Fix network fields detection

Prior, if the VirtualNetwork field on status was empty, it was assumed that network fields were not provided. The controller would then generate them. The VirtualNetwork field is always empty at the beginning of an EKS cluster being created regardless of if the network fields are provided or not. This caused the controlplane and nodegroups to use subnets belonging to different VPC's. This is invalid and causes an error. Now, the provider is determined by evaluating whether subnets have been provided or not. Also, nodegroups will now use the networking fields on status which should match what the cluster is using.
rancher · Jul 29, 2020 · 6a1fbe7 · 6a1fbe7
1 parent 5678ccd
commit 6a1fbe7
Showing 1 changed file with 16 additions and 18 deletions.
diff --git a/controller/eks-cluster-config-handler.go b/controller/eks-cluster-config-handler.go
@@ -383,7 +383,22 @@ func (h *Handler) create(config *v13.EKSClusterConfig, sess *session.Session, ek
 
 	var subnetIds []*string
 	var securityGroups []*string
-	if config.Status.VirtualNetwork == "" {
+	if len(config.Spec.Subnets) != 0 {
+		logrus.Infof("VPC info provided, skipping vpc/subnet/securitygroup creation")
+		config = config.DeepCopy()
+		// copy networking fields to status
+		config.Status.Subnets = config.Spec.Subnets
+		config.Status.SecurityGroups = config.Spec.SecurityGroups
+		config.Status.NetworkFieldsSource = "provided"
+		var err error
+		config, err = h.eksCC.UpdateStatus(config)
+		if err != nil {
+			return config, err
+		}
+
+		subnetIds = aws.StringSlice(config.Spec.Subnets)
+		securityGroups = aws.StringSlice(config.Spec.SecurityGroups)
+	} else if config.Status.VirtualNetwork == "" {
 		logrus.Infof("Bringing up vpc")
 
 		stack, err := createStack(svc, getVPCStackName(config.Spec.DisplayName), displayName, templates.VpcTemplate, []string{},
@@ -413,21 +428,6 @@ func (h *Handler) create(config *v13.EKSClusterConfig, sess *session.Session, ek
 
 		securityGroups = aws.StringSlice(config.Status.SecurityGroups)
 		subnetIds = aws.StringSlice(config.Status.Subnets)
-	} else if len(config.Spec.Subnets) != 0 {
-		logrus.Infof("VPC info provided, skipping create")
-		config = config.DeepCopy()
-		// copy networking fields to status
-		config.Status.Subnets = config.Spec.Subnets
-		config.Status.SecurityGroups = config.Spec.SecurityGroups
-		config.Status.NetworkFieldsSource = "provided"
-		var err error
-		config, err = h.eksCC.UpdateStatus(config)
-		if err != nil {
-			return config, err
-		}
-
-		subnetIds = aws.StringSlice(config.Spec.Subnets)
-		securityGroups = aws.StringSlice(config.Spec.SecurityGroups)
 	}
 
 	var roleARN string
@@ -1164,8 +1164,6 @@ func createNodeGroup(eksConfig *v13.EKSClusterConfig, group v13.NodeGroup, eksSe
 
 	if len(group.Subnets) != 0 {
 		nodeGroupCreateInput.Subnets = aws.StringSlice(group.Subnets)
-	} else if len(eksConfig.Spec.Subnets) != 0 {
-		nodeGroupCreateInput.Subnets = aws.StringSlice(eksConfig.Spec.Subnets)
 	} else {
 		nodeGroupCreateInput.Subnets = aws.StringSlice(eksConfig.Status.Subnets)
 	}