diff --git a/linter_exclusions.yml b/linter_exclusions.yml index 45ba2e500d2..16add8016a6 100644 --- a/linter_exclusions.yml +++ b/linter_exclusions.yml @@ -118,6 +118,9 @@ aks update: load_balancer_outbound_ports: rule_exclusions: - option_length_too_long + enable_managed_identity: + rule_exclusions: + - option_length_too_long batch job create: parameters: job_manager_task_command_line: diff --git a/src/aks-preview/azext_aks_preview/_help.py b/src/aks-preview/azext_aks_preview/_help.py index 9f8f8c7dd74..a3636964c3d 100644 --- a/src/aks-preview/azext_aks_preview/_help.py +++ b/src/aks-preview/azext_aks_preview/_help.py @@ -8,8 +8,10 @@ from knack.help_files import helps -ACS_SERVICE_PRINCIPAL_CACHE = os.path.join('$HOME', '.azure', 'acsServicePrincipal.json') -AKS_SERVICE_PRINCIPAL_CACHE = os.path.join('$HOME', '.azure', 'aksServicePrincipal.json') +ACS_SERVICE_PRINCIPAL_CACHE = os.path.join( + '$HOME', '.azure', 'acsServicePrincipal.json') +AKS_SERVICE_PRINCIPAL_CACHE = os.path.join( + '$HOME', '.azure', 'aksServicePrincipal.json') # AKS command help helps['aks create'] = """ @@ -397,6 +399,12 @@ - name: --aks-custom-headers type: string short-summary: Send custom headers. When specified, format should be Key1=Value1,Key2=Value2 + - name: --enable-managed-identity + type: bool + short-summary: (PREVIEW) Update current cluster to managed identity to manage cluster resource group. + - name: --assign-identity + type: string + short-summary: (PREVIEW) Specify an existing user assigned identity to manage cluster resource group. examples: - name: Enable cluster-autoscaler within node count range [1,5] text: az aks update --enable-cluster-autoscaler --min-count 1 --max-count 5 -g MyResourceGroup -n MyManagedCluster @@ -430,6 +438,10 @@ text: az aks update -g MyResourceGroup -n MyManagedCluster --enable-ahub - name: Disable Azure Hybrid User Benefits featture for a kubernetes cluster. text: az aks update -g MyResourceGroup -n MyManagedCluster --disable-ahub + - name: Update the cluster to use system assigned managed identity in control plane. + text: az aks update -g MyResourceGroup -n MyManagedCluster --enable-managed-identity + - name: Update the cluster to use user assigned managed identity in control plane. + text: az aks update -g MyResourceGroup -n MyManagedCluster --enable-managed-identity --assign-identity """ helps['aks kollect'] = """ diff --git a/src/aks-preview/azext_aks_preview/_params.py b/src/aks-preview/azext_aks_preview/_params.py index c8ededb7b28..cf439e0f476 100644 --- a/src/aks-preview/azext_aks_preview/_params.py +++ b/src/aks-preview/azext_aks_preview/_params.py @@ -128,6 +128,9 @@ def load_arguments(self, _): c.argument('attach_acr', acr_arg_type, validator=validate_acr) c.argument('detach_acr', acr_arg_type, validator=validate_acr) c.argument('aks_custom_headers') + c.argument('enable_managed_identity', action='store_true') + c.argument('assign_identity', type=str, validator=validate_assign_identity) + c.argument('yes', options_list=['--yes', '-y'], help='Do not prompt for confirmation.', action='store_true') with self.argument_context('aks scale') as c: c.argument('nodepool_name', type=str, diff --git a/src/aks-preview/azext_aks_preview/custom.py b/src/aks-preview/azext_aks_preview/custom.py index 99bbe9ebeb2..58572b3d990 100755 --- a/src/aks-preview/azext_aks_preview/custom.py +++ b/src/aks-preview/azext_aks_preview/custom.py @@ -1221,7 +1221,10 @@ def aks_update(cmd, # pylint: disable=too-many-statements,too-many-branches, aad_admin_group_object_ids=None, enable_ahub=False, disable_ahub=False, - aks_custom_headers=None): + aks_custom_headers=None, + enable_managed_identity=False, + assign_identity=None, + yes=False): update_autoscaler = enable_cluster_autoscaler or disable_cluster_autoscaler or update_cluster_autoscaler update_acr = attach_acr is not None or detach_acr is not None update_pod_security = enable_pod_security_policy or disable_pod_security_policy @@ -1243,7 +1246,9 @@ def aks_update(cmd, # pylint: disable=too-many-statements,too-many-branches, not enable_aad and \ not update_aad_profile and \ not enable_ahub and \ - not disable_ahub: + not disable_ahub and \ + not enable_managed_identity and \ + not assign_identity: raise CLIError('Please specify "--enable-cluster-autoscaler" or ' '"--disable-cluster-autoscaler" or ' '"--update-cluster-autoscaler" or ' @@ -1261,7 +1266,8 @@ def aks_update(cmd, # pylint: disable=too-many-statements,too-many-branches, '"--aad-tenant-id" or ' '"--aad-admin-group-object-ids" or ' '"--enable-ahub" or ' - '"--disable-ahub"') + '"--disable-ahub" or' + '"--enable-managed-identity"') instance = client.get(resource_group_name, name) @@ -1397,6 +1403,46 @@ def aks_update(cmd, # pylint: disable=too-many-statements,too-many-branches, if disable_ahub: instance.windows_profile.license_type = 'None' + if not enable_managed_identity and assign_identity: + raise CLIError('--assign-identity can only be specified when --enable-managed-identity is specified') + + current_identity_type = "spn" + if instance.identity is not None: + current_identity_type = instance.identity.type.casefold() + + goal_identity_type = current_identity_type + if enable_managed_identity: + if not assign_identity: + goal_identity_type = "systemassigned" + else: + goal_identity_type = "userassigned" + + if current_identity_type != goal_identity_type: + from knack.prompting import prompt_y_n + msg = "" + if current_identity_type == "spn": + msg = ('Your cluster is using service principal, and you are going to update the cluster to use {} managed identity.\n' + 'After updating, your cluster\'s control plane and addon pods will switch to use managed identity, but kubelet ' + 'will KEEP USING SERVICE PRINCIPAL until you upgrade your agentpool.\n ' + 'Are you sure you want to perform this operation?').format(goal_identity_type) + else: + msg = ('Your cluster is already using {} managed identity, and you are going to update the cluster to use {} managed identity. \n' + 'Are you sure you want to perform this operation?').format(current_identity_type, goal_identity_type) + if not yes and not prompt_y_n(msg, default="n"): + return None + if goal_identity_type == "systemassigned": + instance.identity = ManagedClusterIdentity( + type="SystemAssigned" + ) + elif goal_identity_type == "userassigned": + user_assigned_identity = { + assign_identity: ManagedClusterIdentityUserAssignedIdentitiesValue() + } + instance.identity = ManagedClusterIdentity( + type="UserAssigned", + user_assigned_identities=user_assigned_identity + ) + headers = get_aks_custom_headers(aks_custom_headers) return sdk_no_wait(no_wait, client.create_or_update, resource_group_name, name, instance, custom_headers=headers) diff --git a/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_update_to_msi_cluster.yaml b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_update_to_msi_cluster.yaml new file mode 100644 index 00000000000..8cdb4ec0f4d --- /dev/null +++ b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_update_to_msi_cluster.yaml @@ -0,0 +1,1028 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-resource/10.2.0 Azure-SDK-For-Python AZURECLI/2.14.2 + accept-language: + - en-US + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001?api-version=2020-06-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001","name":"clitest000001","type":"Microsoft.Resources/resourceGroups","location":"westeurope","tags":{"product":"azurecli","cause":"automation","date":"2020-11-10T10:56:14Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '316' + content-type: + - application/json; charset=utf-8 + date: + - Tue, 10 Nov 2020 10:56:15 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "westeurope", "properties": {"kubernetesVersion": "", "dnsPrefix": + "cliakstest-clitestaiij3t3zl-8ecadf", "agentPoolProfiles": [{"count": 3, "vmSize": + "Standard_DS2_v2", "osType": "Linux", "type": "VirtualMachineScaleSets", "mode": + "System", "enableNodePublicIP": false, "scaleSetPriority": "Regular", "scaleSetEvictionPolicy": + "Delete", "name": "nodepool1"}], "linuxProfile": {"adminUsername": "azureuser", + "ssh": {"publicKeys": [{"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSlNNOwMw6aHvdkhUaMmfkjt19xPFa162alrqWaTFan0f864FGHVcSvXUvRBLeRj+x2RMlqr1TR6y73x07vqbaVApfssn52ROE3eKoX2cmez+EMaM19n2BzQLhr1lR/LkixeCM03/hYb3j16uaYeZ+zY060RdnVmPWVhslRRXmst+8cD3EXUkxdzmUa+J03nLyO8nqfCTKUltePz0FQ4IymD8ewa+sWgUlRKBwgoUBh35BFRAGq//OXuHFw6sowEIxwb5KSar4c2SHcewbSbuVFpWR7uhpYLXPJoISeASejQ4nfg+DlIbIf6mNwnLcqrHy6bwmwYeS36TUMHoxbCa7"}]}}, + "servicePrincipalProfile": {"clientId": "2906d251-a2c2-44cc-ad82-c2575bd21a47", + "secret": "7090759e9a18edda4b80$"}, "addonProfiles": {}, "enableRBAC": true, + "enablePodSecurityPolicy": false, "networkProfile": {"networkPlugin": "kubenet", + "podCidr": "10.244.0.0/16", "serviceCidr": "10.0.0.0/16", "dnsServiceIP": "10.0.0.10", + "dockerBridgeCidr": "172.17.0.1/16", "outboundType": "loadBalancer", "loadBalancerSku": + "standard"}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + Content-Length: + - '1269' + Content-Type: + - application/json; charset=utf-8 + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + accept-language: + - en-US + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2020-09-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\"\ + ,\n \"location\": \"westeurope\",\n \"name\": \"cliakstest000002\",\n \"\ + type\": \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\"\ + : {\n \"provisioningState\": \"Creating\",\n \"powerState\": {\n \"\ + code\": \"Running\"\n },\n \"kubernetesVersion\": \"1.17.13\",\n \"\ + dnsPrefix\": \"cliakstest-clitestaiij3t3zl-8ecadf\",\n \"fqdn\": \"cliakstest-clitestaiij3t3zl-8ecadf-41ea7141.hcp.westeurope.azmk8s.io\"\ + ,\n \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \ + \ \"count\": 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\"\ + : 128,\n \"osDiskType\": \"Managed\",\n \"maxPods\": 110,\n \"\ + type\": \"VirtualMachineScaleSets\",\n \"provisioningState\": \"Creating\"\ + ,\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\"\ + : \"1.17.13\",\n \"enableNodePublicIP\": false,\n \"nodeLabels\":\ + \ {},\n \"mode\": \"System\",\n \"osType\": \"Linux\",\n \"nodeImageVersion\"\ + : \"AKSUbuntu-1604-2020.10.28\"\n }\n ],\n \"linuxProfile\": {\n \ + \ \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\"\ + : [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSlNNOwMw6aHvdkhUaMmfkjt19xPFa162alrqWaTFan0f864FGHVcSvXUvRBLeRj+x2RMlqr1TR6y73x07vqbaVApfssn52ROE3eKoX2cmez+EMaM19n2BzQLhr1lR/LkixeCM03/hYb3j16uaYeZ+zY060RdnVmPWVhslRRXmst+8cD3EXUkxdzmUa+J03nLyO8nqfCTKUltePz0FQ4IymD8ewa+sWgUlRKBwgoUBh35BFRAGq//OXuHFw6sowEIxwb5KSar4c2SHcewbSbuVFpWR7uhpYLXPJoISeASejQ4nfg+DlIbIf6mNwnLcqrHy6bwmwYeS36TUMHoxbCa7\"\ + \n }\n ]\n }\n },\n \"servicePrincipalProfile\": {\n \"\ + clientId\": \"2906d251-a2c2-44cc-ad82-c2575bd21a47\"\n },\n \"addonProfiles\"\ + : {\n \"KubeDashboard\": {\n \"enabled\": true,\n \"config\": null\n\ + \ }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westeurope\"\ + ,\n \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"\ + networkProfile\": {\n \"networkPlugin\": \"kubenet\",\n \"loadBalancerSku\"\ + : \"standard\",\n \"loadBalancerProfile\": {\n \"managedOutboundIPs\"\ + : {\n \"count\": 1\n }\n },\n \"podCidr\": \"10.244.0.0/16\"\ + ,\n \"serviceCidr\": \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\"\ + ,\n \"dockerBridgeCidr\": \"172.17.0.1/16\",\n \"outboundType\": \"\ + loadBalancer\"\n },\n \"maxAgentPools\": 100\n },\n \"sku\": {\n \"\ + name\": \"Basic\",\n \"tier\": \"Free\"\n }\n }" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/d5e82d11-0cb8-49a5-9bfb-994af459040d?api-version=2017-08-31 + cache-control: + - no-cache + content-length: + - '2377' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:56:23 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/d5e82d11-0cb8-49a5-9bfb-994af459040d?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"112de8d5-b80c-a549-9bfb-994af459040d\",\n \"status\"\ + : \"InProgress\",\n \"startTime\": \"2020-11-10T10:56:22.418245Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:56:55 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/d5e82d11-0cb8-49a5-9bfb-994af459040d?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"112de8d5-b80c-a549-9bfb-994af459040d\",\n \"status\"\ + : \"InProgress\",\n \"startTime\": \"2020-11-10T10:56:22.418245Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:57:25 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/d5e82d11-0cb8-49a5-9bfb-994af459040d?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"112de8d5-b80c-a549-9bfb-994af459040d\",\n \"status\"\ + : \"InProgress\",\n \"startTime\": \"2020-11-10T10:56:22.418245Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:57:56 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/d5e82d11-0cb8-49a5-9bfb-994af459040d?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"112de8d5-b80c-a549-9bfb-994af459040d\",\n \"status\"\ + : \"InProgress\",\n \"startTime\": \"2020-11-10T10:56:22.418245Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:58:26 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/d5e82d11-0cb8-49a5-9bfb-994af459040d?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"112de8d5-b80c-a549-9bfb-994af459040d\",\n \"status\"\ + : \"InProgress\",\n \"startTime\": \"2020-11-10T10:56:22.418245Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:58:57 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/d5e82d11-0cb8-49a5-9bfb-994af459040d?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"112de8d5-b80c-a549-9bfb-994af459040d\",\n \"status\"\ + : \"InProgress\",\n \"startTime\": \"2020-11-10T10:56:22.418245Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:59:27 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/d5e82d11-0cb8-49a5-9bfb-994af459040d?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"112de8d5-b80c-a549-9bfb-994af459040d\",\n \"status\"\ + : \"Succeeded\",\n \"startTime\": \"2020-11-10T10:56:22.418245Z\",\n \"\ + endTime\": \"2020-11-10T10:59:47.9351319Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '169' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:59:58 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --generate-ssh-keys + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2020-09-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\"\ + ,\n \"location\": \"westeurope\",\n \"name\": \"cliakstest000002\",\n \"\ + type\": \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\"\ + : {\n \"provisioningState\": \"Succeeded\",\n \"powerState\": {\n \"\ + code\": \"Running\"\n },\n \"kubernetesVersion\": \"1.17.13\",\n \"\ + dnsPrefix\": \"cliakstest-clitestaiij3t3zl-8ecadf\",\n \"fqdn\": \"cliakstest-clitestaiij3t3zl-8ecadf-41ea7141.hcp.westeurope.azmk8s.io\"\ + ,\n \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \ + \ \"count\": 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\"\ + : 128,\n \"osDiskType\": \"Managed\",\n \"maxPods\": 110,\n \"\ + type\": \"VirtualMachineScaleSets\",\n \"provisioningState\": \"Succeeded\"\ + ,\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\"\ + : \"1.17.13\",\n \"enableNodePublicIP\": false,\n \"nodeLabels\":\ + \ {},\n \"mode\": \"System\",\n \"osType\": \"Linux\",\n \"nodeImageVersion\"\ + : \"AKSUbuntu-1604-2020.10.28\"\n }\n ],\n \"linuxProfile\": {\n \ + \ \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\"\ + : [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSlNNOwMw6aHvdkhUaMmfkjt19xPFa162alrqWaTFan0f864FGHVcSvXUvRBLeRj+x2RMlqr1TR6y73x07vqbaVApfssn52ROE3eKoX2cmez+EMaM19n2BzQLhr1lR/LkixeCM03/hYb3j16uaYeZ+zY060RdnVmPWVhslRRXmst+8cD3EXUkxdzmUa+J03nLyO8nqfCTKUltePz0FQ4IymD8ewa+sWgUlRKBwgoUBh35BFRAGq//OXuHFw6sowEIxwb5KSar4c2SHcewbSbuVFpWR7uhpYLXPJoISeASejQ4nfg+DlIbIf6mNwnLcqrHy6bwmwYeS36TUMHoxbCa7\"\ + \n }\n ]\n }\n },\n \"servicePrincipalProfile\": {\n \"\ + clientId\": \"2906d251-a2c2-44cc-ad82-c2575bd21a47\"\n },\n \"addonProfiles\"\ + : {\n \"KubeDashboard\": {\n \"enabled\": true,\n \"config\": null\n\ + \ }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westeurope\"\ + ,\n \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"\ + networkProfile\": {\n \"networkPlugin\": \"kubenet\",\n \"loadBalancerSku\"\ + : \"Standard\",\n \"loadBalancerProfile\": {\n \"managedOutboundIPs\"\ + : {\n \"count\": 1\n },\n \"effectiveOutboundIPs\": [\n \ + \ {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westeurope/providers/Microsoft.Network/publicIPAddresses/84e2a8f1-8580-4b62-8df1-93e923283b7c\"\ + \n }\n ]\n },\n \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\"\ + : \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\",\n \"dockerBridgeCidr\"\ + : \"172.17.0.1/16\",\n \"outboundType\": \"loadBalancer\"\n },\n \"\ + maxAgentPools\": 100\n },\n \"sku\": {\n \"name\": \"Basic\",\n \"tier\"\ + : \"Free\"\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '2648' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 10:59:58 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-managed-identity --yes + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + accept-language: + - en-US + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2020-09-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\"\ + ,\n \"location\": \"westeurope\",\n \"name\": \"cliakstest000002\",\n \"\ + type\": \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\"\ + : {\n \"provisioningState\": \"Succeeded\",\n \"powerState\": {\n \"\ + code\": \"Running\"\n },\n \"kubernetesVersion\": \"1.17.13\",\n \"\ + dnsPrefix\": \"cliakstest-clitestaiij3t3zl-8ecadf\",\n \"fqdn\": \"cliakstest-clitestaiij3t3zl-8ecadf-41ea7141.hcp.westeurope.azmk8s.io\"\ + ,\n \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \ + \ \"count\": 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\"\ + : 128,\n \"osDiskType\": \"Managed\",\n \"maxPods\": 110,\n \"\ + type\": \"VirtualMachineScaleSets\",\n \"provisioningState\": \"Succeeded\"\ + ,\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\"\ + : \"1.17.13\",\n \"enableNodePublicIP\": false,\n \"nodeLabels\":\ + \ {},\n \"mode\": \"System\",\n \"osType\": \"Linux\",\n \"nodeImageVersion\"\ + : \"AKSUbuntu-1604-2020.10.28\"\n }\n ],\n \"linuxProfile\": {\n \ + \ \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\"\ + : [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSlNNOwMw6aHvdkhUaMmfkjt19xPFa162alrqWaTFan0f864FGHVcSvXUvRBLeRj+x2RMlqr1TR6y73x07vqbaVApfssn52ROE3eKoX2cmez+EMaM19n2BzQLhr1lR/LkixeCM03/hYb3j16uaYeZ+zY060RdnVmPWVhslRRXmst+8cD3EXUkxdzmUa+J03nLyO8nqfCTKUltePz0FQ4IymD8ewa+sWgUlRKBwgoUBh35BFRAGq//OXuHFw6sowEIxwb5KSar4c2SHcewbSbuVFpWR7uhpYLXPJoISeASejQ4nfg+DlIbIf6mNwnLcqrHy6bwmwYeS36TUMHoxbCa7\"\ + \n }\n ]\n }\n },\n \"servicePrincipalProfile\": {\n \"\ + clientId\": \"2906d251-a2c2-44cc-ad82-c2575bd21a47\"\n },\n \"addonProfiles\"\ + : {\n \"KubeDashboard\": {\n \"enabled\": true,\n \"config\": null\n\ + \ }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westeurope\"\ + ,\n \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"\ + networkProfile\": {\n \"networkPlugin\": \"kubenet\",\n \"loadBalancerSku\"\ + : \"Standard\",\n \"loadBalancerProfile\": {\n \"managedOutboundIPs\"\ + : {\n \"count\": 1\n },\n \"effectiveOutboundIPs\": [\n \ + \ {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westeurope/providers/Microsoft.Network/publicIPAddresses/84e2a8f1-8580-4b62-8df1-93e923283b7c\"\ + \n }\n ]\n },\n \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\"\ + : \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\",\n \"dockerBridgeCidr\"\ + : \"172.17.0.1/16\",\n \"outboundType\": \"loadBalancer\"\n },\n \"\ + maxAgentPools\": 100\n },\n \"sku\": {\n \"name\": \"Basic\",\n \"tier\"\ + : \"Free\"\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '2648' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 11:00:00 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "westeurope", "properties": {"kubernetesVersion": "1.17.13", + "dnsPrefix": "cliakstest-clitestaiij3t3zl-8ecadf", "agentPoolProfiles": [{"count": + 3, "vmSize": "Standard_DS2_v2", "osDiskSizeGB": 128, "osDiskType": "Managed", + "maxPods": 110, "osType": "Linux", "type": "VirtualMachineScaleSets", "mode": + "System", "orchestratorVersion": "1.17.13", "enableNodePublicIP": false, "nodeLabels": + {}, "name": "nodepool1"}], "linuxProfile": {"adminUsername": "azureuser", "ssh": + {"publicKeys": [{"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSlNNOwMw6aHvdkhUaMmfkjt19xPFa162alrqWaTFan0f864FGHVcSvXUvRBLeRj+x2RMlqr1TR6y73x07vqbaVApfssn52ROE3eKoX2cmez+EMaM19n2BzQLhr1lR/LkixeCM03/hYb3j16uaYeZ+zY060RdnVmPWVhslRRXmst+8cD3EXUkxdzmUa+J03nLyO8nqfCTKUltePz0FQ4IymD8ewa+sWgUlRKBwgoUBh35BFRAGq//OXuHFw6sowEIxwb5KSar4c2SHcewbSbuVFpWR7uhpYLXPJoISeASejQ4nfg+DlIbIf6mNwnLcqrHy6bwmwYeS36TUMHoxbCa7"}]}}, + "servicePrincipalProfile": {"clientId": "2906d251-a2c2-44cc-ad82-c2575bd21a47"}, + "addonProfiles": {"KubeDashboard": {"enabled": true}}, "nodeResourceGroup": + "MC_clitest000001_cliakstest000002_westeurope", "enableRBAC": true, "enablePodSecurityPolicy": + false, "networkProfile": {"networkPlugin": "kubenet", "podCidr": "10.244.0.0/16", + "serviceCidr": "10.0.0.0/16", "dnsServiceIP": "10.0.0.10", "dockerBridgeCidr": + "172.17.0.1/16", "outboundType": "loadBalancer", "loadBalancerSku": "Standard", + "loadBalancerProfile": {"managedOutboundIPs": {"count": 1}, "effectiveOutboundIPs": + [{"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westeurope/providers/Microsoft.Network/publicIPAddresses/84e2a8f1-8580-4b62-8df1-93e923283b7c"}]}}}, + "identity": {"type": "SystemAssigned"}, "sku": {"name": "Basic", "tier": "Free"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + Content-Length: + - '1774' + Content-Type: + - application/json; charset=utf-8 + ParameterSetName: + - --resource-group --name --enable-managed-identity --yes + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + accept-language: + - en-US + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2020-09-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\"\ + ,\n \"location\": \"westeurope\",\n \"name\": \"cliakstest000002\",\n \"\ + type\": \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\"\ + : {\n \"provisioningState\": \"Updating\",\n \"powerState\": {\n \"\ + code\": \"Running\"\n },\n \"kubernetesVersion\": \"1.17.13\",\n \"\ + dnsPrefix\": \"cliakstest-clitestaiij3t3zl-8ecadf\",\n \"fqdn\": \"cliakstest-clitestaiij3t3zl-8ecadf-41ea7141.hcp.westeurope.azmk8s.io\"\ + ,\n \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \ + \ \"count\": 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\"\ + : 128,\n \"osDiskType\": \"Managed\",\n \"maxPods\": 110,\n \"\ + type\": \"VirtualMachineScaleSets\",\n \"provisioningState\": \"Updating\"\ + ,\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\"\ + : \"1.17.13\",\n \"enableNodePublicIP\": false,\n \"nodeLabels\":\ + \ {},\n \"mode\": \"System\",\n \"osType\": \"Linux\",\n \"nodeImageVersion\"\ + : \"AKSUbuntu-1604-2020.10.28\"\n }\n ],\n \"linuxProfile\": {\n \ + \ \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\"\ + : [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSlNNOwMw6aHvdkhUaMmfkjt19xPFa162alrqWaTFan0f864FGHVcSvXUvRBLeRj+x2RMlqr1TR6y73x07vqbaVApfssn52ROE3eKoX2cmez+EMaM19n2BzQLhr1lR/LkixeCM03/hYb3j16uaYeZ+zY060RdnVmPWVhslRRXmst+8cD3EXUkxdzmUa+J03nLyO8nqfCTKUltePz0FQ4IymD8ewa+sWgUlRKBwgoUBh35BFRAGq//OXuHFw6sowEIxwb5KSar4c2SHcewbSbuVFpWR7uhpYLXPJoISeASejQ4nfg+DlIbIf6mNwnLcqrHy6bwmwYeS36TUMHoxbCa7\"\ + \n }\n ]\n }\n },\n \"servicePrincipalProfile\": {\n \"\ + clientId\": \"msi\"\n },\n \"addonProfiles\": {\n \"KubeDashboard\"\ + : {\n \"enabled\": true,\n \"config\": null\n }\n },\n \"nodeResourceGroup\"\ + : \"MC_clitest000001_cliakstest000002_westeurope\",\n \"enableRBAC\": true,\n\ + \ \"enablePodSecurityPolicy\": false,\n \"networkProfile\": {\n \"\ + networkPlugin\": \"kubenet\",\n \"loadBalancerSku\": \"Standard\",\n \ + \ \"loadBalancerProfile\": {\n \"managedOutboundIPs\": {\n \"count\"\ + : 1\n },\n \"effectiveOutboundIPs\": [\n {\n \"id\": \"\ + /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westeurope/providers/Microsoft.Network/publicIPAddresses/84e2a8f1-8580-4b62-8df1-93e923283b7c\"\ + \n }\n ]\n },\n \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\"\ + : \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\",\n \"dockerBridgeCidr\"\ + : \"172.17.0.1/16\",\n \"outboundType\": \"loadBalancer\"\n },\n \"\ + maxAgentPools\": 100\n },\n \"identity\": {\n \"type\": \"SystemAssigned\"\ + ,\n \"principalId\": \"c274d261-0bd3-422e-b4eb-1d63e3c86107\",\n \"tenantId\"\ + : \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": {\n \"name\"\ + : \"Basic\",\n \"tier\": \"Free\"\n }\n }" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/2e9d179f-8954-4995-b28e-e5c44a1532bb?api-version=2017-08-31 + cache-control: + - no-cache + content-length: + - '2775' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 11:00:07 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-managed-identity --yes + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/2e9d179f-8954-4995-b28e-e5c44a1532bb?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"9f179d2e-5489-9549-b28e-e5c44a1532bb\",\n \"status\"\ + : \"InProgress\",\n \"startTime\": \"2020-11-10T11:00:05.4813941Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 11:00:37 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-managed-identity --yes + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/2e9d179f-8954-4995-b28e-e5c44a1532bb?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"9f179d2e-5489-9549-b28e-e5c44a1532bb\",\n \"status\"\ + : \"InProgress\",\n \"startTime\": \"2020-11-10T11:00:05.4813941Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 11:01:08 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-managed-identity --yes + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/2e9d179f-8954-4995-b28e-e5c44a1532bb?api-version=2017-08-31 + response: + body: + string: "{\n \"name\": \"9f179d2e-5489-9549-b28e-e5c44a1532bb\",\n \"status\"\ + : \"Succeeded\",\n \"startTime\": \"2020-11-10T11:00:05.4813941Z\",\n \"\ + endTime\": \"2020-11-10T11:01:20.8832719Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '170' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 11:01:39 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-managed-identity --yes + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/4.4.5 Azure-SDK-For-Python + AZURECLI/2.14.2 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2020-09-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\"\ + ,\n \"location\": \"westeurope\",\n \"name\": \"cliakstest000002\",\n \"\ + type\": \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\"\ + : {\n \"provisioningState\": \"Succeeded\",\n \"powerState\": {\n \"\ + code\": \"Running\"\n },\n \"kubernetesVersion\": \"1.17.13\",\n \"\ + dnsPrefix\": \"cliakstest-clitestaiij3t3zl-8ecadf\",\n \"fqdn\": \"cliakstest-clitestaiij3t3zl-8ecadf-41ea7141.hcp.westeurope.azmk8s.io\"\ + ,\n \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \ + \ \"count\": 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\"\ + : 128,\n \"osDiskType\": \"Managed\",\n \"maxPods\": 110,\n \"\ + type\": \"VirtualMachineScaleSets\",\n \"provisioningState\": \"Succeeded\"\ + ,\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\"\ + : \"1.17.13\",\n \"enableNodePublicIP\": false,\n \"nodeLabels\":\ + \ {},\n \"mode\": \"System\",\n \"osType\": \"Linux\",\n \"nodeImageVersion\"\ + : \"AKSUbuntu-1604-2020.10.28\"\n }\n ],\n \"linuxProfile\": {\n \ + \ \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\"\ + : [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSlNNOwMw6aHvdkhUaMmfkjt19xPFa162alrqWaTFan0f864FGHVcSvXUvRBLeRj+x2RMlqr1TR6y73x07vqbaVApfssn52ROE3eKoX2cmez+EMaM19n2BzQLhr1lR/LkixeCM03/hYb3j16uaYeZ+zY060RdnVmPWVhslRRXmst+8cD3EXUkxdzmUa+J03nLyO8nqfCTKUltePz0FQ4IymD8ewa+sWgUlRKBwgoUBh35BFRAGq//OXuHFw6sowEIxwb5KSar4c2SHcewbSbuVFpWR7uhpYLXPJoISeASejQ4nfg+DlIbIf6mNwnLcqrHy6bwmwYeS36TUMHoxbCa7\"\ + \n }\n ]\n }\n },\n \"servicePrincipalProfile\": {\n \"\ + clientId\": \"msi\"\n },\n \"addonProfiles\": {\n \"KubeDashboard\"\ + : {\n \"enabled\": true,\n \"config\": null,\n \"identity\": {\n\ + \ \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westeurope/providers/Microsoft.ManagedIdentity/userAssignedIdentities/kubedashboard-cliakstest000002\"\ + ,\n \"clientId\": \"80017832-5094-48d0-a825-4e02ce8764ae\",\n \"\ + objectId\": \"e52f575f-4802-4561-ada0-c1b57484947b\"\n }\n }\n },\n\ + \ \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westeurope\"\ + ,\n \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"\ + networkProfile\": {\n \"networkPlugin\": \"kubenet\",\n \"loadBalancerSku\"\ + : \"Standard\",\n \"loadBalancerProfile\": {\n \"managedOutboundIPs\"\ + : {\n \"count\": 1\n },\n \"effectiveOutboundIPs\": [\n \ + \ {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westeurope/providers/Microsoft.Network/publicIPAddresses/84e2a8f1-8580-4b62-8df1-93e923283b7c\"\ + \n }\n ]\n },\n \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\"\ + : \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\",\n \"dockerBridgeCidr\"\ + : \"172.17.0.1/16\",\n \"outboundType\": \"loadBalancer\"\n },\n \"\ + maxAgentPools\": 100,\n \"identityProfile\": {\n \"kubeletidentity\"\ + : {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westeurope/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cliakstest000002-agentpool\"\ + ,\n \"clientId\": \"39abaa79-76c3-4140-a87d-b7041422fbe4\",\n \"objectId\"\ + : \"fe0c31f2-80eb-4b45-881d-43283d28dc47\"\n }\n }\n },\n \"identity\"\ + : {\n \"type\": \"SystemAssigned\",\n \"principalId\": \"c274d261-0bd3-422e-b4eb-1d63e3c86107\"\ + ,\n \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\"\ + : {\n \"name\": \"Basic\",\n \"tier\": \"Free\"\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '3546' + content-type: + - application/json + date: + - Tue, 10 Nov 2020 11:01:40 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks delete + Connection: + - keep-alive + Content-Length: + - '0' + ParameterSetName: + - -g -n --yes --no-wait + User-Agent: + - python/3.6.9 (Linux-5.0.0-1035-azure-x86_64-with-Ubuntu-18.04-bionic) msrest/0.6.11 + msrest_azure/0.6.3 azure-mgmt-containerservice/9.4.0 Azure-SDK-For-Python + AZURECLI/2.14.2 + accept-language: + - en-US + method: DELETE + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2020-09-01 + response: + body: + string: '' + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operations/e2a6e8d9-3916-4a26-a757-8b1440aff3b1?api-version=2017-08-31 + cache-control: + - no-cache + content-length: + - '0' + date: + - Tue, 10 Nov 2020 11:01:41 GMT + expires: + - '-1' + location: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westeurope/operationresults/e2a6e8d9-3916-4a26-a757-8b1440aff3b1?api-version=2017-08-31 + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-deletes: + - '14999' + status: + code: 202 + message: Accepted +version: 1 diff --git a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py index 769de7d1408..a865157100a 100644 --- a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py +++ b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py @@ -16,11 +16,13 @@ class AzureKubernetesServiceScenarioTest(ScenarioTest): def test_get_version(self): versions_cmd = 'aks get-versions -l westus2' self.cmd(versions_cmd, checks=[ - self.check('type', 'Microsoft.ContainerService/locations/orchestrators'), + self.check( + 'type', 'Microsoft.ContainerService/locations/orchestrators'), self.check('orchestrators[0].orchestratorType', 'Kubernetes') ]) - @live_only() # without live only fails with needs .ssh fails (maybe generate-ssh-keys would fix) and maybe az login. + # without live only fails with needs .ssh fails (maybe generate-ssh-keys would fix) and maybe az login. + @live_only() @AllowLargeResponse() @ResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2') def test_aks_create_and_update_with_managed_aad(self, resource_group, resource_group_location): @@ -36,7 +38,8 @@ def test_aks_create_and_update_with_managed_aad(self, resource_group, resource_g self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('aadProfile.managed', True), - self.check('aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000001') + self.check( + 'aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000001') ]) update_cmd = 'aks update --resource-group={resource_group} --name={name} ' \ @@ -45,11 +48,14 @@ def test_aks_create_and_update_with_managed_aad(self, resource_group, resource_g self.cmd(update_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('aadProfile.managed', True), - self.check('aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000002'), - self.check('aadProfile.tenantId', '00000000-0000-0000-0000-000000000003') + self.check( + 'aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000002'), + self.check('aadProfile.tenantId', + '00000000-0000-0000-0000-000000000003') ]) - @live_only() # without live only fails with needs .ssh fails (maybe generate-ssh-keys would fix) and maybe az login. + # without live only fails with needs .ssh fails (maybe generate-ssh-keys would fix) and maybe az login. + @live_only() @AllowLargeResponse() @ResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='canadacentral') def test_aks_create_aadv1_and_update_with_managed_aad(self, resource_group, resource_group_location): @@ -69,9 +75,12 @@ def test_aks_create_aadv1_and_update_with_managed_aad(self, resource_group, reso self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('aadProfile.managed', None), - self.check('aadProfile.serverAppId', '00000000-0000-0000-0000-000000000001'), - self.check('aadProfile.clientAppId', '00000000-0000-0000-0000-000000000002'), - self.check('aadProfile.tenantId', 'd5b55040-0c14-48cc-a028-91457fc190d9') + self.check('aadProfile.serverAppId', + '00000000-0000-0000-0000-000000000001'), + self.check('aadProfile.clientAppId', + '00000000-0000-0000-0000-000000000002'), + self.check('aadProfile.tenantId', + 'd5b55040-0c14-48cc-a028-91457fc190d9') ]) update_cmd = 'aks update --resource-group={resource_group} --name={name} ' \ @@ -81,11 +90,14 @@ def test_aks_create_aadv1_and_update_with_managed_aad(self, resource_group, reso self.cmd(update_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('aadProfile.managed', True), - self.check('aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000003'), - self.check('aadProfile.tenantId', '00000000-0000-0000-0000-000000000004') + self.check( + 'aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000003'), + self.check('aadProfile.tenantId', + '00000000-0000-0000-0000-000000000004') ]) - @live_only() # without live only fails with needs .ssh fails (maybe generate-ssh-keys would fix) and maybe az login. + # without live only fails with needs .ssh fails (maybe generate-ssh-keys would fix) and maybe az login. + @live_only() @AllowLargeResponse() @ResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='canadacentral') def test_aks_create_nonaad_and_update_with_managed_aad(self, resource_group, resource_group_location): @@ -110,11 +122,14 @@ def test_aks_create_nonaad_and_update_with_managed_aad(self, resource_group, res self.cmd(update_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('aadProfile.managed', True), - self.check('aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000001'), - self.check('aadProfile.tenantId', '00000000-0000-0000-0000-000000000002') + self.check( + 'aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000001'), + self.check('aadProfile.tenantId', + '00000000-0000-0000-0000-000000000002') ]) - @live_only() # without live only fails with needs .ssh fails (maybe generate-ssh-keys would fix) and maybe az login. + # without live only fails with needs .ssh fails (maybe generate-ssh-keys would fix) and maybe az login. + @live_only() @AllowLargeResponse() @ResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2') def test_aks_create_and_update_with_managed_aad_enable_azure_rbac(self, resource_group, resource_group_location): @@ -131,7 +146,8 @@ def test_aks_create_and_update_with_managed_aad_enable_azure_rbac(self, resource self.check('provisioningState', 'Succeeded'), self.check('aadProfile.managed', True), self.check('aadProfile.enableAzureRBAC', True), - self.check('aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000001') + self.check( + 'aadProfile.adminGroupObjectIds[0]', '00000000-0000-0000-0000-000000000001') ]) @AllowLargeResponse() @@ -148,7 +164,8 @@ def test_aks_create_with_ingress_appgw_addon(self, resource_group, resource_grou self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('addonProfiles.ingressapplicationgateway.enabled', True), - self.check('addonProfiles.ingressapplicationgateway.config.subnetprefix', "10.2.0.0/16") + self.check( + 'addonProfiles.ingressapplicationgateway.config.subnetprefix', "10.2.0.0/16") ]) @AllowLargeResponse() @@ -190,8 +207,10 @@ def test_aks_byo_subnet_with_ingress_appgw_addon(self, resource_group, resource_ aks_cluster = self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('addonProfiles.ingressapplicationgateway.enabled', True), - self.check('addonProfiles.ingressapplicationgateway.config.applicationgatewayname', "gateway"), - self.check('addonProfiles.ingressapplicationgateway.config.subnetid', vnet_id + '/subnets/appgw-subnet') + self.check( + 'addonProfiles.ingressapplicationgateway.config.applicationgatewayname', "gateway"), + self.check('addonProfiles.ingressapplicationgateway.config.subnetid', + vnet_id + '/subnets/appgw-subnet') ]).get_output_in_json() addon_client_id = aks_cluster["addonProfiles"]["ingressapplicationgateway"]["identity"]["clientId"] @@ -261,7 +280,8 @@ def test_aks_byo_appgw_with_ingress_appgw_addon(self, resource_group, resource_g aks_cluster = self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('addonProfiles.ingressapplicationgateway.enabled', True), - self.check('addonProfiles.ingressapplicationgateway.config.applicationgatewayid', appgw_id) + self.check( + 'addonProfiles.ingressapplicationgateway.config.applicationgatewayid', appgw_id) ]).get_output_in_json() addon_client_id = aks_cluster["addonProfiles"]["ingressapplicationgateway"]["identity"]["clientId"] @@ -344,7 +364,8 @@ def test_aks_create_with_confcom_addon(self, resource_group, resource_group_loca self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('addonProfiles.ACCSGXDevicePlugin.enabled', True), - self.check('addonProfiles.ACCSGXDevicePlugin.config.ACCSGXQuoteHelperEnabled', "true") + self.check( + 'addonProfiles.ACCSGXDevicePlugin.config.ACCSGXQuoteHelperEnabled', "true") ]) @AllowLargeResponse() @@ -361,7 +382,8 @@ def test_aks_create_with_confcom_addon_helper_disabled(self, resource_group, res self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('addonProfiles.ACCSGXDevicePlugin.enabled', True), - self.check('addonProfiles.ACCSGXDevicePlugin.config.ACCSGXQuoteHelperEnabled', "false") + self.check( + 'addonProfiles.ACCSGXDevicePlugin.config.ACCSGXQuoteHelperEnabled', "false") ]) @live_only() # without live only fails with need az login @@ -385,7 +407,8 @@ def test_aks_enable_addons_confcom_addon(self, resource_group, resource_group_lo self.cmd(enable_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('addonProfiles.accsgxdeviceplugin.enabled', True), - self.check('addonProfiles.accsgxdeviceplugin.config.accsgxquotehelperenabled', "true") + self.check( + 'addonProfiles.accsgxdeviceplugin.config.accsgxquotehelperenabled', "true") ]) @live_only() # without live only fails with need az login @@ -403,7 +426,8 @@ def test_aks_disable_addons_confcom_addon(self, resource_group, resource_group_l self.cmd(create_cmd, checks=[ self.check('provisioningState', 'Succeeded'), self.check('addonProfiles.ACCSGXDevicePlugin.enabled', True), - self.check('addonProfiles.ACCSGXDevicePlugin.config.ACCSGXQuoteHelperEnabled', "true") + self.check( + 'addonProfiles.ACCSGXDevicePlugin.config.ACCSGXQuoteHelperEnabled', "true") ]) disable_cmd = 'aks disable-addons --addons confcom --resource-group={resource_group} --name={name} -o json' @@ -494,12 +518,15 @@ def test_aks_nodepool_get_upgrades(self, resource_group, resource_group_location '--nodepool-name={node_pool_name}', checks=[ # if rerun the recording, please update latestNodeImageVersion to the latest value - self.check('latestNodeImageVersion', 'AKSUbuntu-1604-2020.09.03'), - self.check('type', "Microsoft.ContainerService/managedClusters/agentPools/upgradeProfiles") + self.check('latestNodeImageVersion', + 'AKSUbuntu-1604-2020.09.03'), + self.check( + 'type', "Microsoft.ContainerService/managedClusters/agentPools/upgradeProfiles") ]) # delete - self.cmd('aks delete -g {resource_group} -n {name} --yes --no-wait', checks=[self.is_empty()]) + self.cmd( + 'aks delete -g {resource_group} -n {name} --yes --no-wait', checks=[self.is_empty()]) @AllowLargeResponse() @ResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2') @@ -528,7 +555,8 @@ def test_aks_upgrade_node_image_only_cluster(self, resource_group, resource_grou '--node-image-only ' \ '--yes' self.cmd(upgrade_node_image_only_cluster_cmd, checks=[ - self.check('agentPoolProfiles[0].provisioningState', 'UpgradingNodeImageVersion') + self.check( + 'agentPoolProfiles[0].provisioningState', 'UpgradingNodeImageVersion') ]) @AllowLargeResponse() @@ -610,7 +638,8 @@ def test_aks_create_with_windows(self, resource_group, resource_group_location): ]) # #nodepool delete - self.cmd('aks nodepool delete --resource-group={resource_group} --cluster-name={name} --name={nodepool2_name} --no-wait', checks=[self.is_empty()]) + self.cmd( + 'aks nodepool delete --resource-group={resource_group} --cluster-name={name} --name={nodepool2_name} --no-wait', checks=[self.is_empty()]) # delete self.cmd( @@ -659,7 +688,33 @@ def test_aks_create_with_ahub(self, resource_group, resource_group_location): ]) # #nodepool delete - self.cmd('aks nodepool delete --resource-group={resource_group} --cluster-name={name} --name={nodepool2_name} --no-wait', checks=[self.is_empty()]) + self.cmd( + 'aks nodepool delete --resource-group={resource_group} --cluster-name={name} --name={nodepool2_name} --no-wait', checks=[self.is_empty()]) + + # delete + self.cmd( + 'aks delete -g {resource_group} -n {name} --yes --no-wait', checks=[self.is_empty()]) + + @live_only() + @AllowLargeResponse() + @ResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westeurope') + def test_aks_update_to_msi_cluster(self, resource_group, resource_group_location): + aks_name = self.create_random_name('cliakstest', 16) + self.kwargs.update({ + 'resource_group': resource_group, + 'name': aks_name + }) + + create_cmd = 'aks create --resource-group={resource_group} --name={name} --generate-ssh-keys ' + self.cmd(create_cmd, checks=[ + self.check('provisioningState', 'Succeeded'), + ]) + + # update to MSI cluster + self.cmd('aks update --resource-group={resource_group} --name={name} --enable-managed-identity --yes', checks=[ + self.check('provisioningState', 'Succeeded'), + self.check('identity.type', 'SystemAssigned') + ]) # delete self.cmd(