Canonical Juju

[Azure] Add config for defining subnet ID

Bug #1893851 reported by Pedro Guimarães on 2020-09-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Canonical Juju	Fix Released	High	Ian Booth	Canonical Juju 2.9-rc1

Bug Description

Hi,

The request below is based on the following fork: https://github.com/wallyworld/juju/tree/azure-extra-network-config

Right now, we have the following options to choose:

configAttrInternalSubnetPrefix = "internal-subnet-prefix"
configAttrControllerSubnetPrefix = "controller-subnet-prefix"

However, there are cases where I need to specify pre-built networks by name.

For example, there are cases where we will have the following scenario:

Resource Group A
<where juju will be placed>

Resource Group B
<owns the network>

If we have a service account with enough rights, we can specify a VM on RG A that connect to network on RG B.

Get the name as below:

$ az network vnet subnet list --vnet-name .... --resource-group .....

    "tags": {
............
    },
    "type": "Microsoft.Resources/resourceGroups"
  },
    "ipAllocations": null,
    "ipConfigurationProfiles": null,
    "ipConfigurations": null,
    "name": "<redacted>",
    "natGateway": null,
    "networkSecurityGroup": {
      "defaultSecurityRules": null,
      "etag": null,
      "flowLogs": null,
      "id": "/subscriptions/<redacted>/resourceGroups/<redacted>/providers/Microsoft.Network/networkSecurityGroups/<redacted>",
      "location": null,
      "name": null,
      "networkInterfaces": null,
      "provisioningState": null,
      "resourceGroup": "<redacted>",
      "resourceGuid": null,
      "securityRules": null,
      "subnets": null,
      "tags": null,
      "type": null
    },
    "privateEndpointNetworkPolicies": "Enabled",
    "privateEndpoints": null,
    "privateLinkServiceNetworkPolicies": "Enabled",
    "provisioningState": "Succeeded",
    "purpose": null,
    "resourceGroup": "<redacted>",
    "resourceNavigationLinks": null,
    "routeTable": null,
    "serviceAssociationLinks": null,
    "serviceEndpointPolicies": null,
    "serviceEndpoints": [],
    "type": "Microsoft.Network/virtualNetworks/subnets"
  }

See original description

Tags:

Revision history for this message

Ian Booth (wallyworld) wrote on 2020-09-01:

Note: those options (configAttrInternalSubnetPrefix etc) are not in any released juju - they were done as an experiment to allow *everything* to be tweaked so we could discover how best to move forward with a final solution.

Revision history for this message

Pedro Guimarães (pguimaraes) wrote on 2020-09-02:

So, thinking through this issue, I propose we make a flexible network model-config.
This config should accomodate the case where: (1) I just want to specify one network and let juju create a subnet; (2) I have a network in a different RG; and (3) I have both network and subnet on the same or different RG.

I propose we create a method: getModelConfigNetwork(*azure.Config) (networkRGname, networkName, subnetName)

model-config can be one of the following types:
networkName
RGname/networkName
RGname/networkName/subnetName

and we break on "/" char.

description:

updated

Revision history for this message

Pedro Guimarães (pguimaraes) wrote on 2020-09-02:

To pass a different resource group for a network, we actually need to set it on the resourceId, on the ARM template.
So, that will look like:
https://github.com/wallyworld/juju/blob/azure-extra-network-config/provider/azure/environ.go#L719

Instead of:
subnetId := fmt.Sprintf(
`[concat(resourceId('Microsoft.Network/virtualNetworks', '%s'), '/subnets/%s')]`,
internalNetworkName, subnetName,
)

We should have:
subnetId := fmt.Sprintf(
`[concat(resourceId('%s','Microsoft.Network/virtualNetworks', '%s'), '/subnets/%s')]`,
networkRGname, internalNetworkName, subnetName,
)

Revision history for this message

Pen Gale (pengale) wrote on 2020-10-28:

Triaged as medium and added azure-provider tag.

It sounds like the next step here is to spec out the request, and figure out how the very flexible code in that prototype branch can be turned into something more formal and generalizeable in Juju's model.

Changed in juju:
status:	New → Triaged
importance:	Undecided → Medium
tags:	added: azure-provider

Revision history for this message

Ian Booth (wallyworld) wrote on 2020-10-28:

This is fix committed already with the work to add spaces support and subnet placement to Azure.

See

https://github.com/juju/juju/pull/12011
https://github.com/juju/juju/pull/11983

Changed in juju:
milestone:	none → 2.9-rc1
assignee:	nobody → Ian Booth (wallyworld)
status:	Triaged → Fix Committed
importance:	Medium → High

Joseph Phillips (manadart) on 2021-04-28

Changed in juju:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.