Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: CDN FrontdoorOrigin object can't use privatelink-service for loadbalancer with privateLinkTargetIdRef object #824

Open
1 task done
reshmarajan1730 opened this issue Sep 24, 2024 · 1 comment
Open
1 task done

[Bug]: CDN FrontdoorOrigin object can't use privatelink-service for loadbalancer with privateLinkTargetIdRef object #824

reshmarajan1730 opened this issue Sep 24, 2024 · 1 comment
Labels
bug Something isn't working needs:triage

Comments

@reshmarajan1730
Copy link

reshmarajan1730 commented Sep 24, 2024
edited by mergenci
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Affected Resource(s)

cdn.azure.upbound.io/FrontdoorOrigin/v1beta1

Resource MRs required to reproduce the bug

---
apiVersion: cdn.azure.upbound.io/v1beta1
kind: FrontdoorEndpoint
metadata:
  name: apim
spec:
  forProvider:
    cdnFrontdoorProfileId: REPLACE-WITH-ID
    enabled: true
---

apiVersion: cdn.azure.upbound.io/v1beta1
kind: FrontdoorEndpoint
metadata:
  name: lb
spec:
  forProvider:
    cdnFrontdoorProfileId: REPLACE-WITH-ID
    enabled: true
---

apiVersion: cdn.azure.upbound.io/v1beta1
kind: FrontdoorOrigin
metadata:
  name: apim
spec:
  forProvider:
    cdnFrontdoorOriginGroupIdRef:
      name: apim
    certificateNameCheckEnabled: false
    enabled: true
    hostName: "APIM.HOSTNAME.COM"
    httpPort: 80
    httpsPort: 443
    originHostHeader: "APIM.HOSTNAME.COM"
    priority: 1
    weight: 50
    healthProbesEnabled: true
---

apiVersion: cdn.azure.upbound.io/v1beta1
kind: FrontdoorOrigin
metadata:
  name: lb
spec:
  forProvider:
    cdnFrontdoorOriginGroupIdRef:
      name: lb
    certificateNameCheckEnabled: false
    enabled: true
    hostName: "10.1.65.5"
    httpPort: 80
    httpsPort: 443
    originHostHeader: "10.1.65.5"
    priority: 1
    weight: 50
    healthProbesEnabled: true
    privateLink:
      - location:  "westeurope"
        privateLinkTargetIdRef:
          name: "privatelink"
        requestMessage: "Request from frontdoor origin - lb"
---

apiVersion: cdn.azure.upbound.io/v1beta1
kind: FrontdoorOriginGroup
metadata:
  name: apim
spec:
  forProvider:
    cdnFrontdoorProfileId: REPLACE-WITHID
    loadBalancing:
      - additionalLatencyInMilliseconds: 0
        sampleSize: 16
        successfulSamplesRequired:  3
    restoreTrafficTimeToHealedOrNewEndpointInMinutes:  5
    sessionAffinityEnabled:  true
---

apiVersion: cdn.azure.upbound.io/v1beta1
kind: FrontdoorOriginGroup
metadata:
  name: lb
spec:
  forProvider:
    cdnFrontdoorProfileId: REPLACE-WITH-ID
    loadBalancing:
      - additionalLatencyInMilliseconds: 0
        sampleSize: 16
        successfulSamplesRequired:  3
    restoreTrafficTimeToHealedOrNewEndpointInMinutes:  5
    sessionAffinityEnabled:  true
---

apiVersion: cdn.azure.upbound.io/v1beta1
kind: FrontdoorRoute
metadata:
  name: apim
spec:
  forProvider:  
    cdnFrontdoorEndpointIdRef:
      name: apim
    cdnFrontdoorOriginGroupIdRef:
      name: apim
    cdnFrontdoorOriginIdsRefs: 
      - name: apim
    patternsToMatch:
        - /api  
    forwardingProtocol: HttpsOnly
    httpsRedirectEnabled: true
    linkToDefaultDomain: false
    supportedProtocols:
      - Http
      - Https
---

apiVersion: cdn.azure.upbound.io/v1beta1
kind: FrontdoorRoute
metadata:
  name: lb
spec:
  forProvider:  
    cdnFrontdoorEndpointIdRef:
      name: lb
    cdnFrontdoorOriginGroupIdRef:
      name: lb
    cdnFrontdoorOriginIdsRefs: 
      - name: lb
    patternsToMatch:
        - /app  
    forwardingProtocol: HttpsOnly
    httpsRedirectEnabled: true
    linkToDefaultDomain: false
    supportedProtocols:
      - Http
      - Https

Steps to Reproduce

1: create internal loadbalancer
2: Create private link service for loadbalancer
3: Create frontdoor origin with Privatelink service created above with privateLinkTargetIdRef.name object

What happened?

Creating a frontdoor origin for internal loadbalancer with privatelinkservice fails when privatelink is referred with privateLinkTargetIdRef name object.
Origin creation works fine if the privatelink service id is passed but fails if name reference is used. It seems to support only privatelink service for storage account.

Relevant Error Output Snippet

cannot resolve references: mg.Spec.ForProvider.PrivateLink[i3].PrivateLinkTargetID: cannot get referenced resource: Account.storage.azure.upbound.io "privatelink" not found


### Crossplane Version

v1.16.0

### Provider Version

provider-azure-cdn:v1.1.0

### Kubernetes Version

_No response_

### Kubernetes Distribution

AKS

### Additional Info

_No response_
@reshmarajan1730 reshmarajan1730 added bug Something isn't working needs:triage labels Sep 24, 2024
@reshmarajan1730 reshmarajan1730 changed the title [Bug]: [Bug]: CDN FrontdoorOrigin object can't use privatelink-service for loadbalancer with privateLinkTargetIdRef object Sep 24, 2024
@sschne
Copy link

sschne commented Sep 30, 2024

The private_link_target_id can have multiple types, e.g. Storage account id, private link service id or app services id, depending on what you want to link with. However resource references are limited to only one type crossplane/upjet#414

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working needs:triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sschne @reshmarajan1730