sigs.k8s.io/cluster-api-provider-aws@v1.5.5/pkg/cloud/services/network/secondarycidr.go

sigs.k8s.io/cluster-api-provider-aws@v1.5.5/pkg/cloud/services/network/secondarycidr.go (about)

     1  /*
     2  Copyright 2018 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8  	http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package network
    18  
    19  import (
    20  	"github.com/aws/aws-sdk-go/service/ec2"
    21  	"github.com/google/go-cmp/cmp"
    22  	"github.com/pkg/errors"
    23  
    24  	"sigs.k8s.io/cluster-api-provider-aws/pkg/record"
    25  )
    26  
    27  func isVPCPresent(vpcs *ec2.DescribeVpcsOutput) bool {
    28  	return vpcs != nil && len(vpcs.Vpcs) > 0
    29  }
    30  
    31  func (s *Service) associateSecondaryCidr() error {
    32  	if s.scope.SecondaryCidrBlock() == nil {
    33  		return nil
    34  	}
    35  
    36  	vpcs, err := s.EC2Client.DescribeVpcs(&ec2.DescribeVpcsInput{
    37  		VpcIds: []*string{&s.scope.VPC().ID},
    38  	})
    39  	if err != nil {
    40  		return err
    41  	}
    42  
    43  	if !isVPCPresent(vpcs) {
    44  		return errors.Errorf("failed to associateSecondaryCidr as there are no VPCs present")
    45  	}
    46  
    47  	existingAssociations := vpcs.Vpcs[0].CidrBlockAssociationSet
    48  	for _, existing := range existingAssociations {
    49  		if *existing.CidrBlock == *s.scope.SecondaryCidrBlock() {
    50  			return nil
    51  		}
    52  	}
    53  
    54  	out, err := s.EC2Client.AssociateVpcCidrBlock(&ec2.AssociateVpcCidrBlockInput{
    55  		VpcId:     &s.scope.VPC().ID,
    56  		CidrBlock: s.scope.SecondaryCidrBlock(),
    57  	})
    58  	if err != nil {
    59  		record.Warnf(s.scope.InfraCluster(), "FailedAssociateSecondaryCidr", "Failed associating secondary CIDR with VPC %v", err)
    60  		return err
    61  	}
    62  
    63  	// once IPv6 is supported, we need to modify out.CidrBlockAssociation.AssociationId to out.Ipv6CidrBlockAssociation.AssociationId
    64  	record.Eventf(s.scope.InfraCluster(), "SuccessfulAssociateSecondaryCidr", "Associated secondary CIDR with VPC %q", *out.CidrBlockAssociation.AssociationId)
    65  
    66  	return nil
    67  }
    68  
    69  func (s *Service) disassociateSecondaryCidr() error {
    70  	if s.scope.SecondaryCidrBlock() == nil {
    71  		return nil
    72  	}
    73  
    74  	vpcs, err := s.EC2Client.DescribeVpcs(&ec2.DescribeVpcsInput{
    75  		VpcIds: []*string{&s.scope.VPC().ID},
    76  	})
    77  	if err != nil {
    78  		return err
    79  	}
    80  
    81  	if !isVPCPresent(vpcs) {
    82  		return errors.Errorf("failed to associateSecondaryCidr as there are no VPCs present")
    83  	}
    84  
    85  	existingAssociations := vpcs.Vpcs[0].CidrBlockAssociationSet
    86  	for _, existing := range existingAssociations {
    87  		if cmp.Equal(existing.CidrBlock, s.scope.SecondaryCidrBlock()) {
    88  			if _, err := s.EC2Client.DisassociateVpcCidrBlock(&ec2.DisassociateVpcCidrBlockInput{
    89  				AssociationId: existing.AssociationId,
    90  			}); err != nil {
    91  				record.Warnf(s.scope.InfraCluster(), "FailedDisassociateSecondaryCidr", "Failed disassociating secondary CIDR with VPC %v", err)
    92  				return err
    93  			}
    94  		}
    95  	}
    96  
    97  	return nil
    98  }