[AKS] az aks update: Add --network-policy to support updating the mode of a network policy
#27466
Conversation
🔄AzureCLI-FullTest
|
azure-client-tools-bot-prd
bot
added this to the
October 2023 (2023-11-15)❗ Breaking change release ❗ milestone
|
| rule | cmd_name | rule_message | suggest_message |
|---|---|---|---|
| aks update | cmd aks update added parameter network_policy |
microsoft-github-policy-service
bot
requested review from
jsntcy,
kairu-ms and
yonzhan
|
AKS |
microsoft-github-policy-service
bot
requested review from
AllyW,
FumingZhang,
necusjz,
yanzhudd and
zhoxing-ms
microsoft-github-policy-service
bot
added
the
Network
robogatikov
changed the title
--network-policy to az aks update
robogatikov
force-pushed
the
aks-update-network-policy
branch
from
de1b429 to
8ada376
Compare
| long-summary: | | ||
| Using together with "azure" network plugin. | ||
| Specify "azure" for Azure network policy manager and "calico" for calico network policy controller. | ||
| Specify "azure" for Azure network policy manager, "calico" for calico network policy controller, "cilium" for Azure CNI Overlay powered by Cilium. |
There was a problem hiding this comment.
"Azure CNI Powered by Cilium"
There was a problem hiding this comment.
fixed description
|
|
||
| # update to enable cilium dataplane | ||
| update_cmd = 'aks update -g {resource_group} -n {name} --network-dataplane=cilium' | ||
| update_cmd = 'aks update -g {resource_group} -n {name} --network-dataplane=cilium --network-policy=cilium' |
There was a problem hiding this comment.
Please add check for this new added param and update the recording file.
There was a problem hiding this comment.
We want to keep the argument consistent between az aks create and az aks update. We will add the enum check in a follow-up pr.
Also see the comment below:
We want to avoid referencing 'none' (that was introduced in API version 2023-08-02-preview) until it is ready. See comment: Azure/azure-cli-extensions#6809 (comment)
There was a problem hiding this comment.
Is the live test passed? Please upload the recoding file.
There was a problem hiding this comment.
uploaded the recording file and attached to the description
|
Suggested title: |
| c.argument('nat_gateway_managed_outbound_ip_count', type=int, validator=validate_nat_gateway_managed_outbound_ip_count) | ||
| c.argument('nat_gateway_idle_timeout', type=int, validator=validate_nat_gateway_idle_timeout) | ||
| c.argument('network_dataplane', arg_type=get_enum_type(network_dataplanes)) | ||
| c.argument('network_policy') |
There was a problem hiding this comment.
Is the value of this param enumerable? If so, please add arg_type=get_enum_type to the param.
There was a problem hiding this comment.
We want to avoid referencing 'none' (that was introduced in API version 2023-08-02-preview) until it is ready. See comment: Azure/azure-cli-extensions#6809 (comment)
robogatikov
changed the title
--network-policy to az aks updateaz aks update: Add --network-policy to support updating the mode of a network policy
robogatikov
changed the title
az aks update: Add --network-policy to support updating the mode of a network policyaz aks update : Add --network-policy to support updating the mode of a network policy
robogatikov
changed the title
az aks update : Add --network-policy to support updating the mode of a network policyaz aks update: Add --network-policy to support updating the mode of a network policy
robogatikov
changed the title
az aks update: Add --network-policy to support updating the mode of a network policyaz aks update : Add --network-policy to support updating the mode of a network policy
robogatikov
changed the title
az aks update : Add --network-policy to support updating the mode of a network policyaz aks update: Add --network-policy to support updating the mode of a network policy
FumingZhang
left a comment
FumingZhang
left a comment
There was a problem hiding this comment.
@robogatikov, could you please rebase your PR from dev branch and requeue the live test? I bumped the SDK and default API version yesterday, so your recording file is outdated
@FumingZhang , I rebased my PR from dev branch and requeued the live test |
|
@FumingZhang @yanzhudd Could you please review this PR again? |
All cases passed except one failed. The failed one is transient and not related to the change. |
… mode of a network policy (Azure#27466)
7 participants
Related command
az aks update --network-policy=noneaz aks update --network-policy=azureaz aks update --network-policy=ciliumDescription
Add the --network-policy flag to the az aks update command. This will allow to customers to update cluster to enable --network-policy "azure".
Also when updating an existing cluster to enable Azure CNI Powered by Cilium, customers may specify --network-policy that they want to use explicitly (--network-policy "azure", or --network-policy "cilium", or --network-policy "none")
Testing Guide
live test recording file: test_aks_migrate_cluster_to_cilium_dataplane.txt
History Notes
[Component Name 1] BREAKING CHANGE:
az command a: Make some customer-facing breaking change[Component Name 2]
az command b: Add some customer-facing featureThis checklist is used to make sure that common guidelines for a pull request are followed.
The PR title and description has followed the guideline in Submitting Pull Requests.
I adhere to the Command Guidelines.
I adhere to the Error Handling Guidelines.