diff --git a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json index d28a0910d86..b6b4b2045d8 100644 --- a/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json +++ b/src/aks-preview/azcli_aks_live_test/configs/cli_matrix_default.json @@ -8,9 +8,6 @@ "compatibility issue": [ "test_aks_nodepool_add_with_ossku" ], - "dependency breaking change": [ - "test_aks_byo_appgw_with_ingress_appgw_addon" - ], "need feature registration": [ "test_aks_create_enable_encryption", "test_aks_create_edge_zone", diff --git a/src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json b/src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json index 8ccfb39a5a1..ebb4fd26e25 100644 --- a/src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json +++ b/src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json @@ -9,9 +9,6 @@ "test_aks_nodepool_add_with_ossku", "test_aks_create_with_ossku" ], - "dependency breaking change": [ - "test_aks_byo_appgw_with_ingress_appgw_addon" - ], "need feature registration": [ "test_aks_create_with_gitops_addon", "test_aks_enable_addon_with_gitops", diff --git a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py index 35e0254b9cb..cf64dad93f3 100644 --- a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py +++ b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py @@ -366,7 +366,7 @@ def test_aks_byo_appgw_with_ingress_appgw_addon(self, resource_group, resource_g # create virtual network create_vnet = 'network vnet create --resource-group={resource_group} --name={vnet_name} ' \ - '--address-prefix 11.0.0.0/16 --subnet-name aks-subnet --subnet-prefix 11.0.0.0/24 -o json' + '--address-prefix 11.0.0.0/16 --subnet-name aks-subnet --subnet-prefix 11.0.0.0/24 -o json' vnet = self.cmd(create_vnet, checks=[ self.check('newVNet.provisioningState', 'Succeeded') ]).get_output_in_json() @@ -377,6 +377,14 @@ def test_aks_byo_appgw_with_ingress_appgw_addon(self, resource_group, resource_g self.check('provisioningState', 'Succeeded') ]) + # clean up nsg set by policy, otherwise would block creating appgw + update_subnet = 'network vnet subnet update -n appgw-subnet --resource-group={resource_group} --vnet-name {vnet_name} ' \ + '--nsg ""' + self.cmd(update_subnet, checks=[ + self.check('provisioningState', 'Succeeded'), + self.check('networkSecurityGroup', None), + ]) + vnet_id = vnet['newVNet']["id"] assert vnet_id is not None self.kwargs.update({ @@ -391,8 +399,9 @@ def test_aks_byo_appgw_with_ingress_appgw_addon(self, resource_group, resource_g ]) # create app gateway + # add priority since this is a mandatory parameter since 2021-08-01 API version for network operations create_appgw = 'network application-gateway create -n appgw -g {resource_group} ' \ - '--sku Standard_v2 --public-ip-address appgw-ip --subnet {vnet_id}/subnets/appgw-subnet' + '--sku Standard_v2 --public-ip-address appgw-ip --subnet {vnet_id}/subnets/appgw-subnet --priority 1001' self.cmd(create_appgw) # construct group id @@ -410,8 +419,8 @@ def test_aks_byo_appgw_with_ingress_appgw_addon(self, resource_group, resource_g # create aks cluster create_cmd = 'aks create -n {aks_name} -g {resource_group} --enable-managed-identity ' \ '--vnet-subnet-id {vnet_id}/subnets/aks-subnet ' \ - '-a ingress-appgw --appgw-id {appgw_id} ' \ - '--yes --ssh-key-value={ssh_key_value} -o json' + '-a ingress-appgw --appgw-id {appgw_id} --yes ' \ + '--ssh-key-value={ssh_key_value} -o json' aks_cluster = self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('addonProfiles.ingressApplicationGateway.enabled', True),