viya4-iac-azure
viya4-iac-azure copied to clipboard
sassoftware
feat: (IAC-651) add ability to set pod_cidr and service_cidr while using kubenet
Hello Team,
I am looking for the ability to set aks_pod_cidr and aks_service_cidr and not use the default settings while using the kubenet network_plugin setting. However, it appears that these are hardcoded when using the kubenet setting.
What I have done is:
- Change service_cidr, dns_service_ip, and docker_bridge_cidr (for consistency) to use the aks_* version of the variable, regardless of the network_plugin setting.
- Since pod_cidr is not able to be used with other network_plugin settings like azure, it is set to use the aks_pod_cidr when it is on kubenet, or is set to null if not.
If you have any questions or want any changes, please tag me and let me know.
FYI @thpang, I have updated this PR to have validation in both variables.tf files (the main and the azure_aks module). I am not sure which one (or both) you want to validate it in.
Also, I have done some initial testing and everything looks good to me.
In general is there a reason on the conditional elements you have
nullas a value? When in a conditional I would expect eithertrueorfalse. This applies to all items in this PR.
Not a reason besides that is what I found in the examples I saw. I am fairly new to terraform, so if changing those to false would be a cleaner example and fit into the style guides, then I am good with changing them.
@stturc if you can adjust the null values I mentioned and assign those their more logical value. I'll review this PR again. Thx.
@stturc any progress on the changes requested? Looking to approve this PR. Thx
@stturc the null value issue and default values for your validation blocks needs to be addressed. Thx in advance.
@stturc this is a good fix; however, you've not updated the values. Plans on when you'll get to this?
Apologies for the delay @thpang . I have updated the PR now, please take a look when you get a chance.
@thpang Let me know if you don't want to use the can(cidrnetmask) for empty strings and i'll make the changes for everything except the pod_cidr, which I think needs to stay the way it is.
@thpang are you good with the changes? Checking as there are few unresolved conversations.
@stturc, I was trying to test the changes in this PR, however the upstream staging branch has updated a few times now and the changes in your branch support_cidr_changes are stale. Could you please sync your forked branch with the upstream repository?
@riragh I have updated this one with the current main branch. Hopefully it is mergable now.
Using the updated code, verified following test scenarios, see the internal ticket for details:
| Scenario | Task | Cadence | kubernetes_version | Orchestration |
|---|---|---|---|---|
| 1 | No values are set and the default pod and service cidrs are created and functioning | fast:2020 | 1.23 | Deployment Operator |
| 2 | Set the pod_cidr, use the default service_cidr and all pods/services start and function | fast:2020 | 1.24 | Deployment Operator |
| 3 | Set the service_cidr, use the default pod_cidr and all pods/services start and function | Stable 2023.02 | 1.24 | Deploy Command |
| 4 | Set both the pod/service ciders and all pods/services start and function | fast:2020 | 1.25 | Deployment Operator |