From 3c07157e71481e897b426f31fb2f10f92a0e651a Mon Sep 17 00:00:00 2001 From: JPEasier Date: Thu, 10 Mar 2022 16:00:02 +0100 Subject: [PATCH 1/8] add AGIC config --- .../managedClusters/deploy.bicep | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep index 08c5242fb2..93a2b72440 100644 --- a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep +++ b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep @@ -128,6 +128,12 @@ param agentPools array = [] @description('Optional. Specifies whether the httpApplicationRouting add-on is enabled or not.') param httpApplicationRoutingEnabled bool = false +@description('Optional. Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not.') +param ingressApplicationGatewayEnabled bool = false + +@description('Optional. Specifies the resource id of conected application gateway.') +param appGatewayResourceId string = '' + @description('Optional. Specifies whether the aciConnectorLinux add-on is enabled or not.') param aciConnectorLinuxEnabled bool = false @@ -363,6 +369,13 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2021-10-01' httpApplicationRouting: { enabled: httpApplicationRoutingEnabled } + ingressApplicationGateway: { + enabled: ingressApplicationGatewayEnabled + config: { + applicationGatewayId: appGatewayResourceId + effectiveApplicationGatewayId: appGatewayResourceId + } + } omsagent: { enabled: omsAgentEnabled && !empty(monitoringWorkspaceId) config: { From f21cb96a14b603522ba60d15a645b982ba8c479f Mon Sep 17 00:00:00 2001 From: JPEasier Date: Mon, 25 Apr 2022 16:05:53 +0200 Subject: [PATCH 2/8] update readme with new parameters --- arm/Microsoft.ContainerService/managedClusters/readme.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arm/Microsoft.ContainerService/managedClusters/readme.md b/arm/Microsoft.ContainerService/managedClusters/readme.md index c2055cc157..a5ff6e42bd 100644 --- a/arm/Microsoft.ContainerService/managedClusters/readme.md +++ b/arm/Microsoft.ContainerService/managedClusters/readme.md @@ -72,6 +72,8 @@ This module deploys Azure Kubernetes Cluster (AKS). | `enablePrivateClusterPublicFQDN` | bool | `False` | | Optional. Whether to create additional public FQDN for private cluster or not. | | `enableSecretRotation` | string | `false` | `[false, true]` | Optional. Specifies whether the KeyvaultSecretsProvider add-on uses secret rotation. | | `httpApplicationRoutingEnabled` | bool | `False` | | Optional. Specifies whether the httpApplicationRouting add-on is enabled or not. | +| `ingressApplicationGatewayEnabled` | bool | `False` | | Optional. Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not. | +| `appGatewayResourceId` | string | | | Optional. Specifies the resource id of conected application gateway. | | `kubeDashboardEnabled` | bool | `False` | | Optional. Specifies whether the kubeDashboard add-on is enabled or not. | | `location` | string | `[resourceGroup().location]` | | Optional. Specifies the location of AKS cluster. It picks up Resource Group's location by default. | | `lock` | string | `NotSpecified` | `[CanNotDelete, NotSpecified, ReadOnly]` | Optional. Specify the type of lock. | From 84db4bbcd2ba198fef18f5ab1a2fb276bfc1c6f3 Mon Sep 17 00:00:00 2001 From: JPEasier Date: Mon, 25 Apr 2022 16:21:01 +0200 Subject: [PATCH 3/8] update aks api version --- arm/Microsoft.ContainerService/managedClusters/deploy.bicep | 2 +- arm/Microsoft.ContainerService/managedClusters/version.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep index 93a2b72440..78e847919b 100644 --- a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep +++ b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep @@ -350,7 +350,7 @@ module pid_cuaId '.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) { params: {} } -resource managedCluster 'Microsoft.ContainerService/managedClusters@2021-10-01' = { +resource managedCluster 'Microsoft.ContainerService/managedClusters@2022-02-01' = { name: name location: location tags: (empty(tags) ? null : tags) diff --git a/arm/Microsoft.ContainerService/managedClusters/version.json b/arm/Microsoft.ContainerService/managedClusters/version.json index 56f8d9ca40..badc0a2285 100644 --- a/arm/Microsoft.ContainerService/managedClusters/version.json +++ b/arm/Microsoft.ContainerService/managedClusters/version.json @@ -1,4 +1,4 @@ { "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json", - "version": "0.4" + "version": "0.5" } From 18d68bddb01f0147d2527444238d2e1e0edb7d4e Mon Sep 17 00:00:00 2001 From: JPEasier Date: Fri, 29 Apr 2022 11:03:45 +0200 Subject: [PATCH 4/8] add ingress condition --- arm/Microsoft.ContainerService/managedClusters/deploy.bicep | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep index 78e847919b..a248a2f7fe 100644 --- a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep +++ b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep @@ -370,10 +370,10 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2022-02-01' enabled: httpApplicationRoutingEnabled } ingressApplicationGateway: { - enabled: ingressApplicationGatewayEnabled + enabled: ingressApplicationGatewayEnabled && !empty(appGatewayResourceId) config: { - applicationGatewayId: appGatewayResourceId - effectiveApplicationGatewayId: appGatewayResourceId + applicationGatewayId: !empty(appGatewayResourceId) ? any(appGatewayResourceId) : null + effectiveApplicationGatewayId: !empty(appGatewayResourceId) ? any(appGatewayResourceId) : null } } omsagent: { From fbd14f46335343251db57925fcfb80721af62528 Mon Sep 17 00:00:00 2001 From: JPEasier Date: Fri, 29 Apr 2022 17:18:14 +0200 Subject: [PATCH 5/8] Linting --- arm/Microsoft.ContainerService/managedClusters/deploy.bicep | 2 +- arm/Microsoft.ContainerService/managedClusters/readme.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep index 9ec0b6c821..c2b6dacb08 100644 --- a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep +++ b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep @@ -131,7 +131,7 @@ param httpApplicationRoutingEnabled bool = false @description('Optional. Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not.') param ingressApplicationGatewayEnabled bool = false -@description('Conditional. Specifies the resource id of conected application gateway. Must be set if `ingressApplicationGatewayEnabled` is set to `true`.') +@description('Conditional. Specifies the resource ID of conected application gateway. Must be set if `ingressApplicationGatewayEnabled` is set to `true`.') param appGatewayResourceId string = '' @description('Optional. Specifies whether the aciConnectorLinux add-on is enabled or not.') diff --git a/arm/Microsoft.ContainerService/managedClusters/readme.md b/arm/Microsoft.ContainerService/managedClusters/readme.md index 6bef7e9c58..20c7ab3c02 100644 --- a/arm/Microsoft.ContainerService/managedClusters/readme.md +++ b/arm/Microsoft.ContainerService/managedClusters/readme.md @@ -30,7 +30,7 @@ This module deploys Azure Kubernetes Cluster (AKS). **Conditional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `appGatewayResourceId` | string | `''` | Specifies the resource id of conected application gateway. Must be set if `ingressApplicationGatewayEnabled` is set to `true`. | +| `appGatewayResourceId` | string | `''` | Specifies the resource ID of conected application gateway. Must be set if `ingressApplicationGatewayEnabled` is set to `true`. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description | From 319b75d4399357e9197c9be2d3491c4a0ee01ede Mon Sep 17 00:00:00 2001 From: JPEasier Date: Fri, 29 Apr 2022 17:30:41 +0200 Subject: [PATCH 6/8] linting --- arm/Microsoft.ContainerService/managedClusters/deploy.bicep | 2 +- arm/Microsoft.ContainerService/managedClusters/readme.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep index c2b6dacb08..719f747230 100644 --- a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep +++ b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep @@ -208,7 +208,7 @@ param autoScalerProfileMaxTotalUnreadyPercentage string = '45' @description('Optional. For scenarios like burst/batch scale where you do not want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they are a certain age. Values must be an integer followed by a unit ("s" for seconds, "m" for minutes, "h" for hours, etc).') param autoScalerProfileNewPodScaleUpDelay string = '0s' -@description('Optional. Specifies the ok total unready count for the auto-scaler of the AKS cluster.') +@description('Optional. Specifies the OK total unready count for the auto-scaler of the AKS cluster.') param autoScalerProfileOkTotalUnreadyCount string = '3' @allowed([ diff --git a/arm/Microsoft.ContainerService/managedClusters/readme.md b/arm/Microsoft.ContainerService/managedClusters/readme.md index 20c7ab3c02..5973571e24 100644 --- a/arm/Microsoft.ContainerService/managedClusters/readme.md +++ b/arm/Microsoft.ContainerService/managedClusters/readme.md @@ -66,7 +66,7 @@ This module deploys Azure Kubernetes Cluster (AKS). | `autoScalerProfileMaxNodeProvisionTime` | string | `'15m'` | | Specifies the maximum node provisioning time for the auto-scaler of the AKS cluster. Values must be an integer followed by an "m". No unit of time other than minutes (m) is supported. | | `autoScalerProfileMaxTotalUnreadyPercentage` | string | `'45'` | | Specifies the mximum total unready percentage for the auto-scaler of the AKS cluster. The maximum is 100 and the minimum is 0. | | `autoScalerProfileNewPodScaleUpDelay` | string | `'0s'` | | For scenarios like burst/batch scale where you do not want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they are a certain age. Values must be an integer followed by a unit ("s" for seconds, "m" for minutes, "h" for hours, etc). | -| `autoScalerProfileOkTotalUnreadyCount` | string | `'3'` | | Specifies the ok total unready count for the auto-scaler of the AKS cluster. | +| `autoScalerProfileOkTotalUnreadyCount` | string | `'3'` | | Specifies the OK total unready count for the auto-scaler of the AKS cluster. | | `autoScalerProfileScaleDownDelayAfterAdd` | string | `'10m'` | | Specifies the scale down delay after add of the auto-scaler of the AKS cluster. | | `autoScalerProfileScaleDownDelayAfterDelete` | string | `'20s'` | | Specifies the scale down delay after delete of the auto-scaler of the AKS cluster. | | `autoScalerProfileScaleDownDelayAfterFailure` | string | `'3m'` | | Specifies scale down delay after failure of the auto-scaler of the AKS cluster. | From 49c1ef9e5332f4f1c95ce634eb7390d03644ac55 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Tue, 3 May 2022 14:55:02 +0200 Subject: [PATCH 7/8] Update arm/Microsoft.ContainerService/managedClusters/deploy.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> --- arm/Microsoft.ContainerService/managedClusters/deploy.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep index 719f747230..9c446189a5 100644 --- a/arm/Microsoft.ContainerService/managedClusters/deploy.bicep +++ b/arm/Microsoft.ContainerService/managedClusters/deploy.bicep @@ -131,7 +131,7 @@ param httpApplicationRoutingEnabled bool = false @description('Optional. Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not.') param ingressApplicationGatewayEnabled bool = false -@description('Conditional. Specifies the resource ID of conected application gateway. Must be set if `ingressApplicationGatewayEnabled` is set to `true`.') +@description('Conditional. Required if `ingressApplicationGatewayEnabled` is set to `true`. Specifies the resource ID of connected application gateway.') param appGatewayResourceId string = '' @description('Optional. Specifies whether the aciConnectorLinux add-on is enabled or not.') From 8fef243ead8e21761c71240acb16969505f31503 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Tue, 3 May 2022 14:57:29 +0200 Subject: [PATCH 8/8] Re-generated readme --- arm/Microsoft.ContainerService/managedClusters/readme.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arm/Microsoft.ContainerService/managedClusters/readme.md b/arm/Microsoft.ContainerService/managedClusters/readme.md index 4fa5116d3b..6c14dc146b 100644 --- a/arm/Microsoft.ContainerService/managedClusters/readme.md +++ b/arm/Microsoft.ContainerService/managedClusters/readme.md @@ -14,7 +14,7 @@ This module deploys Azure Kubernetes Cluster (AKS). | :-- | :-- | | `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | | `Microsoft.Authorization/roleAssignments` | [2021-04-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/roleAssignments) | -| `Microsoft.ContainerService/managedClusters` | [2022-01-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ContainerService/2022-01-01/managedClusters) | +| `Microsoft.ContainerService/managedClusters` | [2022-02-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ContainerService/2022-02-01/managedClusters) | | `Microsoft.ContainerService/managedClusters/agentPools` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.ContainerService/2021-08-01/managedClusters/agentPools) | | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | @@ -29,7 +29,7 @@ This module deploys Azure Kubernetes Cluster (AKS). **Conditional parameters** | Parameter Name | Type | Default Value | Description | | :-- | :-- | :-- | :-- | -| `appGatewayResourceId` | string | `''` | Specifies the resource ID of conected application gateway. Must be set if `ingressApplicationGatewayEnabled` is set to `true`. | +| `appGatewayResourceId` | string | `''` | Required if `ingressApplicationGatewayEnabled` is set to `true`. Specifies the resource ID of connected application gateway. | **Optional parameters** | Parameter Name | Type | Default Value | Allowed Values | Description |