Merge pull request #255 from AzureArcForKubernetes/release-1.4.4

bump k8s-extension version to 1.4.4
AzureArcForKubernetes · Sep 1, 2023 · 35d9eba · 35d9eba
2 parents 7786f2a + ef01ddd
commit 35d9eba
Show file tree

Hide file tree

Showing 603 changed files with 273,152 additions and 379,431 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -307,3 +307,5 @@
 /src/command-change/ @allyw
 
 /src/graphservices/ @amatukmolina
+
+/src/site-recovery/ @calvinhzy
diff --git a/src/aks-preview/HISTORY.rst b/src/aks-preview/HISTORY.rst
@@ -9,10 +9,24 @@ If there is no rush to release a new version, please just add a description of t
 
 To release a new version, please select a new version number (usually plus 1 to last patch version, X.Y.Z -> Major.Minor.Patch, more details in `\doc <https://semver.org/>`_), and then add a new section named as the new version number in this file, the content should include the new modifications and everything from the *Pending* section. Finally, update the `VERSION` variable in `setup.py` with this new version number.
 
+Pending
++++++++
+
+0.5.154
++++++++
+* Vendor new SDK and bump API version to 2023-07-02-preview.
+* [Breaking Change] Remove option `--upgrade-settings` from `az aks update` command, use option `--enable-force-upgrade` and `--disable-force-upgrade` instead.
+* [Breaking Change] Deprecate option `--dns-zone-resource-id` from `az aks create`, `az aks addon enable`, `az aks addon update` and `az aks enable-addons` commands, use option `--dns-zone-resource-ids` instead.
+
+0.5.153
+++++++
+* outbound ip, ipprefix and managed ips in loadbalancerProfile should be mutually exclusive
+
 0.5.152
 ++++++
 * move loadbalancer/natgateway util functions to azure-cli and update reference in aks-preview project. 
-* bump azure-cli to 2.49
+* Update the minimum required cli core version to `2.49.0`.
+* Add plugin CA support for `az aks mesh enable` commands for Azure Service Mesh.
 
 0.5.151
 +++++++
@@ -23,7 +37,6 @@ To release a new version, please select a new version number (usually plus 1 to
 * Vendor new SDK and bump API version to 2023-06-02-preview.
 * Add `--network-dataplane` to the `az aks update` command.
 * Support "VirtualMachines" agent pool type to `az aks create --vm-set-type` and `az aks nodepool add --vm-set-type`. This is internal use only, not for public preview.
-* Add plugin CA support for `az aks mesh enable` commands for Azure Service Mesh.
 
 0.5.149
 +++++++

diff --git a/src/aks-preview/azext_aks_preview/__init__.py b/src/aks-preview/azext_aks_preview/__init__.py
@@ -16,7 +16,7 @@ def register_aks_preview_resource_type():
     register_resource_type(
         "latest",
         CUSTOM_MGMT_AKS_PREVIEW,
-        SDKProfile("2023-06-02-preview", {"container_services": "2017-07-01"}),
+        SDKProfile("2023-07-02-preview", {"container_services": "2017-07-01"}),
     )
 
 

diff --git a/src/aks-preview/azext_aks_preview/_consts.py b/src/aks-preview/azext_aks_preview/_consts.py
@@ -91,9 +91,6 @@
 CONST_NODE_OS_CHANNEL_SECURITY_PATCH = "SecurityPatch"
 CONST_NODE_OS_CHANNEL_UNMANAGED = "Unmanaged"
 
-# consts for cluster upgrade settings
-CONST_IGNORE_KUBERNETES_DEPRECATIONS = "IgnoreKubernetesDeprecations"
-
 # consts for nrg-lockdown restriction level
 CONST_NRG_LOCKDOWN_RESTRICTION_LEVEL_READONLY = "ReadOnly"
 CONST_NRG_LOCKDOWN_RESTRICTION_LEVEL_UNRESTRICTED = "Unrestricted"

diff --git a/src/aks-preview/azext_aks_preview/_help.py b/src/aks-preview/azext_aks_preview/_help.py
@@ -500,6 +500,9 @@
         - name: --dns-zone-resource-id
           type: string
           short-summary: The resource ID of the DNS zone resource to use with the web_application_routing addon.
+        - name: --dns-zone-resource-ids
+          type: string
+          short-summary: A comma separated list of resource IDs of the DNS zone resource to use with the web_application_routing addon.
         - name: --enable-custom-ca-trust
           type: bool
           short-summary: Enable Custom CA Trust on agent node pool.
@@ -796,13 +799,15 @@
         - name: --node-os-upgrade-channel
           type: string
           short-summary: Manner in which the OS on your nodes is updated. It could be NodeImage, None, SecurityPatch or Unmanaged.
-        - name: --upgrade-settings
-          type: string
-          short-summary: A comma separated list of supported cluster upgrade settings. E.g., IgnoreKubernetesDeprecations.
-          long-summary: Allowed value is "IgnoreKubernetesDeprecations". If set as "", upgrade settings will be set to default and the existing overrides will no longer be effective.
+        - name: --enable-force-upgrade
+          type: bool
+          short-summary: Enable forceUpgrade cluster upgrade settings override.
+        - name: --disable-force-upgrade
+          type: bool
+          short-summary: Disable forceUpgrade cluster upgrade settings override.
         - name: --upgrade-override-until
           type: string
-          short-summary: Until when the cluster upgradeSettings overrides are effective. It needs to be in a valid date-time format that's within the next 30 days. For example, 2023-04-01T13:00:00Z. Note that if --upgrade-settings is set to IgnoreKubernetesDeprecations and --upgrade-override-until is not set, by default it will be set to 3 days from now.
+          short-summary: Until when the cluster upgradeSettings overrides are effective. It needs to be in a valid date-time format that's within the next 30 days. For example, 2023-04-01T13:00:00Z. Note that if --force-upgrade is set to true and --upgrade-override-until is not set, by default it will be set to 3 days from now.
         - name: --enable-managed-identity
           type: bool
           short-summary: Update current cluster to managed identity to manage cluster resource group.
@@ -1911,6 +1916,9 @@
   - name: --dns-zone-resource-id
     type: string
     short-summary: The resource ID of the DNS zone resource to use with the web_application_routing addon.
+  - name: --dns-zone-resource-ids
+    type: string
+    short-summary: A comma separated list of resource IDs of the DNS zone resource to use with the web_application_routing addon.
 examples:
   - name: Enable a Kubernetes addon. (autogenerated)
     text: az aks addon enable --addon virtual-node --name MyManagedCluster --resource-group MyResourceGroup --subnet-name VirtualNodeSubnet
@@ -1975,6 +1983,9 @@
   - name: --dns-zone-resource-id
     type: string
     short-summary: The resource ID of the DNS zone resource to use with the web_application_routing addon.
+  - name: --dns-zone-resource-ids
+    type: string
+    short-summary: A comma separated list of resource IDs of the DNS zone resource to use with the web_application_routing addon.
 examples:
   - name: Update a Kubernetes addon. (autogenerated)
     text: az aks addon update --addon virtual-node --name MyManagedCluster --resource-group MyResourceGroup --subnet-name VirtualNodeSubnet
@@ -2053,6 +2064,9 @@
   - name: --dns-zone-resource-id
     type: string
     short-summary: The resource ID of the DNS zone resource to use with the web_application_routing addon.
+  - name: --dns-zone-resource-ids
+    type: string
+    short-summary: A comma separated list of resource IDs of the DNS zone resource to use with the web_application_routing addon.
   - name: --aks-custom-headers
     type: string
     short-summary: Send custom headers. When specified, format should be Key1=Value1,Key2=Value2

diff --git a/src/aks-preview/azext_aks_preview/_loadbalancer.py b/src/aks-preview/azext_aks_preview/_loadbalancer.py
@@ -5,51 +5,150 @@
 
 from types import SimpleNamespace
 from knack.log import get_logger
-from azure.cli.command_modules.acs._loadbalancer import (
-    is_load_balancer_profile_provided as _is_load_balancer_profile_provided,
-    configure_load_balancer_profile as _configure_load_balancer_profile,
+from azure.cli.core.azclierror import (
+    InvalidArgumentValueError,
 )
+
+
 logger = get_logger(__name__)
 
 
 def update_load_balancer_profile(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
                                  outbound_ip_prefixes, outbound_ports, idle_timeout, backend_pool_type, profile, models):
     """parse and update an existing load balancer profile"""
-    if not (_is_load_balancer_profile_provided(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
-                                               outbound_ip_prefixes, outbound_ports, idle_timeout) or backend_pool_type):
+    if not (is_load_balancer_profile_provided(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
+                                              outbound_ip_prefixes, outbound_ports, idle_timeout) or backend_pool_type):
         return profile
-    if profile is None:
-        if isinstance(models, SimpleNamespace):
-            ManagedClusterLoadBalancerProfile = models.ManagedClusterLoadBalancerProfile
-        else:
-            ManagedClusterLoadBalancerProfile = models.get("ManagedClusterLoadBalancerProfile")
-        profile = ManagedClusterLoadBalancerProfile()
     return configure_load_balancer_profile(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
                                            outbound_ip_prefixes, outbound_ports, idle_timeout, backend_pool_type, profile, models)
 
 
 def create_load_balancer_profile(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
                                  outbound_ip_prefixes, outbound_ports, idle_timeout, backend_pool_type, models):
     """parse and build load balancer profile"""
-    if not (_is_load_balancer_profile_provided(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
-                                               outbound_ip_prefixes, outbound_ports, idle_timeout) or backend_pool_type):
+    if not (is_load_balancer_profile_provided(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
+                                              outbound_ip_prefixes, outbound_ports, idle_timeout) or backend_pool_type):
         return None
-
-    if isinstance(models, SimpleNamespace):
-        ManagedClusterLoadBalancerProfile = models.ManagedClusterLoadBalancerProfile
-    else:
-        ManagedClusterLoadBalancerProfile = models.get("ManagedClusterLoadBalancerProfile")
-    profile = ManagedClusterLoadBalancerProfile()
     return configure_load_balancer_profile(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
-                                           outbound_ip_prefixes, outbound_ports, idle_timeout, backend_pool_type, profile, models)
+                                           outbound_ip_prefixes, outbound_ports, idle_timeout, backend_pool_type, None, models)
 
 
 def configure_load_balancer_profile(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
                                     outbound_ip_prefixes, outbound_ports, idle_timeout, backend_pool_type, profile, models):
     """configure a load balancer with customer supplied values"""
+    if not profile:
+        if isinstance(models, SimpleNamespace):
+            ManagedClusterLoadBalancerProfile = models.ManagedClusterLoadBalancerProfile
+        else:
+            ManagedClusterLoadBalancerProfile = models.get("ManagedClusterLoadBalancerProfile")
+        profile = ManagedClusterLoadBalancerProfile()
+    if any([managed_outbound_ip_count,
+            managed_outbound_ipv6_count,
+            outbound_ips,
+            outbound_ip_prefixes]):
+        ip_provider = 0
+
+        outbound_ip_resources = _get_load_balancer_outbound_ips(outbound_ips, models)
+        if outbound_ip_resources:
+            if isinstance(models, SimpleNamespace):
+                ManagedClusterLoadBalancerProfileOutboundIPs = models.ManagedClusterLoadBalancerProfileOutboundIPs
+            else:
+                ManagedClusterLoadBalancerProfileOutboundIPs = models.get(
+                    "ManagedClusterLoadBalancerProfileOutboundIPs"
+                )
+            # ips -> i_ps due to track 2 naming issue
+            profile.outbound_i_ps = ManagedClusterLoadBalancerProfileOutboundIPs(
+                public_i_ps=outbound_ip_resources
+            )
+            profile.managed_outbound_i_ps = None
+            profile.outbound_ip_prefixes = None
+            ip_provider += 1
+        outbound_ip_prefix_resources = _get_load_balancer_outbound_ip_prefixes(outbound_ip_prefixes, models)
+        if outbound_ip_prefix_resources:
+            if isinstance(models, SimpleNamespace):
+                ManagedClusterLoadBalancerProfileOutboundIPPrefixes = (
+                    models.ManagedClusterLoadBalancerProfileOutboundIPPrefixes
+                )
+            else:
+                ManagedClusterLoadBalancerProfileOutboundIPPrefixes = models.get(
+                    "ManagedClusterLoadBalancerProfileOutboundIPPrefixes"
+                )
+            profile.outbound_ip_prefixes = ManagedClusterLoadBalancerProfileOutboundIPPrefixes(
+                public_ip_prefixes=outbound_ip_prefix_resources
+            )
+            profile.outbound_i_ps = None
+            profile.managed_outbound_i_ps = None
+            ip_provider += 1
 
-    profile = _configure_load_balancer_profile(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips,
-                                               outbound_ip_prefixes, outbound_ports, idle_timeout, profile, models)
+        if managed_outbound_ip_count or managed_outbound_ipv6_count:
+            if profile.managed_outbound_i_ps is None:
+                if isinstance(models, SimpleNamespace):
+                    ManagedClusterLoadBalancerProfileManagedOutboundIPs = (
+                        models.ManagedClusterLoadBalancerProfileManagedOutboundIPs
+                    )
+                else:
+                    ManagedClusterLoadBalancerProfileManagedOutboundIPs = models.get(
+                        "ManagedClusterLoadBalancerProfileManagedOutboundIPs"
+                    )
+                profile.managed_outbound_i_ps = ManagedClusterLoadBalancerProfileManagedOutboundIPs()
+            if managed_outbound_ip_count:
+                profile.managed_outbound_i_ps.count = managed_outbound_ip_count
+            if managed_outbound_ipv6_count:
+                profile.managed_outbound_i_ps.count_ipv6 = managed_outbound_ipv6_count
+            profile.outbound_ip_prefixes = None
+            profile.outbound_i_ps = None
+            ip_provider += 1
+        if ip_provider <= 0 or ip_provider > 1:
+            raise InvalidArgumentValueError("outbound ip/ipprefix and managed ip should be mutual exclusive.")
+    if outbound_ports:
+        profile.allocated_outbound_ports = outbound_ports
+    if idle_timeout:
+        profile.idle_timeout_in_minutes = idle_timeout
     if backend_pool_type:
         profile.backend_pool_type = backend_pool_type
     return profile
+
+
+def is_load_balancer_profile_provided(managed_outbound_ip_count, managed_outbound_ipv6_count, outbound_ips, ip_prefixes,
+                                      outbound_ports, idle_timeout):
+    return any([managed_outbound_ip_count,
+                managed_outbound_ipv6_count,
+                outbound_ips,
+                ip_prefixes,
+                outbound_ports,
+                idle_timeout])
+
+
+def _get_load_balancer_outbound_ips(load_balancer_outbound_ips, models):
+    """parse load balancer profile outbound IP ids and return an array of references to the outbound IP resources"""
+    load_balancer_outbound_ip_resources = None
+    if isinstance(models, SimpleNamespace):
+        ResourceReference = models.ResourceReference
+    else:
+        ResourceReference = models.get("ResourceReference")
+    if load_balancer_outbound_ips is not None:
+        if isinstance(load_balancer_outbound_ips, str):
+            load_balancer_outbound_ip_resources = \
+                [ResourceReference(id=x.strip())
+                    for x in load_balancer_outbound_ips.split(',')]
+        else:
+            load_balancer_outbound_ip_resources = load_balancer_outbound_ips
+    return load_balancer_outbound_ip_resources
+
+
+def _get_load_balancer_outbound_ip_prefixes(load_balancer_outbound_ip_prefixes, models):
+    """parse load balancer profile outbound IP prefix ids and return an array \
+    of references to the outbound IP prefix resources"""
+    load_balancer_outbound_ip_prefix_resources = None
+    if isinstance(models, SimpleNamespace):
+        ResourceReference = models.ResourceReference
+    else:
+        ResourceReference = models.get("ResourceReference")
+    if load_balancer_outbound_ip_prefixes:
+        if isinstance(load_balancer_outbound_ip_prefixes, str):
+            load_balancer_outbound_ip_prefix_resources = \
+                [ResourceReference(id=x.strip())
+                    for x in load_balancer_outbound_ip_prefixes.split(',')]
+        else:
+            load_balancer_outbound_ip_prefix_resources = load_balancer_outbound_ip_prefixes
+    return load_balancer_outbound_ip_prefix_resources