2024
b831dbd
Update Makefile-az.mk
Bryce-Soghigian May 22, 2024
e377fdb
refactor: moving consts
Bryce-Soghigian May 22, 2024
4a0b3cd
please
Bryce-Soghigian May 23, 2024
dc08667
refactor: renaming from Assert to Expect
Bryce-Soghigian May 24, 2024
7d56e80
note: concise comment
Bryce-Soghigian May 25, 2024
e7c8741
fix: comment
Bryce-Soghigian May 25, 2024
34c5290
Update pkg/providers/instance/instance.go
Bryce-Soghigian May 25, 2024
88e9622
refactor(style): changing name from PodNetworkType to NetworkPluginMo…
Bryce-Soghigian May 29, 2024
e93255a
refactor(style): aligning the make targets so we can easily see the d…
Bryce-Soghigian May 29, 2024
7b7f739
fix: updating tests
Bryce-Soghigian Jun 3, 2024
8c2bdee
Update pkg/providers/instance/instance.go
Bryce-Soghigian Jun 3, 2024
f9dc047
refactor: createNICOptions structure passing down some of the parameters
Bryce-Soghigian Jun 4, 2024
887064b
refactor: removing network plugin and all kubenet assumptions
Bryce-Soghigian Jun 11, 2024
36cc5a2
refactor: removing kubenet referencess
Bryce-Soghigian Jun 12, 2024
91964a7
Merge branch 'main' into bsoghigian/azurecni-v1-clean
Bryce-Soghigian Sep 12, 2024
7b35dca
fix: conflict
Bryce-Soghigian Sep 12, 2024
a31e10a
ci: lint
Bryce-Soghigian Sep 12, 2024
5d88685
fix: container runtime network not ready: NetworkReady=false reason:N…
Bryce-Soghigian Sep 19, 2024
965830f
refactor: removing network plugin from values
Bryce-Soghigian Sep 19, 2024
356491f
revert: progress
Bryce-Soghigian Sep 19, 2024
fd5b15e
Revert "fix: container runtime network not ready: NetworkReady=false …
Bryce-Soghigian Sep 19, 2024
a7fd642
....
Bryce-Soghigian Sep 19, 2024
19ae6e2
Revert "refactor: removing network plugin from values"
Bryce-Soghigian Sep 19, 2024
4752103
fix: test
Bryce-Soghigian Sep 19, 2024
bf1830c
Merge branch 'main' into bsoghigian/azurecni-v1-clean
Bryce-Soghigian Sep 19, 2024
2b83536
fix: ci...............
Bryce-Soghigian Sep 19, 2024
f5f5f9f
Merge branch 'bsoghigian/azurecni-v1-clean' of https://github.com/Bry…
Bryce-Soghigian Sep 19, 2024
31056e7
Merge branch 'main' into bsoghigian/azurecni-v1-clean
Bryce-Soghigian Sep 19, 2024
6e27c21
refactor: rename const for default max pods
Bryce-Soghigian Sep 27, 2024
c68c0ce
refactor: moving BackendPools into front of creation options
Bryce-Soghigian Sep 27, 2024
9a848df
fix: options should say network plugin mode
Bryce-Soghigian Sep 27, 2024
9fafefa
fix: network plugin mode isn't required and the default value is overlay
Bryce-Soghigian Sep 27, 2024
ed55561
fix: using GinkgoHelper in custom expectations. When a failure occuur…
Bryce-Soghigian Sep 27, 2024
c3eb1b1
fix: ci lint
Bryce-Soghigian Sep 27, 2024
0fce82a
refactor: %v to %s
Bryce-Soghigian Sep 27, 2024
1f657d7
refactor: using env block github action syntax
Bryce-Soghigian Sep 30, 2024
4ac3ec4
refactor: moving validation logic into same helper and doing some cro…
Bryce-Soghigian Sep 30, 2024
12a0b9e
bump
Bryce-Soghigian Oct 1, 2024
832634c
Merge branch 'main' into bsoghigian/azurecni-v1-clean
Bryce-Soghigian Oct 1, 2024
7dd5784
fix: flakey test
Bryce-Soghigian Oct 1, 2024
606c7ac
fix: ci
Bryce-Soghigian Oct 1, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
88 changes: 52 additions & 36 deletions .github/actions/e2e/create-cluster/action.yaml
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
name: CreateCluster
description: 'Installs Go Downloads and installs Karpenter Dependencies'
inputs:
# k8s_version:
# description: 'Version of Kubernetes to use for the launched cluster'
# required: false
# default: "1.27"
# k8s_version:
# description: 'Version of Kubernetes to use for the launched cluster'
# required: false
# default: "1.27"
client-id:
description:
required: true
Expand Down Expand Up @@ -32,35 +32,51 @@ inputs:
runs:
using: "composite"
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: ${{ inputs.git_ref }}
- name: az login
uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
client-id: ${{ inputs.client-id }}
tenant-id: ${{ inputs.tenant-id }}
subscription-id: ${{ inputs.subscription-id }}
- name: az set sub
shell: bash
run: az account set --subscription ${{ inputs.subscription-id }}
- name: create workload msi
shell: bash
run: AZURE_RESOURCE_GROUP=${{ inputs.resource_group }} AZURE_LOCATION=${{ inputs.location }} make az-create-workload-msi
- name: create cluster
shell: bash
run: AZURE_CLUSTER_NAME=${{ inputs.cluster_name }} AZURE_RESOURCE_GROUP=${{ inputs.resource_group }} AZURE_ACR_NAME=${{ inputs.acr_name }} AZURE_LOCATION=${{ inputs.location }} make az-mkaks-cilium
- name: az login 2
uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
client-id: ${{ inputs.client-id }}
tenant-id: ${{ inputs.tenant-id }}
subscription-id: ${{ inputs.subscription-id }}
- name: create federated cred
shell: bash
run: AZURE_CLUSTER_NAME=${{ inputs.cluster_name }} AZURE_RESOURCE_GROUP=${{ inputs.resource_group }} make az-create-federated-cred
- name: update azure perms
shell: bash
run: |
AZURE_CLUSTER_NAME=${{ inputs.cluster_name }} AZURE_RESOURCE_GROUP=${{ inputs.resource_group }} AZURE_LOCATION=${{ inputs.location }} make az-perm
AZURE_RESOURCE_GROUP=${{ inputs.resource_group }} AZURE_ACR_NAME=${{ inputs.acr_name }} make az-perm-acr
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: ${{ inputs.git_ref }}
- name: az login
uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
client-id: ${{ inputs.client-id }}
tenant-id: ${{ inputs.tenant-id }}
subscription-id: ${{ inputs.subscription-id }}
- name: az set sub
shell: bash
run: az account set --subscription ${{ inputs.subscription-id }}
- name: create workload msi
shell: bash
env:
AZURE_RESOURCE_GROUP: ${{ inputs.resource_group }}
AZURE_LOCATION: ${{ inputs.location }}
run: make az-create-workload-msi
- name: create cluster
shell: bash
env:
AZURE_CLUSTER_NAME: ${{ inputs.cluster_name }}
AZURE_RESOURCE_GROUP: ${{ inputs.resource_group }}
AZURE_ACR_NAME: ${{ inputs.acr_name }}
AZURE_LOCATION: ${{ inputs.location }}
run: make az-mkaks-cilium
- name: az login 2
uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
client-id: ${{ inputs.client-id }}
tenant-id: ${{ inputs.tenant-id }}
subscription-id: ${{ inputs.subscription-id }}
- name: create federated cred
shell: bash
env:
AZURE_CLUSTER_NAME: ${{ inputs.cluster_name }}
AZURE_RESOURCE_GROUP: ${{ inputs.resource_group }}
run: make az-create-federated-cred
- name: update azure perms
shell: bash
env:
AZURE_CLUSTER_NAME: ${{ inputs.cluster_name }}
AZURE_RESOURCE_GROUP: ${{ inputs.resource_group }}
AZURE_LOCATION: ${{ inputs.location }}
AZURE_ACR_NAME: ${{ inputs.acr_name }}
run: |
make az-perm
make az-perm-acr
29 changes: 25 additions & 4 deletions Makefile-az.mk
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,16 @@ KARPENTER_FEDERATED_IDENTITY_CREDENTIAL_NAME ?= KARPENTER_FID
CUSTOM_VNET_NAME ?= $(AZURE_CLUSTER_NAME)-vnet
CUSTOM_SUBNET_NAME ?= nodesubnet

az-all: az-login az-create-workload-msi az-mkaks-cilium az-create-federated-cred az-perm az-perm-acr az-configure-values az-build az-run az-run-sample ## Provision the infra (ACR,AKS); build and deploy Karpenter; deploy sample Provisioner and workload
az-all-custom-vnet: az-login az-create-workload-msi az-mkaks-custom-vnet az-create-federated-cred az-perm-subnet-custom az-perm-acr az-configure-values-custom-vnet az-build az-run az-run-sample ## Provision the infra (ACR,AKS); build and deploy Karpenter; deploy sample Provisioner and workload
az-all-user: az-login az-mkaks-user az-configure-values az-helm-install-snapshot az-run-sample ## Provision the cluster and deploy Karpenter snapshot release
az-all: az-login az-create-workload-msi az-mkaks-cilium az-create-federated-cred az-perm az-perm-acr az-configure-values az-build az-run az-run-sample ## Provision the infra (ACR,AKS); build and deploy Karpenter; deploy sample Provisioner and workload

az-all-cniv1: az-login az-create-workload-msi az-mkaks-cniv1 az-create-federated-cred az-perm az-perm-acr az-configure-values az-build az-run az-run-sample ## Provision the infra (ACR,AKS); build and deploy Karpenter; deploy sample Provisioner and workload

az-all-cni-overlay: az-login az-create-workload-msi az-mkaks-overlay az-create-federated-cred az-perm az-perm-acr az-configure-values az-build az-run az-run-sample ## Provision the infra (ACR,AKS); build and deploy Karpenter; deploy sample Provisioner and workload
Bryce-Soghigian marked this conversation as resolved.
Show resolved Hide resolved

az-all-custom-vnet: az-login az-create-workload-msi az-mkaks-custom-vnet az-create-federated-cred az-perm-subnet-custom az-perm-acr az-configure-values-custom-vnet az-build az-run az-run-sample ## Provision the infra (ACR,AKS); build and deploy Karpenter; deploy sample Provisioner and workload
az-all-user: az-login az-mkaks-user az-configure-values az-helm-install-snapshot az-run-sample ## Provision the cluster and deploy Karpenter snapshot release
# TODO: az-all-savm case is not currently built to support workload identity, need to re-evaluate
az-all-savm: az-login az-mkaks-savm az-perm-savm az-configure-values az-build az-run az-run-sample ## Provision the infra (ACR,AKS); build and deploy Karpenter; deploy sample Provisioner and workload - StandaloneVirtualMachines
az-all-savm: az-login az-mkaks-savm az-perm-savm az-configure-values az-build az-run az-run-sample ## Provision the infra (ACR,AKS); build and deploy Karpenter; deploy sample Provisioner and workload - StandaloneVirtualMachines

az-login: ## Login into Azure
az account show -o none || az login
Expand Down Expand Up @@ -53,13 +58,29 @@ az-mkaks: az-mkacr ## Create test AKS cluster (with --vm-set-type AvailabilitySe
az aks get-credentials --name $(AZURE_CLUSTER_NAME) --resource-group $(AZURE_RESOURCE_GROUP) --overwrite-existing
skaffold config set default-repo $(AZURE_ACR_NAME).azurecr.io/karpenter

az-mkaks-cniv1: az-mkacr ## Create test AKS cluster (with --network-plugin azure)
az aks create --name $(AZURE_CLUSTER_NAME) --resource-group $(AZURE_RESOURCE_GROUP) --attach-acr $(AZURE_ACR_NAME) \
--enable-managed-identity --node-count 3 --generate-ssh-keys -o none --network-plugin azure \
Bryce-Soghigian marked this conversation as resolved.
Show resolved Hide resolved
--enable-oidc-issuer --enable-workload-identity
az aks get-credentials --name $(AZURE_CLUSTER_NAME) --resource-group $(AZURE_RESOURCE_GROUP) --overwrite-existing
skaffold config set default-repo $(AZURE_ACR_NAME).azurecr.io/karpenter


az-mkaks-cilium: az-mkacr ## Create test AKS cluster (with --network-dataplane cilium, --network-plugin cilium, and --network-plugin-mode overlay)
az aks create --name $(AZURE_CLUSTER_NAME) --resource-group $(AZURE_RESOURCE_GROUP) --attach-acr $(AZURE_ACR_NAME) \
--enable-managed-identity --node-count 3 --generate-ssh-keys -o none --network-dataplane cilium --network-plugin azure --network-plugin-mode overlay \
Bryce-Soghigian marked this conversation as resolved.
Show resolved Hide resolved
--enable-oidc-issuer --enable-workload-identity
az aks get-credentials --name $(AZURE_CLUSTER_NAME) --resource-group $(AZURE_RESOURCE_GROUP) --overwrite-existing
skaffold config set default-repo $(AZURE_ACR_NAME).azurecr.io/karpenter

az-mkaks-overlay: az-mkacr ## Create test AKS cluster (with --network-plugin-mode overlay)
az aks create --name $(AZURE_CLUSTER_NAME) --resource-group $(AZURE_RESOURCE_GROUP) --attach-acr $(AZURE_ACR_NAME) \
--enable-managed-identity --node-count 3 --generate-ssh-keys -o none --network-plugin azure --network-plugin-mode overlay \
--enable-oidc-issuer --enable-workload-identity
az aks get-credentials --name $(AZURE_CLUSTER_NAME) --resource-group $(AZURE_RESOURCE_GROUP) --overwrite-existing
skaffold config set default-repo $(AZURE_ACR_NAME).azurecr.io/karpenter


az-mkvnet: ## Create a VNet with address range of 10.1.0.0/16
az network vnet create --name $(CUSTOM_VNET_NAME) --resource-group $(AZURE_RESOURCE_GROUP) --location $(AZURE_LOCATION) --address-prefixes "10.1.0.0/16"

Expand Down
9 changes: 7 additions & 2 deletions hack/deploy/configure-values.sh
Original file line number Diff line number Diff line change
Expand Up @@ -35,13 +35,18 @@ if [[ ! -v VNET_SUBNET_ID ]]; then
VNET_SUBNET_ID=$(jq -r ".subnets[0].id" <<< "$VNET_JSON")
fi

# The // empty ensures that if the files is 'null' or not prsent jq will output nothing
# If the value returned is none, its from jq and not the aks api in this case we return ""
NETWORK_PLUGIN=$(jq -r ".networkProfile.networkPlugin // empty | if . == \"none\" then \"\" else . end" <<< "$AKS_JSON")
Bryce-Soghigian marked this conversation as resolved.
Show resolved Hide resolved
NETWORK_PLUGIN_MODE=$(jq -r ".networkProfile.networkPluginMode // empty | if . == \"none\" then \"\" else . end" <<< "$AKS_JSON")
NETWORK_POLICY=$(jq -r ".networkProfile.networkPolicy // empty | if . == \"none\" then \"\" else . end" <<< "$AKS_JSON")

Bryce-Soghigian marked this conversation as resolved.
Show resolved Hide resolved
NODE_IDENTITIES=$(jq -r ".identityProfile.kubeletidentity.resourceId" <<< "$AKS_JSON")

KARPENTER_USER_ASSIGNED_CLIENT_ID=$(az identity show --resource-group "${AZURE_RESOURCE_GROUP}" --name "${AZURE_KARPENTER_USER_ASSIGNED_IDENTITY_NAME}" --query 'clientId' -otsv)

export CLUSTER_NAME AZURE_LOCATION AZURE_RESOURCE_GROUP_MC KARPENTER_SERVICE_ACCOUNT_NAME \
CLUSTER_ENDPOINT BOOTSTRAP_TOKEN SSH_PUBLIC_KEY VNET_SUBNET_ID KARPENTER_USER_ASSIGNED_CLIENT_ID NODE_IDENTITIES

CLUSTER_ENDPOINT BOOTSTRAP_TOKEN SSH_PUBLIC_KEY VNET_SUBNET_ID KARPENTER_USER_ASSIGNED_CLIENT_ID NODE_IDENTITIES NETWORK_PLUGIN NETWORK_PLUGIN_MODE NETWORK_POLICY
# get karpenter-values-template.yaml, if not already present (e.g. outside of repo context)
if [ ! -f karpenter-values-template.yaml ]; then
curl -sO https://raw.githubusercontent.com/Azure/karpenter/main/karpenter-values-template.yaml
Expand Down
7 changes: 4 additions & 3 deletions karpenter-values-template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ controller:
# with this in place write (and read) QPS can be increased too
#- name: GODEBUG
# value: http2client=0

# options
- name: CLUSTER_NAME
value: ${CLUSTER_NAME}
Expand All @@ -21,9 +20,11 @@ controller:
- name: SSH_PUBLIC_KEY
value: "${SSH_PUBLIC_KEY}"
- name: NETWORK_PLUGIN
value: "azure"
value: ${NETWORK_PLUGIN}
- name: NETWORK_PLUGIN_MODE
value: ${NETWORK_PLUGIN_MODE}
- name: NETWORK_POLICY
value: ""
value: ${NETWORK_POLICY}
- name: VNET_SUBNET_ID
value: ${VNET_SUBNET_ID}
- name: NODE_IDENTITIES
Expand Down
31 changes: 31 additions & 0 deletions pkg/consts/consts.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
/*
Portions Copyright (c) Microsoft Corporation.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package consts

const (
NetworkPluginAzure = "azure"
NetworkPluginNone = "none"

NetworkPluginModeOverlay = "overlay"
NetworkPluginModeNone = ""

NetworkDataplaneNone = ""
NetworkDataplaneCilium = "cilium"
NetworkDataplaneAzure = "azure"

DefaultKubernetesMaxPods = 250
)
5 changes: 4 additions & 1 deletion pkg/operator/options/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import (
"os"
"strings"

"github.com/Azure/karpenter-provider-azure/pkg/consts"
"k8s.io/apimachinery/pkg/util/sets"
coreoptions "sigs.k8s.io/karpenter/pkg/operator/options"
"sigs.k8s.io/karpenter/pkg/utils/env"
Expand Down Expand Up @@ -66,6 +67,7 @@ type Options struct {
SSHPublicKey string // ssh.publicKeys.keyData => VM SSH public key // TODO: move to v1alpha2.AKSNodeClass?
NetworkPlugin string // => NetworkPlugin in bootstrap
Bryce-Soghigian marked this conversation as resolved.
Show resolved Hide resolved
NetworkPolicy string // => NetworkPolicy in bootstrap
NetworkPluginMode string // => Network Plugin Mode is used to control the mode the network plugin should operate in. For example, "overlay" used with --network-plugin=azure will use an overlay network (non-VNET IPs) for pods in the cluster. Learn more about overlay networking here: https://learn.microsoft.com/en-us/azure/aks/azure-cni-overlay?tabs=kubectl#overview-of-overlay-networking
NetworkDataplane string
NodeIdentities []string // => Applied onto each VM

Expand All @@ -79,7 +81,8 @@ func (o *Options) AddFlags(fs *coreoptions.FlagSet) {
fs.Float64Var(&o.VMMemoryOverheadPercent, "vm-memory-overhead-percent", env.WithDefaultFloat64("VM_MEMORY_OVERHEAD_PERCENT", 0.075), "The VM memory overhead as a percent that will be subtracted from the total memory for all instance types.")
fs.StringVar(&o.KubeletClientTLSBootstrapToken, "kubelet-bootstrap-token", env.WithDefaultString("KUBELET_BOOTSTRAP_TOKEN", ""), "[REQUIRED] The bootstrap token for new nodes to join the cluster.")
fs.StringVar(&o.SSHPublicKey, "ssh-public-key", env.WithDefaultString("SSH_PUBLIC_KEY", ""), "[REQUIRED] VM SSH public key.")
fs.StringVar(&o.NetworkPlugin, "network-plugin", env.WithDefaultString("NETWORK_PLUGIN", "azure"), "The network plugin used by the cluster.")
fs.StringVar(&o.NetworkPlugin, "network-plugin", env.WithDefaultString("NETWORK_PLUGIN", consts.NetworkPluginAzure), "The network plugin used by the cluster.")
fs.StringVar(&o.NetworkPluginMode, "network-plugin-mode", env.WithDefaultString("NETWORK_PLUGIN_MODE", consts.NetworkPluginModeOverlay), "network plugin mode of the cluster")
fs.StringVar(&o.NetworkPolicy, "network-policy", env.WithDefaultString("NETWORK_POLICY", ""), "The network policy used by the cluster.")
fs.StringVar(&o.NetworkDataplane, "network-dataplane", env.WithDefaultString("NETWORK_DATAPLANE", "cilium"), "The network dataplane used by the cluster.")
fs.StringVar(&o.SubnetID, "vnet-subnet-id", env.WithDefaultString("VNET_SUBNET_ID", ""), "The default subnet ID to use for new nodes. This must be a valid ARM resource ID for subnet that does not overlap with the service CIDR or the pod CIDR")
Expand Down
27 changes: 20 additions & 7 deletions pkg/operator/options/options_validation.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"fmt"
"net/url"

"github.com/Azure/karpenter-provider-azure/pkg/consts"
"github.com/Azure/karpenter-provider-azure/pkg/utils"
"github.com/go-playground/validator/v10"
"go.uber.org/multierr"
Expand All @@ -30,13 +31,30 @@ func (o Options) Validate() error {
return multierr.Combine(
o.validateRequiredFields(),
o.validateEndpoint(),
o.validateNetworkingOptions(),
o.validateVMMemoryOverheadPercent(),
o.validateNetworkDataplane(),
o.validateVnetSubnetID(),
validate.Struct(o),
)
}

func (o Options) validateNetworkingOptions() error {
if o.NetworkPlugin != consts.NetworkPluginAzure && o.NetworkPlugin != consts.NetworkPluginNone {
return fmt.Errorf("network-plugin %v is invalid. network-plugin must equal 'azure' or 'none'", o.NetworkPlugin)
}
if o.NetworkPluginMode != consts.NetworkPluginModeOverlay && o.NetworkPluginMode != consts.NetworkPluginModeNone {
return fmt.Errorf("network-plugin-mode %s is invalid. network-plugin-mode must equal 'overlay' or ''", o.NetworkPluginMode)
}
if o.NetworkDataplane != consts.NetworkDataplaneAzure && o.NetworkDataplane != consts.NetworkDataplaneCilium && o.NetworkDataplane != consts.NetworkDataplaneNone {
return fmt.Errorf("network dataplane %s is not a valid network dataplane, valid dataplanes are ('azure', 'cilium')", o.NetworkDataplane)
}

if o.NetworkPlugin == consts.NetworkPluginNone && o.NetworkPluginMode != consts.NetworkPluginModeNone {
return fmt.Errorf("network-plugin-mode '%s' is invalid when network-plugin is 'none'. network-plugin-mode must be empty", o.NetworkPluginMode)
}
return nil
}

func (o Options) validateVnetSubnetID() error {
_, err := utils.GetVnetSubnetIDComponents(o.SubnetID)
if err != nil {
Expand All @@ -45,12 +63,7 @@ func (o Options) validateVnetSubnetID() error {
return nil
}

func (o Options) validateNetworkDataplane() error {
if o.NetworkDataplane != "azure" && o.NetworkDataplane != "cilium" {
return fmt.Errorf("network dataplane %s is not a valid network dataplane, valid dataplanes are ('azure', 'cilium')", o.NetworkDataplane)
}
return nil
}

func (o Options) validateEndpoint() error {
if o.ClusterEndpoint == "" {
return nil
Expand Down
Loading