OCM-11842 | feat: Updates to support GCP-PSC clusters (#672)

* Updates to support GCP-PSC clusters Signed-off-by: Chaitanya Kandagatla <[email protected]>
openshift-online · Oct 14, 2024 · e18ea10 · e18ea10
1 parent cf6e500
commit e18ea10
Show file tree

Hide file tree

Showing 4 changed files with 87 additions and 29 deletions.
diff --git a/cmd/ocm/create/cluster/cmd.go b/cmd/ocm/create/cluster/cmd.go
@@ -78,6 +78,7 @@ var args struct {
 	gcpServiceAccountFile arguments.FilePath
 	gcpSecureBoot         c.GcpSecurity
 	gcpAuthentication     c.GcpAuthentication
+	gcpPrivateSvcConnect  c.GcpPrivateSvcConnect
 	gcpWifConfig          string
 	etcdEncryption        bool
 	subscriptionType      string
@@ -376,6 +377,14 @@ func init() {
 	)
 	arguments.SetQuestion(fs, "secure-boot-for-shielded-vms", "Secure boot support for Shielded VMs:")
 
+	fs.StringVar(
+		&args.gcpPrivateSvcConnect.SvcAttachmentSubnet,
+		"psc-subnet",
+		"",
+		"Specifies the ServiceAttachment Subnet for Private Service Connect in GCP",
+	)
+	arguments.SetQuestion(fs, "psc-subnet", "PrivatSericeConnect ServiceAttachment Subnet:")
+
 	fs.StringVar(
 		&args.gcpAuthentication.Type,
 		"gcp-auth-type",
@@ -763,6 +772,11 @@ func preRun(cmd *cobra.Command, argv []string) error {
 		return err
 	}
 
+	err = promptPrivateServiceConnect(fs)
+	if err != nil {
+		return err
+	}
+
 	err = arguments.PromptString(fs, "domain-prefix")
 	if err != nil {
 		return err
@@ -797,32 +811,33 @@ func run(cmd *cobra.Command, argv []string) error {
 	}
 
 	clusterConfig := c.Spec{
-		Name:               args.clusterName,
-		DomainPrefix:       args.domainPrefix,
-		Region:             args.region,
-		Provider:           args.provider,
-		CCS:                args.ccs,
-		ExistingVPC:        args.existingVPC,
-		ClusterWideProxy:   args.clusterWideProxy,
-		Flavour:            args.flavour,
-		MultiAZ:            args.multiAZ,
-		Version:            clusterVersion,
-		ChannelGroup:       args.channelGroup,
-		Expiration:         expiration,
-		ComputeMachineType: args.computeMachineType,
-		ComputeNodes:       args.computeNodes,
-		Autoscaling:        args.autoscaling,
-		NetworkType:        args.networkType,
-		MachineCIDR:        args.machineCIDR,
-		ServiceCIDR:        args.serviceCIDR,
-		PodCIDR:            args.podCIDR,
-		HostPrefix:         args.hostPrefix,
-		Private:            &args.private,
-		EtcdEncryption:     args.etcdEncryption,
-		DefaultIngress:     defaultIngress,
-		SubscriptionType:   args.subscriptionType,
-		GcpSecurity:        args.gcpSecureBoot,
-		GcpAuthentication:  args.gcpAuthentication,
+		Name:                 args.clusterName,
+		DomainPrefix:         args.domainPrefix,
+		Region:               args.region,
+		Provider:             args.provider,
+		CCS:                  args.ccs,
+		ExistingVPC:          args.existingVPC,
+		ClusterWideProxy:     args.clusterWideProxy,
+		Flavour:              args.flavour,
+		MultiAZ:              args.multiAZ,
+		Version:              clusterVersion,
+		ChannelGroup:         args.channelGroup,
+		Expiration:           expiration,
+		ComputeMachineType:   args.computeMachineType,
+		ComputeNodes:         args.computeNodes,
+		Autoscaling:          args.autoscaling,
+		NetworkType:          args.networkType,
+		MachineCIDR:          args.machineCIDR,
+		ServiceCIDR:          args.serviceCIDR,
+		PodCIDR:              args.podCIDR,
+		HostPrefix:           args.hostPrefix,
+		Private:              &args.private,
+		EtcdEncryption:       args.etcdEncryption,
+		DefaultIngress:       defaultIngress,
+		SubscriptionType:     args.subscriptionType,
+		GcpSecurity:          args.gcpSecureBoot,
+		GcpAuthentication:    args.gcpAuthentication,
+		GcpPrivateSvcConnect: args.gcpPrivateSvcConnect,
 	}
 
 	cluster, err := c.CreateCluster(connection.ClustersMgmt().V1(), clusterConfig, args.dryRun)
@@ -1480,6 +1495,34 @@ func promptSecureBoot(fs *pflag.FlagSet) error {
 	return nil
 }
 
+func promptPrivateServiceConnect(fs *pflag.FlagSet) error {
+	if args.provider != c.ProviderGCP ||
+		!args.existingVPC.Enabled || !args.private {
+		return nil
+	}
+	isPSC := (args.gcpPrivateSvcConnect.SvcAttachmentSubnet != "")
+	if !isPSC && args.interactive {
+		var err error
+		isPSC, err = interactive.GetBool(interactive.Input{
+			Question: "Enable Private Service Connect",
+			Help: "To enable private service connect, you must have a subnet of purpose " +
+				"'Private Service Connect' configured in the VPC you want your cluster installed into. ",
+			Default: false,
+		})
+		if err != nil {
+			return err
+		}
+	}
+	if isPSC {
+		err := arguments.PromptString(fs, "psc-subnet")
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 func validateComputeNodes() error {
 	min := minComputeNodes(args.ccs.Enabled, args.multiAZ)
 	if args.computeNodes < min {

diff --git a/go.mod b/go.mod
@@ -15,7 +15,7 @@ require (
 	github.com/nwidger/jsoncolor v0.3.2
 	github.com/onsi/ginkgo/v2 v2.11.0
 	github.com/onsi/gomega v1.27.8
-	github.com/openshift-online/ocm-sdk-go v0.1.439
+	github.com/openshift-online/ocm-sdk-go v0.1.445
 	github.com/openshift/rosa v1.2.24
 	github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8
 	github.com/pkg/errors v0.9.1

diff --git a/go.sum b/go.sum
@@ -361,8 +361,8 @@ github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU
 github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM=
 github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc=
 github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ=
-github.com/openshift-online/ocm-sdk-go v0.1.439 h1:ELrJjmYgtzhdUY1cOJ0chtbhBEGz682EiTvojt5/xVM=
-github.com/openshift-online/ocm-sdk-go v0.1.439/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y=
+github.com/openshift-online/ocm-sdk-go v0.1.445 h1:NfaY+biXaREPnGYxa8G2zS2OZpN06yNnDR95sZoqKUQ=
+github.com/openshift-online/ocm-sdk-go v0.1.445/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y=
 github.com/openshift/rosa v1.2.24 h1:vv0yYnWHx6CCPEAau/0rS54P2ksaf+uWXb1TQPWxiYE=
 github.com/openshift/rosa v1.2.24/go.mod h1:MVXB27O3PF8WoOic23I03mmq6/9kVxpFx6FKyLMCyrQ=
 github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU=

diff --git a/pkg/cluster/cluster.go b/pkg/cluster/cluster.go
@@ -98,6 +98,9 @@ type Spec struct {
 
 	// GCP Authentication settings
 	GcpAuthentication GcpAuthentication
+
+	// GCP PrivateServiceConnect settings
+	GcpPrivateSvcConnect GcpPrivateSvcConnect
 }
 
 type Autoscaling struct {
@@ -162,6 +165,10 @@ type GcpAuthentication struct {
 	Id   string
 }
 
+type GcpPrivateSvcConnect struct {
+	SvcAttachmentSubnet string
+}
+
 type AddOnItem struct {
 	ID        string
 	Name      string
@@ -481,6 +488,11 @@ func CreateCluster(cmv1Client *cmv1.Client, config Spec, dryRun bool) (*cmv1.Clu
 		gcpBuilder.Security(gcpSecurity)
 	}
 
+	if isGcpPsc(config.GcpPrivateSvcConnect) {
+		gcpPsc := cmv1.NewGcpPrivateServiceConnect().ServiceAttachmentSubnet(config.GcpPrivateSvcConnect.SvcAttachmentSubnet)
+		gcpBuilder.PrivateServiceConnect(gcpPsc)
+	}
+
 	if config.ComputeMachineType != "" || config.ComputeNodes > 0 || len(config.ExistingVPC.AvailabilityZones) > 0 ||
 		config.Autoscaling.Enabled {
 		clusterNodesBuilder := cmv1.NewClusterNodes()
@@ -554,6 +566,9 @@ func isGCPSharedVPC(existingVPC ExistingVPC) bool {
 	return existingVPC.VPCProjectID != ""
 }
 
+func isGcpPsc(gcpPsc GcpPrivateSvcConnect) bool {
+	return gcpPsc.SvcAttachmentSubnet != ""
+}
 func UpdateCluster(client *cmv1.ClustersClient, clusterID string, config Spec) error {
 	clusterBuilder := cmv1.NewCluster()