Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update NetworkConfiguration CR #623

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

update NetworkConfiguration CR #623

wants to merge 1 commit into from

Conversation

wenqiq
Copy link
Contributor

@wenqiq wenqiq commented Jul 1, 2024
edited
Loading

Create VPC with new VPC API model

  1. Create a Project wenqi-test in NSX UI

  2. Create a namespace

apiVersion: v1
kind: Namespace
metadata:
  annotations:
    nsx.vmware.com/vpc_network_config: wenqi-1
  name: wenqi-1
  1. Create a VPC with a new VPC CRD yaml
apiVersion: nsx.vmware.com/v1alpha1
kind: VPCNetworkConfiguration
metadata:
  name: wenqi-1
spec:
  privateIPs: [10.30.10.0/24]
  defaultSubnetSize: 24
  vpcServiceProfile: /orgs/default/projects/wenqi-test/vpc-service-profiles/default
  nsxProject: /orgs/default/projects/wenqi-test
  vpcConnectivityProfile: /orgs/default/projects/wenqi-test/vpc-connectivity-profiles/default
  1. Check VPC resources in the NSX:
{
    "results": [
        {
            "vpc_connectivity_profile": "/orgs/default/projects/wenqi-test/vpc-connectivity-profiles/default",
            "vpc_service_profile": "/orgs/default/projects/wenqi-test/vpc-service-profiles/default",
            "load_balancer_vpc_endpoint": {
                "enabled": true
            },
            "private_ipv4_blocks": [
                "/orgs/default/projects/wenqi-test/infra/ip-blocks/e13a3582-bf1f-42ec-bc2a-f36f7e26a353_10.30.10.0"
            ],
            "ip_address_type": "IPV4",
            "short_id": "F3na1AVk",
            "resource_type": "Vpc",
            "id": "e13a3582-bf1f-42ec-bc2a-f36f7e26a353",
            "display_name": "vpc-b7b472a5-677d-4515-990f-c4bf9c1a0aa2--wenqi-1",
            "tags": [
                {
                    "scope": "nsx-op/cluster",
                    "tag": "b7b472a5-677d-4515-990f-c4bf9c1a0aa2"
                },
                {
                    "scope": "nsx-op/version",
                    "tag": "1.0.0"
                },
                {
                    "scope": "nsx-op/namespace",
                    "tag": "wenqi-1"
                },
                {
                    "scope": "nsx-op/namespace_uid",
                    "tag": "e13a3582-bf1f-42ec-bc2a-f36f7e26a353"
                }
            ],
            "path": "/orgs/default/projects/wenqi-test/vpcs/e13a3582-bf1f-42ec-bc2a-f36f7e26a353",
            "relative_path": "e13a3582-bf1f-42ec-bc2a-f36f7e26a353",
            "parent_path": "/orgs/default/projects/wenqi-test",
            "unique_id": "a0e79d9e-cbf0-4ff7-ace2-f7a813543901",
            "realization_id": "a0e79d9e-cbf0-4ff7-ace2-f7a813543901",
            "owner_id": "4447cce7-65b6-4fa0-b42c-38e9846747ac",
            "marked_for_delete": false,
            "overridden": false,
            "_system_owned": false,
            "_protection": "REQUIRE_OVERRIDE",
            "_create_time": 1721094651610,
            "_create_user": "wcp-cluster-user-b7b472a5-677d-4515-990f-c4bf9c1a0aa2-eb929be3-7d77-4b34-bf75-586933753a75",
            "_last_modified_time": 1721094652959,
            "_last_modified_user": "wcp-cluster-user-b7b472a5-677d-4515-990f-c4bf9c1a0aa2-eb929be3-7d77-4b34-bf75-586933753a75",
            "_revision": 2
        }
    ],
    "result_count": 1,
    "sort_by": "display_name",
    "sort_ascending": true
}

image

@wenqiq wenqiq mentioned this pull request Jul 1, 2024
Open
dantingl
dantingl reviewed Jul 2, 2024
View reviewed changes
go.mod Outdated Show resolved Hide resolved
pkg/apis/v1alpha1/vpcnetworkconfiguration_types.go Outdated Show resolved Hide resolved
@wenqiq wenqiq force-pushed the topic/wenqi/upadteCRD branch 2 times, most recently from abf2b3b to e54d5ac Compare July 2, 2024 08:55
@wenqiq wenqiq marked this pull request as ready for review July 2, 2024 09:06
dantingl
dantingl reviewed Jul 3, 2024
View reviewed changes
build/yaml/crd/nsx.vmware.com_ipaddressallocations.yaml Outdated Show resolved Hide resolved
build/yaml/crd/nsx.vmware.com_subnets.yaml
@@ -56,11 +56,13 @@ spec:
type: boolean
type: object
accessMode:
default: Private
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we set default here or leverage the default value from NetworkConfiguration CR? @lxiaopei

pkg/nsx/services/vpc/builder.go Outdated Show resolved Hide resolved
@wenqiq
Copy link
Contributor Author

wenqiq commented Jul 5, 2024

/e2e

liu4480
liu4480 reviewed Jul 5, 2024
View reviewed changes
build/yaml/crd/nsx.vmware.com_subnets.yaml
description: Access mode of Subnet, accessible only from within VPC
or from outside VPC.
enum:
- Private
- Public
- Project
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wcp changed this to PRIVATE_TGW, @lxiaopei shall this type also needs to change

timdengyun
timdengyun reviewed Jul 5, 2024
View reviewed changes
pkg/controllers/subnetset/subnetset_controller.go
@@ -75,10 +75,10 @@ func (r *SubnetSetReconciler) Reconcile(ctx context.Context, req ctrl.Request) (
return ResultRequeue, err
}
if obj.Spec.AccessMode == "" {
obj.Spec.AccessMode = v1alpha1.AccessMode(vpcNetworkConfig.DefaultSubnetAccessMode)
obj.Spec.AccessMode = v1alpha1.AccessMode(v1alpha1.AccessModePrivate)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should check if this Accessmode is set for POD or VM
For POD subnetset, we should use vpcNetworkconfiguration.PodSubnetAccessMode
like https://github.com/vmware-tanzu/nsx-operator/pull/627/files#diff-ea8fdc4a9adcc30f1ee646f03f10d565526b3a2b6fec57ae9abaa316c14b8d89R114
we check VM subnetset.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mean you need to check this CR is pod-default subnetset or vm-default subnetset. we should not set pod-default subnetset using vpcNetworkconfiguration.PodSubnetAccessMode

timdengyun
timdengyun reviewed Jul 9, 2024
View reviewed changes
Makefile Outdated Show resolved Hide resolved
timdengyun
timdengyun reviewed Jul 10, 2024
View reviewed changes
pkg/controllers/subnet/subnet_controller.go Outdated
if obj.Spec.AccessMode == "" {
obj.Spec.AccessMode = v1alpha1.AccessMode(vpcNetworkConfig.DefaultSubnetAccessMode)
accessMode := v1alpha1.AccessMode(v1alpha1.AccessModePrivate)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For subnet, we don't need to set PodSubnetAccessMode, since there is no pod subnet created.
subnet is only VM.

For POD, we only have pod-default subnetset. You can confirm with @lxiaopei

@wenqiq wenqiq force-pushed the topic/wenqi/upadteCRD branch 2 times, most recently from 759ae3f to 0fe9fb3 Compare July 11, 2024 06:40
@wenqiq
update NetworkConfiguration CR with new VPC API
3028d3b 
Signed-off-by: Wenqi Qiu <wenqiq@vmware.com>
@zhengxiexie
Copy link
Contributor

BTW, could you check why e2e test not pass?
Pls also attach what tests you have done in comment. Refer #626

@wenqiq
Copy link
Contributor Author

wenqiq commented Jul 15, 2024

BTW, could you check why e2e test not pass? Pls also attach what tests you have done in comment. Refer #626

As this PR uses the new VPC API and the e2e testbed uses the old NSX version, I think it’s expected that the related test cases would fail.

@wenqiq
Copy link
Contributor Author

wenqiq commented Jul 15, 2024

@lxiaopei pls help confirm some of the comments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dantingl dantingl dantingl left review comments

@liu4480 liu4480 liu4480 left review comments

@timdengyun timdengyun timdengyun left review comments

@lxiaopei lxiaopei Awaiting requested review from lxiaopei

@seanpang-vmware seanpang-vmware Awaiting requested review from seanpang-vmware

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
cla-not-required
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@wenqiq @zhengxiexie @dantingl @liu4480 @timdengyun @vmwclabot