From 497fe4eb09750c7b33a4056de7a547e168788a07 Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 10:04:39 +0800 Subject: [PATCH 01/10] align api server validator with cli --- src/aks-preview/azext_aks_preview/_helpers.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/aks-preview/azext_aks_preview/_helpers.py b/src/aks-preview/azext_aks_preview/_helpers.py index f6329c24544..3e1ae1054ff 100644 --- a/src/aks-preview/azext_aks_preview/_helpers.py +++ b/src/aks-preview/azext_aks_preview/_helpers.py @@ -21,11 +21,15 @@ def _populate_api_server_access_profile(api_server_authorized_ip_ranges, instanc else: profile = instance.api_server_access_profile - if api_server_authorized_ip_ranges == "": + if api_server_authorized_ip_ranges is None or api_server_authorized_ip_ranges == "": authorized_ip_ranges = [] else: authorized_ip_ranges = [ip.strip() for ip in api_server_authorized_ip_ranges.split(",")] + if profile.enable_private_cluster and authorized_ip_ranges: + raise CLIError( + '--api-server-authorized-ip-ranges is not supported for private cluster') + profile.authorized_ip_ranges = authorized_ip_ranges return profile From ccf750eb000851de182431d55e6fee2fe6b69871 Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 10:07:28 +0800 Subject: [PATCH 02/10] backward compatibility --- src/aks-preview/azext_aks_preview/custom.py | 5 +++-- src/aks-preview/azext_aks_preview/decorator.py | 5 +++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/src/aks-preview/azext_aks_preview/custom.py b/src/aks-preview/azext_aks_preview/custom.py index a9e2347f8b7..8031f8ab009 100644 --- a/src/aks-preview/azext_aks_preview/custom.py +++ b/src/aks-preview/azext_aks_preview/custom.py @@ -81,8 +81,7 @@ ManagedClusterPodIdentity, ManagedClusterPodIdentityException, UserAssignedIdentity, - PowerState, - WindowsGmsaProfile) + PowerState) from ._client_factory import cf_resource_groups from ._client_factory import get_auth_management_client from ._client_factory import get_graph_rbac_management_client @@ -937,6 +936,7 @@ def aks_create(cmd, # pylint: disable=too-many-locals,too-many-statements,to license_type=windows_license_type) if enable_windows_gmsa: + from .vendored_sdks.azure_mgmt_preview_aks.v2021_09_01.models import WindowsGmsaProfile windows_profile.gmsa_profile = WindowsGmsaProfile( enabled=True) if gmsa_dns_server is not None and gmsa_root_domain_name is not None: @@ -1742,6 +1742,7 @@ def aks_update(cmd, # pylint: disable=too-many-statements,too-many-branches, instance.windows_profile.admin_password = windows_admin_password if enable_windows_gmsa: + from .vendored_sdks.azure_mgmt_preview_aks.v2021_09_01.models import WindowsGmsaProfile instance.windows_profile.gmsa_profile = WindowsGmsaProfile(enabled=True) if gmsa_dns_server is not None and gmsa_root_domain_name is not None: instance.windows_profile.gmsa_profile.dns_server = gmsa_dns_server diff --git a/src/aks-preview/azext_aks_preview/decorator.py b/src/aks-preview/azext_aks_preview/decorator.py index 1876ffd3b1c..0db2ed46b7d 100644 --- a/src/aks-preview/azext_aks_preview/decorator.py +++ b/src/aks-preview/azext_aks_preview/decorator.py @@ -216,6 +216,7 @@ def get_workload_runtime(self) -> Union[str, None]: ) if ( agent_pool_profile and + hasattr(agent_pool_profile, "workload_runtime") and # backward compatibility agent_pool_profile.workload_runtime is not None ): workload_runtime = agent_pool_profile.workload_runtime @@ -238,6 +239,7 @@ def get_gpu_instance_profile(self) -> Union[str, None]: ) if ( agent_pool_profile and + hasattr(agent_pool_profile, "gpu_instance_profile") and # backward compatibility agent_pool_profile.gpu_instance_profile is not None ): gpu_instance_profile = agent_pool_profile.gpu_instance_profile @@ -756,6 +758,7 @@ def _get_enable_windows_gmsa(self, enable_validation: bool = False, **kwargs) -> if ( self.mc and self.mc.windows_profile and + hasattr(self.mc.windows_profile, "gmsa_profile") and # backward compatibility self.mc.windows_profile.gmsa_profile and self.mc.windows_profile.gmsa_profile.enabled is not None ): @@ -806,6 +809,7 @@ def _get_gmsa_dns_server_and_root_domain_name(self, enable_validation: bool = Fa if ( self.mc and self.mc.windows_profile and + hasattr(self.mc.windows_profile, "gmsa_profile") and # backward compatibility self.mc.windows_profile.gmsa_profile and self.mc.windows_profile.gmsa_profile.dns_server is not None ): @@ -820,6 +824,7 @@ def _get_gmsa_dns_server_and_root_domain_name(self, enable_validation: bool = Fa if ( self.mc and self.mc.windows_profile and + hasattr(self.mc.windows_profile, "gmsa_profile") and # backward compatibility self.mc.windows_profile.gmsa_profile and self.mc.windows_profile.gmsa_profile.root_domain_name is not None ): From 541e88c7a687ce393c5aa7fd40dd61c97f710719 Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 10:10:29 +0800 Subject: [PATCH 03/10] remove aks browse in aks-preview --- src/aks-preview/azext_aks_preview/commands.py | 1 - 1 file changed, 1 deletion(-) diff --git a/src/aks-preview/azext_aks_preview/commands.py b/src/aks-preview/azext_aks_preview/commands.py index a65cb7b3900..0509a6b792c 100644 --- a/src/aks-preview/azext_aks_preview/commands.py +++ b/src/aks-preview/azext_aks_preview/commands.py @@ -51,7 +51,6 @@ def load_command_table(self, _): with self.command_group('aks', managed_clusters_sdk, client_factory=cf_managed_clusters) as g: g.custom_command('kollect', 'aks_kollect') g.custom_command('kanalyze', 'aks_kanalyze') - g.custom_command('browse', 'aks_browse') g.custom_command('create', 'aks_create', supports_no_wait=True) g.custom_command('update', 'aks_update', supports_no_wait=True) g.custom_command('scale', 'aks_scale', supports_no_wait=True) From 91a411f37f52a97ea6bbb9a36c41577ecddf34ec Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 10:10:44 +0800 Subject: [PATCH 04/10] add support for --edge-zone --- src/aks-preview/azext_aks_preview/_params.py | 3 ++- src/aks-preview/azext_aks_preview/custom.py | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/aks-preview/azext_aks_preview/_params.py b/src/aks-preview/azext_aks_preview/_params.py index 1ba2efc837f..ae2ee8faa03 100644 --- a/src/aks-preview/azext_aks_preview/_params.py +++ b/src/aks-preview/azext_aks_preview/_params.py @@ -10,7 +10,7 @@ from argcomplete.completers import FilesCompleter from azure.cli.core.commands.parameters import ( - file_type, get_resource_name_completion_list, get_three_state_flag, name_type, tags_type, zones_type, get_enum_type) + file_type, get_resource_name_completion_list, get_three_state_flag, name_type, tags_type, zones_type, edge_zone_type, get_enum_type) from knack.arguments import CLIArgumentType from ._completers import ( @@ -75,6 +75,7 @@ def load_arguments(self, _): c.argument('aad_tenant_id') c.argument('dns_service_ip') c.argument('docker_bridge_address') + c.argument('edge_zone', edge_zone_type) c.argument('load_balancer_sku', type=str, validator=validate_load_balancer_sku) c.argument('load_balancer_managed_outbound_ip_count', type=int) c.argument('load_balancer_outbound_ips', type=str, validator=validate_load_balancer_outbound_ips) diff --git a/src/aks-preview/azext_aks_preview/custom.py b/src/aks-preview/azext_aks_preview/custom.py index 8031f8ab009..5b0b0164c02 100644 --- a/src/aks-preview/azext_aks_preview/custom.py +++ b/src/aks-preview/azext_aks_preview/custom.py @@ -816,6 +816,7 @@ def aks_create(cmd, # pylint: disable=too-many-locals,too-many-statements,to enable_pod_identity_with_kubenet=False, enable_encryption_at_host=False, enable_ultra_ssd=False, + edge_zone=None, enable_secret_rotation=False, rotation_poll_interval=None, disable_local_accounts=False, From bdc11a5bd852b0c78396f2a9493d15bb63b69069 Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 11:38:39 +0800 Subject: [PATCH 05/10] Trigger Build From ca255631223614b4aae0ac552257e6d5d33604e4 Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 13:17:29 +0800 Subject: [PATCH 06/10] Trigger Build From e229fb5776a74a126ddc5e2134a26633c58a8486 Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 13:58:36 +0800 Subject: [PATCH 07/10] Trigger Build From e4a19b861d64806d4ca197528a5681106cce0bfb Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 14:06:56 +0800 Subject: [PATCH 08/10] Trigger Build From b8f09070a8b2aa3b0aca338ae4f31c02b36418da Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 14:29:55 +0800 Subject: [PATCH 09/10] update error type --- src/aks-preview/azext_aks_preview/_helpers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/aks-preview/azext_aks_preview/_helpers.py b/src/aks-preview/azext_aks_preview/_helpers.py index 3e1ae1054ff..275fde134b4 100644 --- a/src/aks-preview/azext_aks_preview/_helpers.py +++ b/src/aks-preview/azext_aks_preview/_helpers.py @@ -27,7 +27,7 @@ def _populate_api_server_access_profile(api_server_authorized_ip_ranges, instanc authorized_ip_ranges = [ip.strip() for ip in api_server_authorized_ip_ranges.split(",")] if profile.enable_private_cluster and authorized_ip_ranges: - raise CLIError( + raise ArgumentUsageError ( '--api-server-authorized-ip-ranges is not supported for private cluster') profile.authorized_ip_ranges = authorized_ip_ranges From 8e50a32e4f07166037d43862f6a6b260df53f338 Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Mon, 1 Nov 2021 14:37:33 +0800 Subject: [PATCH 10/10] fix lint --- src/aks-preview/azext_aks_preview/_helpers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/aks-preview/azext_aks_preview/_helpers.py b/src/aks-preview/azext_aks_preview/_helpers.py index 275fde134b4..9577c7a4b30 100644 --- a/src/aks-preview/azext_aks_preview/_helpers.py +++ b/src/aks-preview/azext_aks_preview/_helpers.py @@ -27,7 +27,7 @@ def _populate_api_server_access_profile(api_server_authorized_ip_ranges, instanc authorized_ip_ranges = [ip.strip() for ip in api_server_authorized_ip_ranges.split(",")] if profile.enable_private_cluster and authorized_ip_ranges: - raise ArgumentUsageError ( + raise ArgumentUsageError( '--api-server-authorized-ip-ranges is not supported for private cluster') profile.authorized_ip_ranges = authorized_ip_ranges