Skip to content

Commit

Permalink
azure_rm_aks - Upgrade azure-mgmt-containerservice to v31.0.0 (#1677)
Browse files Browse the repository at this point in the history 
* Upgrade azure-mgmt-containerservice to v31.0.0

* small change

* Update test case

* Modify test case

* Add enable_azure_rbac to azure_rm_aks.py
  • Loading branch information
@Fred-sun
Fred-sun authored Aug 19, 2024
1 parent 2d8f61d commit 831e36c
Show file tree
Hide file tree
Showing 4 changed files with 39 additions and 5 deletions.
6 changes: 3 additions & 3 deletions plugins/module_utils/azure_rm_common.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1164,21 +1164,21 @@ def containerservice_client(self):
if not self._containerservice_client:
self._containerservice_client = self.get_mgmt_svc_client(ContainerServiceClient,
base_url=self._cloud_environment.endpoints.resource_manager,
api_version='2017-07-01')
api_version='2019-04-01')
return self._containerservice_client

@property
def managedcluster_models(self):
self.log("Getting container service models")
return ContainerServiceClient.models('2022-02-01')
return ContainerServiceClient.models('2023-03-01')

@property
def managedcluster_client(self):
self.log('Getting container service client')
if not self._managedcluster_client:
self._managedcluster_client = self.get_mgmt_svc_client(ContainerServiceClient,
base_url=self._cloud_environment.endpoints.resource_manager,
api_version='2022-02-01')
api_version='2023-03-01')
return self._managedcluster_client

@property
Expand Down
17 changes: 16 additions & 1 deletion plugins/modules/azure_rm_aks.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -225,6 +225,12 @@
choices:
- azure
- kubenet
network_plugin_mode:
description:
- Network plugin mode used for building the Kubernetes network.
type: str
choices:
- Overlay
network_policy:
description: Network policy used for building Kubernetes network.
type: str
Expand Down Expand Up @@ -310,6 +316,11 @@
- Whether to enable managed AAD.
type: bool
default: false
enable_azure_rbac:
description:
- Whether to enable Azure RBAC for Kubernetes authorization.
type: bool
default: false
admin_group_object_ids:
description:
- AAD group object IDs that will have admin role of the cluster.
Expand Down Expand Up @@ -689,6 +700,7 @@ def create_pod_identity_profile(pod_profile):
def create_network_profiles_dict(network):
return dict(
network_plugin=network.network_plugin,
network_plugin_mode=network.network_plugin_mode,
network_policy=network.network_policy,
pod_cidr=network.pod_cidr,
service_cidr=network.service_cidr,
Expand Down Expand Up @@ -831,6 +843,7 @@ def create_addon_profiles_spec():

network_profile_spec = dict(
network_plugin=dict(type='str', choices=['azure', 'kubenet']),
network_plugin_mode=dict(type='str', choices=['Overlay']),
network_policy=dict(type='str', choices=['azure', 'calico']),
pod_cidr=dict(type='str'),
service_cidr=dict(type='str'),
Expand All @@ -847,6 +860,7 @@ def create_addon_profiles_spec():
server_app_secret=dict(type='str', no_log=True),
tenant_id=dict(type='str'),
managed=dict(type='bool', default='false'),
enable_azure_rbac=dict(type='bool', default='false'),
admin_group_object_ids=dict(type='list', elements='str')
)

Expand Down Expand Up @@ -1078,7 +1092,8 @@ def is_property_changed(profile, property, ignore_case=False):
to_be_updated = True

if response['api_server_access_profile'] != self.api_server_access_profile and self.api_server_access_profile is not None:
if self.api_server_access_profile.get('enable_private_cluster') != response['api_server_access_profile'].get('enable_private_cluster'):
if bool(self.api_server_access_profile.get('enable_private_cluster')) != \
bool(response['api_server_access_profile'].get('enable_private_cluster')):
self.log(("Api Server Access Diff - Origin {0} / Update {1}"
.format(str(self.api_server_access_profile), str(response['api_server_access_profile']))))
self.fail("The enable_private_cluster of the api server access profile cannot be updated")
Expand Down
2 changes: 1 addition & 1 deletion requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ azure-mgmt-containerinstance==9.0.0
azure-mgmt-core==1.4.0
azure-mgmt-containerregistry==9.1.0
azure-containerregistry==1.1.0
azure-mgmt-containerservice==20.0.0
azure-mgmt-containerservice==31.0.0
azure-mgmt-datafactory==2.0.0
azure-mgmt-dns==8.0.0
azure-mgmt-marketplaceordering==1.1.0
Expand Down
19 changes: 19 additions & 0 deletions tests/integration/targets/azure_rm_aks/tasks/minimal-cluster.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
enable_rbac: true
aad_profile:
managed: true
enable_azure_rbac: true
agent_pool_profiles:
- name: default
count: 1
Expand All @@ -30,6 +31,8 @@
- "203.0.113.0"
enable_private_cluster: false
network_profile:
network_plugin_mode: Overlay
network_plugin: azure
load_balancer_sku: standard
outbound_type: loadBalancer
register: output
Expand All @@ -52,6 +55,7 @@
- "fact.aks | length == 1"
- fact.aks[0].id == output.id
- fact.aks[0].aad_profile.managed == true
- fact.aks[0].aad_profile.enable_azure_rbac == true

- name: Use minimal parameters and system-assigned identity (idempotent)
azure_rm_aks:
Expand All @@ -65,6 +69,7 @@
type: "SystemAssigned"
aad_profile:
managed: true
enable_azure_rbac: true
agent_pool_profiles:
- name: default
count: 1
Expand All @@ -77,6 +82,8 @@
- "203.0.113.0"
enable_private_cluster: false
network_profile:
network_plugin_mode: Overlay
network_plugin: azure
load_balancer_sku: standard
outbound_type: loadBalancer
register: output
Expand All @@ -99,6 +106,7 @@
user_assigned_identities: "{{ user_identity }}"
aad_profile:
managed: true
enable_azure_rbac: true
agent_pool_profiles:
- name: default
count: 1
Expand All @@ -111,8 +119,10 @@
- "203.0.113.0"
enable_private_cluster: false
network_profile:
network_plugin_mode: Overlay
load_balancer_sku: standard
outbound_type: loadBalancer
network_plugin: azure
register: output

- name: Assert the AKS instance is well created
Expand All @@ -133,6 +143,7 @@
- "fact.aks | length == 1"
- fact.aks[0].id == output.id
- fact.aks[0].aad_profile.managed == true
- fact.aks[0].network_profile.network_plugin_mode == "overlay"
- user_identity in fact.aks[0].identity.user_assigned_identities

- name: Use minimal parameters and user-assigned identity (idempotent)
Expand All @@ -148,6 +159,7 @@
user_assigned_identities: "{{ user_identity }}"
aad_profile:
managed: true
enable_azure_rbac: true
agent_pool_profiles:
- name: default
count: 1
Expand All @@ -160,6 +172,8 @@
- "203.0.113.0"
enable_private_cluster: false
network_profile:
network_plugin_mode: Overlay
network_plugin: azure
load_balancer_sku: standard
outbound_type: loadBalancer
register: output
Expand All @@ -182,6 +196,7 @@
user_assigned_identities: "{{ user_identity_2 }}"
aad_profile:
managed: true
enable_azure_rbac: true
agent_pool_profiles:
- name: default
count: 1
Expand All @@ -194,6 +209,8 @@
- "203.0.113.0"
enable_private_cluster: false
network_profile:
network_plugin_mode: Overlay
network_plugin: azure
load_balancer_sku: standard
outbound_type: loadBalancer
register: output
Expand Down Expand Up @@ -239,6 +256,8 @@
- "203.0.113.0"
enable_private_cluster: false
network_profile:
network_plugin_mode: Overlay
network_plugin: azure
load_balancer_sku: standard
outbound_type: loadBalancer
register: output
Expand Down

0 comments on commit 831e36c

Please sign in to comment.