Skip to content

Commit

Permalink
Merged main.
Browse files Browse the repository at this point in the history
  • Loading branch information
Haroon Feisal committed Apr 22, 2022
2 parents ba1d01e + d8c9058 commit 68e1f40
Show file tree
Hide file tree
Showing 223 changed files with 47,943 additions and 45,095 deletions.
13 changes: 13 additions & 0 deletions src/aks-preview/HISTORY.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,21 @@

Release History
===============

0.5.63
++++++

* Add support to create cluster with managed cluster snapshot. Command is
* `az aks create --cluster-snapshot-id <snapshot-id>`

0.5.62
++++++

* Add support for managing workload identity feature.

0.5.61
++++++

* Add support for `--format` parameter in `az aks get-credentials` command.

0.5.60
Expand Down
18 changes: 16 additions & 2 deletions src/aks-preview/azext_aks_preview/_help.py
Original file line number Diff line number Diff line change
Expand Up @@ -350,6 +350,9 @@
- name: --enable-pod-identity-with-kubenet
type: bool
short-summary: (PREVIEW) Enable pod identity addon for cluster using Kubnet network plugin.
- name: --enable-workload-identity
type: bool
short-summary: (PREVIEW) Enable workload identity addon.
- name: --aci-subnet-name
type: string
short-summary: The name of a subnet in an existing VNet into which to deploy the virtual nodes.
Expand Down Expand Up @@ -394,7 +397,10 @@
You must set or not set --gmsa-dns-server and --gmsa-root-domain-name at the same time when setting --enable-windows-gmsa.
- name: --snapshot-id
type: string
short-summary: The source snapshot id used to create this cluster.
short-summary: The source nodepool snapshot id used to create this cluster.
- name: --cluster-snapshot-id
type: string
short-summary: The source cluster snapshot id is used to create new cluster.
- name: --enable-oidc-issuer
type: bool
short-summary: (PREVIEW) Enable OIDC issuer.
Expand Down Expand Up @@ -466,8 +472,10 @@
text: az aks create -g MyResourceGroup -n MyManagedCluster --load-balancer-sku Standard --network-plugin azure --windows-admin-username azure --windows-admin-password 'replacePassword1234$' --enable-windows-gmsa
- name: Create a kubernetes cluster with enabling Windows gmsa but without setting DNS server in the vnet used by the cluster.
text: az aks create -g MyResourceGroup -n MyManagedCluster --load-balancer-sku Standard --network-plugin azure --windows-admin-username azure --windows-admin-password 'replacePassword1234$' --enable-windows-gmsa --gmsa-dns-server "10.240.0.4" --gmsa-root-domain-name "contoso.com"
- name: create a kubernetes cluster with a snapshot id.
- name: create a kubernetes cluster with a nodepool snapshot id.
text: az aks create -g MyResourceGroup -n MyManagedCluster --kubernetes-version 1.20.9 --snapshot-id "/subscriptions/00000/resourceGroups/AnotherResourceGroup/providers/Microsoft.ContainerService/snapshots/mysnapshot1"
- name: create a kubernetes cluster with a cluster snapshot id.
text: az aks create -g MyResourceGroup -n MyManagedCluster --cluster-snapshot-id "/subscriptions/00000/resourceGroups/AnotherResourceGroup/providers/Microsoft.ContainerService/managedclustersnapshots/mysnapshot1"
- name: create a kubernetes cluster with a Capacity Reservation Group(CRG) ID.
text: az aks create -g MyResourceGroup -n MyMC --kubernetes-version 1.20.9 --node-vm-size VMSize --assign-identity CRG-RG-ID --enable-managed-identity --crg-id "subscriptions/SubID/resourceGroups/RGName/providers/Microsoft.ContainerService/CapacityReservationGroups/MyCRGID"
- name: create a kubernetes cluster with support of hostgroup id.
Expand Down Expand Up @@ -618,6 +626,12 @@
- name: --disable-pod-identity
type: bool
short-summary: (PREVIEW) Disable Pod Identity addon for cluster.
- name: --enable-workload-identity
type: bool
short-summary: (PREVIEW) Enable Workload Identity addon for cluster.
- name: --disable-workload-identity
type: bool
short-summary: (PREVIEW) Disable Workload Identity addon for cluster.
- name: --enable-secret-rotation
type: bool
short-summary: Enable secret rotation. Use with azure-keyvault-secrets-provider addon.
Expand Down
7 changes: 6 additions & 1 deletion src/aks-preview/azext_aks_preview/_params.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
get_vm_size_completion_list, get_k8s_versions_completion_list, get_k8s_upgrades_completion_list, get_ossku_completion_list)
from ._validators import (
validate_create_parameters, validate_k8s_version, validate_linux_host_name,
validate_ssh_key, validate_nodes_count, validate_ip_ranges, validate_snapshot_name,
validate_ssh_key, validate_nodes_count, validate_ip_ranges, validate_snapshot_name, validate_cluster_snapshot_id,
validate_nodepool_name, validate_vm_set_type, validate_load_balancer_sku, validate_nodepool_id, validate_cluster_id, validate_snapshot_id, validate_crg_id,
validate_load_balancer_outbound_ips, validate_load_balancer_outbound_ip_prefixes, validate_nat_gateway_managed_outbound_ip_count,
validate_taints, validate_priority, validate_eviction_policy, validate_spot_max_price, validate_acr, validate_user,
Expand Down Expand Up @@ -169,6 +169,7 @@ def load_arguments(self, _):
c.argument('http_proxy_config', options_list=[
'--http-proxy-config'], type=str)
c.argument('enable_pod_identity', action='store_true')
c.argument('enable_workload_identity', arg_type=get_three_state_flag(), is_preview=True)
c.argument('appgw_name', options_list=[
'--appgw-name'], arg_group='Application Gateway')
c.argument('appgw_subnet_prefix', options_list=[
Expand Down Expand Up @@ -202,6 +203,8 @@ def load_arguments(self, _):
c.argument('workload_runtime', arg_type=get_enum_type(
workload_runtimes), default=CONST_WORKLOAD_RUNTIME_OCI_CONTAINER)
c.argument('snapshot_id', type=str, validator=validate_snapshot_id)
c.argument('cluster_snapshot_id',
validator=validate_cluster_snapshot_id, is_preview=True)
c.argument('enable_oidc_issuer', action='store_true', is_preview=True)
c.argument('host_group_id',
validator=validate_host_group_id, is_preview=True)
Expand Down Expand Up @@ -255,6 +258,8 @@ def load_arguments(self, _):
validator=validate_assign_identity)
c.argument('enable_pod_identity', action='store_true')
c.argument('disable_pod_identity', action='store_true')
c.argument('enable_workload_identity', arg_type=get_three_state_flag(), is_preview=True)
c.argument('disable_workload_identity', arg_type=get_three_state_flag(), is_preview=True)
c.argument('enable_secret_rotation', action='store_true')
c.argument('disable_secret_rotation', action='store_true')
c.argument('rotation_poll_interval', type=str)
Expand Down
8 changes: 8 additions & 0 deletions src/aks-preview/azext_aks_preview/_validators.py
Original file line number Diff line number Diff line change
Expand Up @@ -544,6 +544,14 @@ def validate_snapshot_id(namespace):
"--snapshot-id is not a valid Azure resource ID.")


def validate_cluster_snapshot_id(namespace):
if namespace.cluster_snapshot_id:
from msrestazure.tools import is_valid_resource_id
if not is_valid_resource_id(namespace.cluster_snapshot_id):
raise InvalidArgumentValueError(
"--cluster-snapshot-id is not a valid Azure resource ID.")


def validate_host_group_id(namespace):
if namespace.host_group_id:
from msrestazure.tools import is_valid_resource_id
Expand Down
27 changes: 27 additions & 0 deletions src/aks-preview/azext_aks_preview/custom.py
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,27 @@ def _get_snapshot(cli_ctx, snapshot_id):
"Cannot parse snapshot name from provided resource id {}.".format(snapshot_id))


def _get_cluster_snapshot(cli_ctx, snapshot_id):
snapshot_id = snapshot_id.lower()
match = _re_mc_snapshot_resource_id.search(snapshot_id)
if match:
subscription_id = match.group(1)
resource_group_name = match.group(2)
snapshot_name = match.group(3)
snapshot_client = cf_mc_snapshots_client(
cli_ctx, subscription_id=subscription_id)
try:
snapshot = snapshot_client.get(resource_group_name, snapshot_name)
except CloudError as ex:
if 'was not found' in ex.message:
raise InvalidArgumentValueError(
"Managed cluster snapshot {} not found.".format(snapshot_id))
raise CLIError(ex.message)
return snapshot
raise InvalidArgumentValueError(
"Cannot parse snapshot name from provided resource id {}.".format(snapshot_id))


def aks_browse(
cmd,
client,
Expand Down Expand Up @@ -753,6 +774,8 @@ def aks_create(cmd,
auto_upgrade_channel=None,
enable_pod_identity=False,
enable_pod_identity_with_kubenet=False,
# NOTE: for workload identity flags, we need to know if it's set to True/False or not set (None)
enable_workload_identity=None,
enable_encryption_at_host=False,
enable_ultra_ssd=False,
edge_zone=None,
Expand All @@ -767,6 +790,7 @@ def aks_create(cmd,
gmsa_dns_server=None,
gmsa_root_domain_name=None,
snapshot_id=None,
cluster_snapshot_id=None,
enable_oidc_issuer=False,
host_group_id=None,
crg_id=None,
Expand Down Expand Up @@ -834,6 +858,9 @@ def aks_update(cmd, # pylint: disable=too-many-statements,too-many-branches,
enable_pod_identity=False,
enable_pod_identity_with_kubenet=False,
disable_pod_identity=False,
# NOTE: for workload identity flags, we need to know if it's set to True/False or not set (None)
enable_workload_identity=None,
disable_workload_identity=None,
enable_secret_rotation=False,
disable_secret_rotation=False,
rotation_poll_interval=None,
Expand Down
Loading

0 comments on commit 68e1f40

Please sign in to comment.