From e18ea1009631bf2a95747cd4c6a1e4397082d4ea Mon Sep 17 00:00:00 2001 From: Chaitanya Kandagatla Date: Mon, 14 Oct 2024 15:49:22 -0500 Subject: [PATCH] OCM-11842 | feat: Updates to support GCP-PSC clusters (#672) * Updates to support GCP-PSC clusters Signed-off-by: Chaitanya Kandagatla --- cmd/ocm/create/cluster/cmd.go | 95 +++++++++++++++++++++++++---------- go.mod | 2 +- go.sum | 4 +- pkg/cluster/cluster.go | 15 ++++++ 4 files changed, 87 insertions(+), 29 deletions(-) diff --git a/cmd/ocm/create/cluster/cmd.go b/cmd/ocm/create/cluster/cmd.go index 965b791a..3506fec0 100644 --- a/cmd/ocm/create/cluster/cmd.go +++ b/cmd/ocm/create/cluster/cmd.go @@ -78,6 +78,7 @@ var args struct { gcpServiceAccountFile arguments.FilePath gcpSecureBoot c.GcpSecurity gcpAuthentication c.GcpAuthentication + gcpPrivateSvcConnect c.GcpPrivateSvcConnect gcpWifConfig string etcdEncryption bool subscriptionType string @@ -376,6 +377,14 @@ func init() { ) arguments.SetQuestion(fs, "secure-boot-for-shielded-vms", "Secure boot support for Shielded VMs:") + fs.StringVar( + &args.gcpPrivateSvcConnect.SvcAttachmentSubnet, + "psc-subnet", + "", + "Specifies the ServiceAttachment Subnet for Private Service Connect in GCP", + ) + arguments.SetQuestion(fs, "psc-subnet", "PrivatSericeConnect ServiceAttachment Subnet:") + fs.StringVar( &args.gcpAuthentication.Type, "gcp-auth-type", @@ -763,6 +772,11 @@ func preRun(cmd *cobra.Command, argv []string) error { return err } + err = promptPrivateServiceConnect(fs) + if err != nil { + return err + } + err = arguments.PromptString(fs, "domain-prefix") if err != nil { return err @@ -797,32 +811,33 @@ func run(cmd *cobra.Command, argv []string) error { } clusterConfig := c.Spec{ - Name: args.clusterName, - DomainPrefix: args.domainPrefix, - Region: args.region, - Provider: args.provider, - CCS: args.ccs, - ExistingVPC: args.existingVPC, - ClusterWideProxy: args.clusterWideProxy, - Flavour: args.flavour, - MultiAZ: args.multiAZ, - Version: clusterVersion, - ChannelGroup: args.channelGroup, - Expiration: expiration, - ComputeMachineType: args.computeMachineType, - ComputeNodes: args.computeNodes, - Autoscaling: args.autoscaling, - NetworkType: args.networkType, - MachineCIDR: args.machineCIDR, - ServiceCIDR: args.serviceCIDR, - PodCIDR: args.podCIDR, - HostPrefix: args.hostPrefix, - Private: &args.private, - EtcdEncryption: args.etcdEncryption, - DefaultIngress: defaultIngress, - SubscriptionType: args.subscriptionType, - GcpSecurity: args.gcpSecureBoot, - GcpAuthentication: args.gcpAuthentication, + Name: args.clusterName, + DomainPrefix: args.domainPrefix, + Region: args.region, + Provider: args.provider, + CCS: args.ccs, + ExistingVPC: args.existingVPC, + ClusterWideProxy: args.clusterWideProxy, + Flavour: args.flavour, + MultiAZ: args.multiAZ, + Version: clusterVersion, + ChannelGroup: args.channelGroup, + Expiration: expiration, + ComputeMachineType: args.computeMachineType, + ComputeNodes: args.computeNodes, + Autoscaling: args.autoscaling, + NetworkType: args.networkType, + MachineCIDR: args.machineCIDR, + ServiceCIDR: args.serviceCIDR, + PodCIDR: args.podCIDR, + HostPrefix: args.hostPrefix, + Private: &args.private, + EtcdEncryption: args.etcdEncryption, + DefaultIngress: defaultIngress, + SubscriptionType: args.subscriptionType, + GcpSecurity: args.gcpSecureBoot, + GcpAuthentication: args.gcpAuthentication, + GcpPrivateSvcConnect: args.gcpPrivateSvcConnect, } cluster, err := c.CreateCluster(connection.ClustersMgmt().V1(), clusterConfig, args.dryRun) @@ -1480,6 +1495,34 @@ func promptSecureBoot(fs *pflag.FlagSet) error { return nil } +func promptPrivateServiceConnect(fs *pflag.FlagSet) error { + if args.provider != c.ProviderGCP || + !args.existingVPC.Enabled || !args.private { + return nil + } + isPSC := (args.gcpPrivateSvcConnect.SvcAttachmentSubnet != "") + if !isPSC && args.interactive { + var err error + isPSC, err = interactive.GetBool(interactive.Input{ + Question: "Enable Private Service Connect", + Help: "To enable private service connect, you must have a subnet of purpose " + + "'Private Service Connect' configured in the VPC you want your cluster installed into. ", + Default: false, + }) + if err != nil { + return err + } + } + if isPSC { + err := arguments.PromptString(fs, "psc-subnet") + if err != nil { + return err + } + } + + return nil +} + func validateComputeNodes() error { min := minComputeNodes(args.ccs.Enabled, args.multiAZ) if args.computeNodes < min { diff --git a/go.mod b/go.mod index 33e25fd5..9acc7e0c 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/nwidger/jsoncolor v0.3.2 github.com/onsi/ginkgo/v2 v2.11.0 github.com/onsi/gomega v1.27.8 - github.com/openshift-online/ocm-sdk-go v0.1.439 + github.com/openshift-online/ocm-sdk-go v0.1.445 github.com/openshift/rosa v1.2.24 github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 github.com/pkg/errors v0.9.1 diff --git a/go.sum b/go.sum index 91084163..fce7fce2 100644 --- a/go.sum +++ b/go.sum @@ -361,8 +361,8 @@ github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc= github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ= -github.com/openshift-online/ocm-sdk-go v0.1.439 h1:ELrJjmYgtzhdUY1cOJ0chtbhBEGz682EiTvojt5/xVM= -github.com/openshift-online/ocm-sdk-go v0.1.439/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y= +github.com/openshift-online/ocm-sdk-go v0.1.445 h1:NfaY+biXaREPnGYxa8G2zS2OZpN06yNnDR95sZoqKUQ= +github.com/openshift-online/ocm-sdk-go v0.1.445/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y= github.com/openshift/rosa v1.2.24 h1:vv0yYnWHx6CCPEAau/0rS54P2ksaf+uWXb1TQPWxiYE= github.com/openshift/rosa v1.2.24/go.mod h1:MVXB27O3PF8WoOic23I03mmq6/9kVxpFx6FKyLMCyrQ= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= diff --git a/pkg/cluster/cluster.go b/pkg/cluster/cluster.go index 79cb1493..85111b9a 100644 --- a/pkg/cluster/cluster.go +++ b/pkg/cluster/cluster.go @@ -98,6 +98,9 @@ type Spec struct { // GCP Authentication settings GcpAuthentication GcpAuthentication + + // GCP PrivateServiceConnect settings + GcpPrivateSvcConnect GcpPrivateSvcConnect } type Autoscaling struct { @@ -162,6 +165,10 @@ type GcpAuthentication struct { Id string } +type GcpPrivateSvcConnect struct { + SvcAttachmentSubnet string +} + type AddOnItem struct { ID string Name string @@ -481,6 +488,11 @@ func CreateCluster(cmv1Client *cmv1.Client, config Spec, dryRun bool) (*cmv1.Clu gcpBuilder.Security(gcpSecurity) } + if isGcpPsc(config.GcpPrivateSvcConnect) { + gcpPsc := cmv1.NewGcpPrivateServiceConnect().ServiceAttachmentSubnet(config.GcpPrivateSvcConnect.SvcAttachmentSubnet) + gcpBuilder.PrivateServiceConnect(gcpPsc) + } + if config.ComputeMachineType != "" || config.ComputeNodes > 0 || len(config.ExistingVPC.AvailabilityZones) > 0 || config.Autoscaling.Enabled { clusterNodesBuilder := cmv1.NewClusterNodes() @@ -554,6 +566,9 @@ func isGCPSharedVPC(existingVPC ExistingVPC) bool { return existingVPC.VPCProjectID != "" } +func isGcpPsc(gcpPsc GcpPrivateSvcConnect) bool { + return gcpPsc.SvcAttachmentSubnet != "" +} func UpdateCluster(client *cmv1.ClustersClient, clusterID string, config Spec) error { clusterBuilder := cmv1.NewCluster()