From 0074c24ebdb409a2e5bff836a75680fbcb055b6d Mon Sep 17 00:00:00 2001 From: Jack Francis Date: Fri, 2 Oct 2020 14:06:04 -0700 Subject: [PATCH] docs: confirm flannel + docker is not supported (#3886) --- docs/topics/clusterdefinitions.md | 2 +- pkg/api/vlabs/validate.go | 3 ++ pkg/api/vlabs/validate_test.go | 46 ++++++++++++++++++++++++++++--- 3 files changed, 46 insertions(+), 5 deletions(-) diff --git a/docs/topics/clusterdefinitions.md b/docs/topics/clusterdefinitions.md index 4154fe4752..aed881dcd8 100644 --- a/docs/topics/clusterdefinitions.md +++ b/docs/topics/clusterdefinitions.md @@ -127,7 +127,7 @@ $ aks-engine get-versions | aad | true if adminGroupID is specified in the aadProfile configuration | 0 | ClusterRoleBinding specification that adds an admin group matching the adminGroupID | | [calico](https://docs.projectcalico.org/archive/v3.8/introduction/) | true if networkPolicy is "calico"; | 6 | A NetworkPolicy implementation by the Calico project (currently supports v3.8) | | [cilium](https://docs.cilium.io/en/v1.4/kubernetes/policy/#ciliumnetworkpolicy) | true if networkPolicy is "cilium"; currently validated against Kubernetes v1.13, v1.14, and v1.15 | 0 | A NetworkPolicy CRD implementation by the Cilium project (currently supports v1.4) | -| [flannel](https://coreos.com/flannel/docs/0.8.0/index.html) | false | 0 | An addon that delivers flannel: a virtual network that gives a subnet to each host for use with container runtimes. If `networkPlugin` is set to `"flannel"` this addon will be enabled automatically. Not compatible with any other `networkPlugin` or `networkPolicy`. | +| [flannel](https://coreos.com/flannel/docs/0.8.0/index.html) | false | 0 | An addon that delivers flannel: a virtual network that gives a subnet to each host for use with container runtimes. The current implementation is v0.8.0. If `networkPlugin` is set to `"flannel"` this addon will be enabled automatically. Not compatible with any other `networkPlugin` or `networkPolicy`. This addon **requires** containerd (`"containerRuntime": "containerd"`)| | [csi-secrets-store](../../examples/addons/csi-secrets-store/README.md) | true (for 1.16+ clusters) | as many as linux agent nodes | Integrates secrets stores (Azure keyvault) via a [Container Storage Interface (CSI)](https://kubernetes-csi.github.io/docs/) volume. | | [azure-arc-onboarding](../../examples/addons/azure-arc-onboarding/README.md) | false | 7 | Attaches the cluster to Azure Arc enabled Kubernetes. | diff --git a/pkg/api/vlabs/validate.go b/pkg/api/vlabs/validate.go index ce89df7800..cbc012dbb9 100644 --- a/pkg/api/vlabs/validate.go +++ b/pkg/api/vlabs/validate.go @@ -838,6 +838,9 @@ func (a *Properties) validateAddons() error { return errors.Errorf("%s addon is not supported with networkPlugin=%s, please use networkPlugin=%s", common.FlannelAddonName, networkPlugin, NetworkPluginFlannel) } } + if a.OrchestratorProfile.KubernetesConfig.ContainerRuntime != Containerd { + return errors.Errorf("%s addon is only supported with containerRuntime=%s", common.FlannelAddonName, Containerd) + } case "azure-policy": isValidVersion, err := common.IsValidMinVersion(a.OrchestratorProfile.OrchestratorType, a.OrchestratorProfile.OrchestratorRelease, a.OrchestratorProfile.OrchestratorVersion, "1.14.0") if err != nil { diff --git a/pkg/api/vlabs/validate_test.go b/pkg/api/vlabs/validate_test.go index 283acbc514..a6e6af89c6 100644 --- a/pkg/api/vlabs/validate_test.go +++ b/pkg/api/vlabs/validate_test.go @@ -2066,6 +2066,7 @@ func TestValidateAddons(t *testing.T) { p: &Properties{ OrchestratorProfile: &OrchestratorProfile{ KubernetesConfig: &KubernetesConfig{ + ContainerRuntime: Containerd, Addons: []KubernetesAddon{ { Name: common.FlannelAddonName, @@ -2077,12 +2078,46 @@ func TestValidateAddons(t *testing.T) { }, expectedErr: nil, }, + { + name: "flannel addon enabled but no containerRuntime", + p: &Properties{ + OrchestratorProfile: &OrchestratorProfile{ + KubernetesConfig: &KubernetesConfig{ + Addons: []KubernetesAddon{ + { + Name: common.FlannelAddonName, + Enabled: to.BoolPtr(true), + }, + }, + }, + }, + }, + expectedErr: errors.Errorf("%s addon is only supported with containerRuntime=%s", common.FlannelAddonName, Containerd), + }, + { + name: "flannel addon enabled with docker", + p: &Properties{ + OrchestratorProfile: &OrchestratorProfile{ + KubernetesConfig: &KubernetesConfig{ + ContainerRuntime: Docker, + Addons: []KubernetesAddon{ + { + Name: common.FlannelAddonName, + Enabled: to.BoolPtr(true), + }, + }, + }, + }, + }, + expectedErr: errors.Errorf("%s addon is only supported with containerRuntime=%s", common.FlannelAddonName, Containerd), + }, { name: "flannel addon enabled w/ NetworkPlugin=flannel", p: &Properties{ OrchestratorProfile: &OrchestratorProfile{ KubernetesConfig: &KubernetesConfig{ - NetworkPlugin: NetworkPluginFlannel, + ContainerRuntime: Containerd, + NetworkPlugin: NetworkPluginFlannel, Addons: []KubernetesAddon{ { Name: common.FlannelAddonName, @@ -2099,7 +2134,8 @@ func TestValidateAddons(t *testing.T) { p: &Properties{ OrchestratorProfile: &OrchestratorProfile{ KubernetesConfig: &KubernetesConfig{ - NetworkPlugin: DefaultNetworkPlugin, + ContainerRuntime: Containerd, + NetworkPlugin: DefaultNetworkPlugin, Addons: []KubernetesAddon{ { Name: common.FlannelAddonName, @@ -2116,7 +2152,8 @@ func TestValidateAddons(t *testing.T) { p: &Properties{ OrchestratorProfile: &OrchestratorProfile{ KubernetesConfig: &KubernetesConfig{ - NetworkPlugin: "kubenet", + ContainerRuntime: Containerd, + NetworkPlugin: "kubenet", Addons: []KubernetesAddon{ { Name: common.FlannelAddonName, @@ -2133,7 +2170,8 @@ func TestValidateAddons(t *testing.T) { p: &Properties{ OrchestratorProfile: &OrchestratorProfile{ KubernetesConfig: &KubernetesConfig{ - NetworkPolicy: "calico", + ContainerRuntime: Containerd, + NetworkPolicy: "calico", Addons: []KubernetesAddon{ { Name: common.FlannelAddonName,