Azure: Allow VNet to be in a separate Resource Group #49725
Conversation
Define a new config VnetResourceGroup in order to be able to use a VNet which is not in the same resource group as kubernetes. Signed-off-by: Sylvain Rabot <[email protected]>
|
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA. It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
k8s-ci-robot
added
sig/azure
cncf-cla: no
|
Hi @sylr. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
@sylr: Reiterating the mentions to trigger a notification: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-github-robot
added
size/S
|
@sylr: GitHub didn't allow me to request PR reviews from the following users: karataliu. Note that only kubernetes members can review this PR, and authors cannot review their own PRs. In response to this: Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
cncf-cla signed |
k8s-ci-robot
added
cncf-cla: yes
Add vnetResourceGroup config to /etc/kubernetes/azure.json in an effort to make Kubernetes deployed with a Custom VNet configuration to be able to create internal load balancer services when the VNet is not int the same Resource Group as Kubernetes. For this to work Kubernetes Azure driver must have the following patch: kubernetes/kubernetes#49725 Signed-off-by: Sylvain Rabot <[email protected]>
|
I'm adding this to the SIG-Azure PR review section. If you could represent it at the next SIG-Azure meeting on 8/9 at 16:00 UTC, we can discuss it. |
|
/lgtm |
k8s-ci-robot
added
lgtm
|
@colemickens fyi |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: brendandburns, sylr Associated issue: 49577 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
k8s-github-robot
added
the
approved
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
Automatic merge from submit-queue |
|
@jdumars if you could also look for having it in 1.6.9 ... I know I'm asking for a lot but we just upgraded to 1.6. Not sure how fast we will be moving to 1.7. If it can't be done, I would understand. |
|
BTW thank you @sylr for this work! Welcome to the Azure community. |
|
This PR should be cherrypick-candidate for release-1.6 & release-1.7 according to me. |
|
@jdumars - please prepare a cherrypick for it, I'm fine with that. |
|
@seanknox make it so! |
enisoc
added
release-note
|
I still am experiencing this problem in 1.7.4 |
|
@sylr are you able to help @dcieslak19973 with the implementation details if needed? |
|
@dcieslak19973 You need to edit /etc/kubernetes/azure.json on the masters and add the property |
|
Thanks; I'll check with the acs-engine folks and see if they are doing that when provisioning the cluster. |
Add vnetResourceGroup config to /etc/kubernetes/azure.json in an effort to make Kubernetes deployed with a Custom VNet configuration to be able to create internal load balancer services when the VNet is not int the same Resource Group as Kubernetes. For this to work Kubernetes Azure driver must have the following patch: kubernetes/kubernetes#49725 Signed-off-by: Sylvain Rabot <[email protected]>
Add vnetResourceGroup config to /etc/kubernetes/azure.json in an effort to make Kubernetes deployed with a Custom VNet configuration to be able to create internal load balancer services when the VNet is not int the same Resource Group as Kubernetes. For this to work Kubernetes Azure driver must have the following patch: kubernetes/kubernetes#49725 Signed-off-by: Sylvain Rabot <[email protected]>
* Improve Custom VNet support Add vnetResourceGroup config to /etc/kubernetes/azure.json in an effort to make Kubernetes deployed with a Custom VNet configuration to be able to create internal load balancer services when the VNet is not int the same Resource Group as Kubernetes. For this to work Kubernetes Azure driver must have the following patch: kubernetes/kubernetes#49725 Signed-off-by: Sylvain Rabot <[email protected]> * rebase errata
What this PR does / why we need it:
This PR allows Kubernetes in an Azure context to use a VNet which is not in the same Resource Group as Kubernetes.
We need this because currently Azure Cloud Provider driver assumes that it should have a VNet for himself but if there is one thing that should be shared amongst Azure resources it's a VNet cause, well, things might want to talk to each other in a private network, don't you think ?
I guess this should we backported down to 1.6 branch.
Which issue this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close that issue when PR gets merged):fixes #49577
Release note:
@kubernetes/sig-azure
@kubernetes/sig-azure-pr-reviews