Merge pull request #16299 from justinsb/split_out_loadbalancerlistener

Refactor: Split out NLB Listener into its own task

cloudmock/aws/mockelbv2/listeners.go

@@ -21,39 +21,41 @@ import (
 	"strings"
 
 	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/request"
 	"github.com/aws/aws-sdk-go/service/elbv2"
 	"k8s.io/klog/v2"
 )
 
-func (m *MockELBV2) DescribeListeners(request *elbv2.DescribeListenersInput) (*elbv2.DescribeListenersOutput, error) {
+func (m *MockELBV2) DescribeListenersPagesWithContext(ctx aws.Context, request *elbv2.DescribeListenersInput, callback func(*elbv2.DescribeListenersOutput, bool) bool, options ...request.Option) error {
 	m.mutex.Lock()
 	defer m.mutex.Unlock()
 
-	klog.Infof("DescribeListeners v2 %v", request)
+	klog.Infof("DescribeListenersPagesWithContext v2 %v", request)
 
-	resp := &elbv2.DescribeListenersOutput{
+	page := &elbv2.DescribeListenersOutput{
 		Listeners: make([]*elbv2.Listener, 0),
 	}
 	for _, l := range m.Listeners {
 		listener := l.description
 		if aws.StringValue(request.LoadBalancerArn) == aws.StringValue(listener.LoadBalancerArn) {
-			resp.Listeners = append(resp.Listeners, &listener)
+			page.Listeners = append(page.Listeners, &listener)
 		} else {
 			for _, reqARN := range request.ListenerArns {
 				if aws.StringValue(reqARN) == aws.StringValue(listener.ListenerArn) {
-					resp.Listeners = append(resp.Listeners, &listener)
+					page.Listeners = append(page.Listeners, &listener)
 				}
 			}
 		}
 	}
-	return resp, nil
+	callback(page, true)
+	return nil
 }
 
-func (m *MockELBV2) CreateListener(request *elbv2.CreateListenerInput) (*elbv2.CreateListenerOutput, error) {
+func (m *MockELBV2) CreateListenerWithContext(ctx aws.Context, request *elbv2.CreateListenerInput, opts ...request.Option) (*elbv2.CreateListenerOutput, error) {
 	m.mutex.Lock()
 	defer m.mutex.Unlock()
 
-	klog.Infof("CreateListener v2 %v", request)
+	klog.Infof("CreateListenerWithContext v2 %v", request)
 
 	l := elbv2.Listener{
 		DefaultActions:  request.DefaultActions,
@@ -96,11 +98,11 @@ func (m *MockELBV2) CreateListener(request *elbv2.CreateListenerInput) (*elbv2.C
 	return &elbv2.CreateListenerOutput{Listeners: []*elbv2.Listener{&l}}, nil
 }
 
-func (m *MockELBV2) DeleteListener(request *elbv2.DeleteListenerInput) (*elbv2.DeleteListenerOutput, error) {
+func (m *MockELBV2) DeleteListenerWithContext(ctx aws.Context, request *elbv2.DeleteListenerInput, opts ...request.Option) (*elbv2.DeleteListenerOutput, error) {
 	m.mutex.Lock()
 	defer m.mutex.Unlock()
 
-	klog.Infof("DeleteListener v2 %v", request)
+	klog.Infof("DeleteListenerWithContext v2 %v", request)
 
 	lARN := aws.StringValue(request.ListenerArn)
 	if _, ok := m.Listeners[lARN]; !ok {

pkg/model/awsmodel/api_loadbalancer.go

@@ -134,31 +134,49 @@ func (b *APILoadBalancerBuilder) Build(c *fi.CloudupModelBuilderContext) error {
 		listeners := map[string]*awstasks.ClassicLoadBalancerListener{
 			"443": {InstancePort: 443},
 		}
+		var nlbListeners []*awstasks.NetworkLoadBalancerListener
+
+		if lbSpec.SSLCertificate == "" {
+			listener443 := &awstasks.NetworkLoadBalancerListener{
+				Name:                fi.PtrTo(b.NLBListenerName("api", 443)),
+				Lifecycle:           b.Lifecycle,
+				NetworkLoadBalancer: b.LinkToNLB("api"),
+				Port:                443,
+				TargetGroup:         b.LinkToTargetGroup("tcp"),
+			}
+			nlbListeners = append(nlbListeners, listener443)
+		} else {
+			listener8443 := &awstasks.NetworkLoadBalancerListener{
+				Name:                fi.PtrTo(b.NLBListenerName("api", 8443)),
+				Lifecycle:           b.Lifecycle,
+				NetworkLoadBalancer: b.LinkToNLB("api"),
+				Port:                8443,
+				TargetGroup:         b.LinkToTargetGroup("tcp"),
+			}
+			nlbListeners = append(nlbListeners, listener8443)
 
-		nlbListeners := []*awstasks.NetworkLoadBalancerListener{
-			{
-				Port:            443,
-				TargetGroupName: b.NLBTargetGroupName("tcp"),
-			},
-		}
-		if b.Cluster.UsesNoneDNS() {
-			nlbListeners = append(nlbListeners, &awstasks.NetworkLoadBalancerListener{
-				Port:            wellknownports.KopsControllerPort,
-				TargetGroupName: b.NLBTargetGroupName("kops-controller"),
-			})
-		}
-
-		if lbSpec.SSLCertificate != "" {
 			listeners["443"].SSLCertificateID = lbSpec.SSLCertificate
-			nlbListeners[0].Port = 8443
-
-			nlbListener := &awstasks.NetworkLoadBalancerListener{
-				Port:             443,
-				TargetGroupName:  b.NLBTargetGroupName("tls"),
-				SSLCertificateID: lbSpec.SSLCertificate,
+			listener443 := &awstasks.NetworkLoadBalancerListener{
+				Name:                fi.PtrTo(b.NLBListenerName("api", 443)),
+				Lifecycle:           b.Lifecycle,
+				NetworkLoadBalancer: b.LinkToNLB("api"),
+				Port:                443,
+				TargetGroup:         b.LinkToTargetGroup("tls"),
+				SSLCertificateID:    lbSpec.SSLCertificate,
 			}
 			if lbSpec.SSLPolicy != nil {
-				nlbListener.SSLPolicy = *lbSpec.SSLPolicy
+				listener443.SSLPolicy = *lbSpec.SSLPolicy
+			}
+			nlbListeners = append(nlbListeners, listener443)
+		}
+
+		if b.Cluster.UsesNoneDNS() {
+			nlbListener := &awstasks.NetworkLoadBalancerListener{
+				Name:                fi.PtrTo(b.NLBListenerName("api", wellknownports.KopsControllerPort)),
+				Lifecycle:           b.Lifecycle,
+				NetworkLoadBalancer: b.LinkToNLB("api"),
+				Port:                wellknownports.KopsControllerPort,
+				TargetGroup:         b.LinkToTargetGroup("kops-controller"),
 			}
 			nlbListeners = append(nlbListeners, nlbListener)
 		}
@@ -184,7 +202,6 @@ func (b *APILoadBalancerBuilder) Build(c *fi.CloudupModelBuilderContext) error {
 				b.LinkToELBSecurityGroup("api"),
 			},
 			SubnetMappings: nlbSubnetMappings,
-			Listeners:      nlbListeners,
 			TargetGroups:   make([]*awstasks.TargetGroup, 0),
 
 			Tags:              tags,
@@ -359,6 +376,9 @@ func (b *APILoadBalancerBuilder) Build(c *fi.CloudupModelBuilderContext) error {
 				nlb.TargetGroups = append(nlb.TargetGroups, secondaryTG)
 			}
 			sort.Stable(awstasks.OrderTargetGroupsByName(nlb.TargetGroups))
+			for _, nlbListener := range nlbListeners {
+				c.AddTask(nlbListener)
+			}
 			c.AddTask(nlb)
 		}
 

pkg/model/awsmodel/bastion.go

@@ -328,12 +328,15 @@ func (b *BastionModelBuilder) Build(c *fi.CloudupModelBuilderContext) error {
 		// Override the returned name to be the expected ELB name
 		tags["Name"] = "bastion." + b.ClusterName()
 
-		nlbListeners := []*awstasks.NetworkLoadBalancerListener{
-			{
-				Port:            22,
-				TargetGroupName: b.NLBTargetGroupName("bastion"),
-			},
+		nlbListener := &awstasks.NetworkLoadBalancerListener{
+			Name:                fi.PtrTo(b.NLBListenerName("bastion", 22)),
+			Lifecycle:           b.Lifecycle,
+			NetworkLoadBalancer: b.LinkToNLB("bastion"),
+			Port:                22,
+			TargetGroup:         b.LinkToTargetGroup("bastion"),
 		}
+		c.AddTask(nlbListener)
+
 		nlb = &awstasks.NetworkLoadBalancer{
 			Name:      fi.PtrTo(b.NLBName("bastion")),
 			Lifecycle: b.Lifecycle,
@@ -344,7 +347,6 @@ func (b *BastionModelBuilder) Build(c *fi.CloudupModelBuilderContext) error {
 			SecurityGroups: []*awstasks.SecurityGroup{
 				b.LinkToELBSecurityGroup("bastion"),
 			},
-			Listeners:    nlbListeners,
 			TargetGroups: make([]*awstasks.TargetGroup, 0),
 
 			Tags:          tags,

pkg/model/names.go

@@ -19,6 +19,7 @@ package model
 import (
 	"fmt"
 	"regexp"
+	"strconv"
 	"strings"
 
 	"k8s.io/klog/v2"
@@ -115,6 +116,11 @@ func (b *KopsModelContext) LinkToNLB(prefix string) *awstasks.NetworkLoadBalance
 	return &awstasks.NetworkLoadBalancer{Name: &name}
 }
 
+func (b *KopsModelContext) NLBListenerName(loadBalancerPrefix string, port int) string {
+	name := b.NLBName(loadBalancerPrefix)
+	return name + "-" + strconv.Itoa(port)
+}
+
 func (b *KopsModelContext) LinkToTargetGroup(prefix string) *awstasks.TargetGroup {
 	name := b.NLBTargetGroupName(prefix)
 	return &awstasks.TargetGroup{Name: &name}