From 668586fb240e3c336d31d8dd0a456e93b454cd7f Mon Sep 17 00:00:00 2001 From: Pierre Prinetti Date: Mon, 20 Mar 2023 16:59:58 +0100 Subject: [PATCH] openstack: No master primarySubnet control-plane portTarget is set When a "control-plane" portTarget is set, masters should not have the machinesSubnet in the "primarySubnet" field of their Machine ProviderSpec. --- pkg/asset/machines/openstack/machines.go | 6 +++++- .../manifest-tests/failure-domains/install-config.yaml | 1 + .../manifest-tests/failure-domains/test_machines.py | 7 +++++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/pkg/asset/machines/openstack/machines.go b/pkg/asset/machines/openstack/machines.go index 890b038d67..4d323860fd 100644 --- a/pkg/asset/machines/openstack/machines.go +++ b/pkg/asset/machines/openstack/machines.go @@ -113,6 +113,7 @@ func Machines(clusterID string, config *types.InstallConfig, pool *types.Machine func generateProvider(clusterID string, platform *openstack.Platform, mpool *openstack.MachinePool, osImage string, role, userDataSecret string, trunkSupport bool, failureDomain openstack.FailureDomain) (*machinev1alpha1.OpenstackProviderSpec, error) { var controlPlaneNetwork machinev1alpha1.NetworkParam additionalNetworks := make([]machinev1alpha1.NetworkParam, 0, len(failureDomain.PortTargets)+len(mpool.AdditionalNetworkIDs)) + primarySubnet := platform.MachinesSubnet if platform.MachinesSubnet != "" { controlPlaneNetwork = machinev1alpha1.NetworkParam{ @@ -145,6 +146,9 @@ func generateProvider(clusterID string, platform *openstack.Platform, mpool *ope } if portTarget.ID == "control-plane" { controlPlaneNetwork = networkParam + if role == "master" { + primarySubnet = "" + } } else { networkParam.NoAllowedAddressPairs = true additionalNetworks = append(additionalNetworks, networkParam) @@ -183,7 +187,7 @@ func generateProvider(clusterID string, platform *openstack.Platform, mpool *ope CloudsSecret: &corev1.SecretReference{Name: cloudsSecret, Namespace: cloudsSecretNamespace}, UserDataSecret: &corev1.SecretReference{Name: userDataSecret}, Networks: append([]machinev1alpha1.NetworkParam{controlPlaneNetwork}, additionalNetworks...), - PrimarySubnet: platform.MachinesSubnet, + PrimarySubnet: primarySubnet, AvailabilityZone: failureDomain.ComputeAvailabilityZone, SecurityGroups: securityGroups, ServerGroupName: serverGroupName, diff --git a/scripts/openstack/manifest-tests/failure-domains/install-config.yaml b/scripts/openstack/manifest-tests/failure-domains/install-config.yaml index 3ae1d633c0..2904b18bd5 100644 --- a/scripts/openstack/manifest-tests/failure-domains/install-config.yaml +++ b/scripts/openstack/manifest-tests/failure-domains/install-config.yaml @@ -77,4 +77,5 @@ platform: cloud: ${OS_CLOUD} externalNetwork: ${EXTERNAL_NETWORK} lbFloatingIP: ${API_FIP} + machinesSubnet: 198.51.100.0/24 pullSecret: ${PULL_SECRET} diff --git a/scripts/openstack/manifest-tests/failure-domains/test_machines.py b/scripts/openstack/manifest-tests/failure-domains/test_machines.py index 920c7022f0..40292472d6 100755 --- a/scripts/openstack/manifest-tests/failure-domains/test_machines.py +++ b/scripts/openstack/manifest-tests/failure-domains/test_machines.py @@ -122,6 +122,13 @@ class FailureDomainsMachines(unittest.TestCase): # availability zones have matching names in the test-case install-config self.assertEqual(compute_zone[-1], storage_zone[-1]) + + def test_no_primarySubnet_if_control_plane_portTarget(self): + """Since install-config sets a control-plane portTarget, assert that primarySubnet is empty.""" + for machine in self.machines: + self.assertIsNone(machine["spec"]["providerSpec"]["value"].get("primarySubnet")) + + if __name__ == '__main__': ASSETS_DIR = sys.argv.pop() with open(os.environ.get('JUNIT_FILE', '/dev/null'), 'wb') as output: