From cd0b2f8d3da48ac7ca5e0b66c66e6816493469b9 Mon Sep 17 00:00:00 2001 From: Tyler Lloyd Date: Mon, 18 Apr 2022 22:19:49 +0000 Subject: [PATCH 1/4] add NetworkPluginMode to ManagedCluster --- .../2022-04-02-preview/managedClusters.json | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/managedClusters.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/managedClusters.json index 5e481fb25018..c472b7273a98 100644 --- a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/managedClusters.json +++ b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/managedClusters.json @@ -3343,6 +3343,10 @@ "$ref": "#/definitions/NetworkPlugin", "description": "Network plugin used for building the Kubernetes network." }, + "networkPluginMode": { + "$ref": "#/definitions/NetworkPluginMode", + "description": "Network plugin mode used for building the Kubernetes network." + }, "networkPolicy": { "$ref": "#/definitions/NetworkPolicy", "description": "Network policy used for building the Kubernetes network." @@ -6040,6 +6044,10 @@ "$ref": "#/definitions/NetworkPlugin", "description": "networkPlugin for managed cluster snapshot." }, + "networkPluginMode": { + "$ref": "#/definitions/NetworkPluginMode", + "description": "networkPluginMode for managed cluster snapshot." + }, "networkPolicy": { "$ref": "#/definitions/NetworkPolicy", "description": "networkPolicy for managed cluster snapshot." @@ -6083,6 +6091,33 @@ }, "description": "Network plugin used for building the Kubernetes network." }, + "NetworkPluginMode": { + "type": "string", + "enum": [ + "PodSubnet", + "NodeSubnet", + "Overlay" + ], + "x-ms-enum": { + "name": "networkPluginMode", + "modelAsString": true, + "values": [ + { + "value": "PodSubnet", + "description": "Pods receive IPs from a separate VNET subnet apart from the subnet the nodes are using. See [Dynamic allocation of IPs](https://docs.microsoft.com/en-us/azure/aks/configure-azure-cni#dynamic-allocation-of-ips-and-enhanced-subnet-support-preview) for more information." + }, + { + "value": "NodeSubnet", + "description": "Pods receive IPs from the same subnet as the nodes (default behavior of Azure CNI). See [Azure CNI (advanced) networking](https://docs.microsoft.com/azure/aks/concepts-network#azure-cni-advanced-networking) for more information." + }, + { + "value": "Overlay", + "description": "Pods are given IPs from the PodCIDR address space but use Azure Routing Domains rather than Kubenet reference plugins host-local and bridge." + } + ] + }, + "description": "The mode the network plugin should use." + }, "NetworkPolicy": { "type": "string", "enum": [ From 9ab092dd3dd34a786abbc575c95383aedb57e2b2 Mon Sep 17 00:00:00 2001 From: Tyler Lloyd Date: Tue, 19 Apr 2022 14:04:26 +0000 Subject: [PATCH 2/4] add overlay example --- ...ustersCreate_NetworkPluginModeOverlay.json | 295 ++++++++++++++++++ 1 file changed, 295 insertions(+) create mode 100644 specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/examples/ManagedClustersCreate_NetworkPluginModeOverlay.json diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/examples/ManagedClustersCreate_NetworkPluginModeOverlay.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/examples/ManagedClustersCreate_NetworkPluginModeOverlay.json new file mode 100644 index 000000000000..ce002da13e73 --- /dev/null +++ b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/examples/ManagedClustersCreate_NetworkPluginModeOverlay.json @@ -0,0 +1,295 @@ +{ + "parameters": { + "api-version": "2022-04-02-preview", + "subscriptionId": "subid1", + "resourceGroupName": "rg1", + "resourceName": "clustername1", + "parameters": { + "location": "location1", + "tags": { + "tier": "production" + }, + "sku": { + "name": "Basic", + "tier": "Free" + }, + "properties": { + "kubernetesVersion": "", + "dnsPrefix": "dnsprefix1", + "agentPoolProfiles": [ + { + "name": "nodepool1", + "count": 3, + "vmSize": "Standard_DS1_v2", + "osType": "Linux", + "type": "VirtualMachineScaleSets", + "scaleDownMode": "Deallocate", + "availabilityZones": [ + "1", + "2", + "3" + ], + "enableNodePublicIP": false, + "mode": "System" + } + ], + "linuxProfile": { + "adminUsername": "azureuser", + "ssh": { + "publicKeys": [ + { + "keyData": "keydata" + } + ] + } + }, + "networkProfile": { + "networkPlugin": "azure", + "networkPluginMode": "overlay", + "loadBalancerSku": "standard", + "outboundType": "loadBalancer", + "loadBalancerProfile": { + "managedOutboundIPs": { + "count": 1 + } + }, + "ipFamilies": [ + "IPv4" + ] + }, + "autoScalerProfile": { + "balance-similar-node-groups": "true", + "expander": "priority", + "max-node-provision-time": "15m", + "new-pod-scale-up-delay": "1m", + "scale-down-delay-after-add": "15m", + "scan-interval": "20s", + "skip-nodes-with-system-pods": "false" + }, + "servicePrincipalProfile": { + "clientId": "clientid", + "secret": "secret" + }, + "addonProfiles": {}, + "enableRBAC": true, + "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des", + "enablePodSecurityPolicy": true + }, + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {} + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1", + "location": "location1", + "name": "clustername1", + "tags": { + "tier": "production" + }, + "type": "Microsoft.ContainerService/ManagedClusters", + "properties": { + "provisioningState": "Succeeded", + "maxAgentPools": 1, + "kubernetesVersion": "1.21.9", + "dnsPrefix": "dnsprefix1", + "agentPoolProfiles": [ + { + "name": "nodepool1", + "count": 3, + "vmSize": "Standard_DS1_v2", + "maxPods": 110, + "osType": "Linux", + "provisioningState": "Succeeded", + "orchestratorVersion": "1.21.9", + "currentOrchestratorVersion": "1.21.9", + "type": "VirtualMachineScaleSets", + "scaleDownMode": "Deallocate", + "availabilityZones": [ + "1", + "2", + "3" + ], + "enableNodePublicIP": true, + "mode": "System", + "nodeImageVersion": "AKSUbuntu:1804:2021.04.21" + } + ], + "linuxProfile": { + "adminUsername": "azureuser", + "ssh": { + "publicKeys": [ + { + "keyData": "keydata" + } + ] + } + }, + "servicePrincipalProfile": { + "clientId": "clientid" + }, + "nodeResourceGroup": "MC_rg1_clustername1_location1", + "enableRBAC": true, + "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des", + "enablePodSecurityPolicy": true, + "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io", + "networkProfile": { + "loadBalancerSku": "basic", + "networkPlugin": "azure", + "networkPluginMode": "overlay", + "podCidr": "10.244.0.0/16", + "serviceCidr": "10.0.0.0/16", + "dnsServiceIP": "10.0.0.10", + "dockerBridgeCidr": "172.17.0.1/16", + "outboundType": "loadBalancer", + "podCidrs": [ + "10.244.0.0/16" + ], + "serviceCidrs": [ + "10.0.0.0/16" + ], + "ipFamilies": [ + "IPv4" + ], + "loadBalancerProfile": { + "allocatedOutboundPorts": 2000, + "idleTimeoutInMinutes": 10, + "managedOutboundIPs": { + "count": 1, + "countIPv6": 0 + }, + "effectiveOutboundIPs": [ + { + "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1" + } + ] + } + }, + "autoScalerProfile": { + "balance-similar-node-groups": "true", + "expander": "priority", + "max-node-provision-time": "15m", + "new-pod-scale-up-delay": "1m", + "scale-down-delay-after-add": "15m", + "scan-interval": "20s", + "skip-nodes-with-system-pods": "false" + } + }, + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": { + "principalId": "principalId1", + "clientId": "clientId1" + } + } + } + } + }, + "201": { + "body": { + "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1", + "location": "location1", + "name": "clustername1", + "tags": { + "tier": "production" + }, + "type": "Microsoft.ContainerService/ManagedClusters", + "properties": { + "provisioningState": "Creating", + "maxAgentPools": 1, + "kubernetesVersion": "1.21.9", + "dnsPrefix": "dnsprefix1", + "agentPoolProfiles": [ + { + "name": "nodepool1", + "count": 3, + "vmSize": "Standard_DS1_v2", + "maxPods": 110, + "osType": "Linux", + "provisioningState": "Creating", + "orchestratorVersion": "1.21.9", + "currentOrchestratorVersion": "1.21.9", + "type": "VirtualMachineScaleSets", + "scaleDownMode": "Deallocate", + "availabilityZones": [ + "1", + "2", + "3" + ], + "enableNodePublicIP": true, + "mode": "System" + } + ], + "linuxProfile": { + "adminUsername": "azureuser", + "ssh": { + "publicKeys": [ + { + "keyData": "keydata" + } + ] + } + }, + "servicePrincipalProfile": { + "clientId": "clientid" + }, + "nodeResourceGroup": "MC_rg1_clustername1_location1", + "enableRBAC": true, + "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des", + "enablePodSecurityPolicy": true, + "networkProfile": { + "networkPlugin": "azure", + "networkPluginMode": "overlay", + "podCidr": "10.244.0.0/16", + "serviceCidr": "10.0.0.0/16", + "dnsServiceIP": "10.0.0.10", + "dockerBridgeCidr": "172.17.0.1/16", + "loadBalancerSku": "standard", + "outboundType": "loadBalancer", + "podCidrs": [ + "10.244.0.0/16" + ], + "serviceCidrs": [ + "10.0.0.0/16" + ], + "ipFamilies": [ + "IPv4" + ], + "loadBalancerProfile": { + "allocatedOutboundPorts": 2000, + "idleTimeoutInMinutes": 10, + "managedOutboundIPs": { + "count": 1, + "countIPv6": 0 + }, + "effectiveOutboundIPs": [ + { + "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1" + } + ] + } + }, + "autoScalerProfile": { + "scan-interval": "20s", + "scale-down-delay-after-add": "15m" + } + }, + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": { + "principalId": "principalId1", + "clientId": "clientId1" + } + } + } + } + } + } +} From 2af9ad968f5cfbcc90f8c75a7514ddb5a4cdf54b Mon Sep 17 00:00:00 2001 From: Tyler Lloyd Date: Wed, 20 Apr 2022 22:48:27 +0000 Subject: [PATCH 3/4] remove example --- ...ustersCreate_NetworkPluginModeOverlay.json | 295 ------------------ 1 file changed, 295 deletions(-) delete mode 100644 specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/examples/ManagedClustersCreate_NetworkPluginModeOverlay.json diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/examples/ManagedClustersCreate_NetworkPluginModeOverlay.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/examples/ManagedClustersCreate_NetworkPluginModeOverlay.json deleted file mode 100644 index ce002da13e73..000000000000 --- a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/examples/ManagedClustersCreate_NetworkPluginModeOverlay.json +++ /dev/null @@ -1,295 +0,0 @@ -{ - "parameters": { - "api-version": "2022-04-02-preview", - "subscriptionId": "subid1", - "resourceGroupName": "rg1", - "resourceName": "clustername1", - "parameters": { - "location": "location1", - "tags": { - "tier": "production" - }, - "sku": { - "name": "Basic", - "tier": "Free" - }, - "properties": { - "kubernetesVersion": "", - "dnsPrefix": "dnsprefix1", - "agentPoolProfiles": [ - { - "name": "nodepool1", - "count": 3, - "vmSize": "Standard_DS1_v2", - "osType": "Linux", - "type": "VirtualMachineScaleSets", - "scaleDownMode": "Deallocate", - "availabilityZones": [ - "1", - "2", - "3" - ], - "enableNodePublicIP": false, - "mode": "System" - } - ], - "linuxProfile": { - "adminUsername": "azureuser", - "ssh": { - "publicKeys": [ - { - "keyData": "keydata" - } - ] - } - }, - "networkProfile": { - "networkPlugin": "azure", - "networkPluginMode": "overlay", - "loadBalancerSku": "standard", - "outboundType": "loadBalancer", - "loadBalancerProfile": { - "managedOutboundIPs": { - "count": 1 - } - }, - "ipFamilies": [ - "IPv4" - ] - }, - "autoScalerProfile": { - "balance-similar-node-groups": "true", - "expander": "priority", - "max-node-provision-time": "15m", - "new-pod-scale-up-delay": "1m", - "scale-down-delay-after-add": "15m", - "scan-interval": "20s", - "skip-nodes-with-system-pods": "false" - }, - "servicePrincipalProfile": { - "clientId": "clientid", - "secret": "secret" - }, - "addonProfiles": {}, - "enableRBAC": true, - "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des", - "enablePodSecurityPolicy": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {} - } - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1", - "location": "location1", - "name": "clustername1", - "tags": { - "tier": "production" - }, - "type": "Microsoft.ContainerService/ManagedClusters", - "properties": { - "provisioningState": "Succeeded", - "maxAgentPools": 1, - "kubernetesVersion": "1.21.9", - "dnsPrefix": "dnsprefix1", - "agentPoolProfiles": [ - { - "name": "nodepool1", - "count": 3, - "vmSize": "Standard_DS1_v2", - "maxPods": 110, - "osType": "Linux", - "provisioningState": "Succeeded", - "orchestratorVersion": "1.21.9", - "currentOrchestratorVersion": "1.21.9", - "type": "VirtualMachineScaleSets", - "scaleDownMode": "Deallocate", - "availabilityZones": [ - "1", - "2", - "3" - ], - "enableNodePublicIP": true, - "mode": "System", - "nodeImageVersion": "AKSUbuntu:1804:2021.04.21" - } - ], - "linuxProfile": { - "adminUsername": "azureuser", - "ssh": { - "publicKeys": [ - { - "keyData": "keydata" - } - ] - } - }, - "servicePrincipalProfile": { - "clientId": "clientid" - }, - "nodeResourceGroup": "MC_rg1_clustername1_location1", - "enableRBAC": true, - "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des", - "enablePodSecurityPolicy": true, - "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io", - "networkProfile": { - "loadBalancerSku": "basic", - "networkPlugin": "azure", - "networkPluginMode": "overlay", - "podCidr": "10.244.0.0/16", - "serviceCidr": "10.0.0.0/16", - "dnsServiceIP": "10.0.0.10", - "dockerBridgeCidr": "172.17.0.1/16", - "outboundType": "loadBalancer", - "podCidrs": [ - "10.244.0.0/16" - ], - "serviceCidrs": [ - "10.0.0.0/16" - ], - "ipFamilies": [ - "IPv4" - ], - "loadBalancerProfile": { - "allocatedOutboundPorts": 2000, - "idleTimeoutInMinutes": 10, - "managedOutboundIPs": { - "count": 1, - "countIPv6": 0 - }, - "effectiveOutboundIPs": [ - { - "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1" - } - ] - } - }, - "autoScalerProfile": { - "balance-similar-node-groups": "true", - "expander": "priority", - "max-node-provision-time": "15m", - "new-pod-scale-up-delay": "1m", - "scale-down-delay-after-add": "15m", - "scan-interval": "20s", - "skip-nodes-with-system-pods": "false" - } - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": { - "principalId": "principalId1", - "clientId": "clientId1" - } - } - } - } - }, - "201": { - "body": { - "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1", - "location": "location1", - "name": "clustername1", - "tags": { - "tier": "production" - }, - "type": "Microsoft.ContainerService/ManagedClusters", - "properties": { - "provisioningState": "Creating", - "maxAgentPools": 1, - "kubernetesVersion": "1.21.9", - "dnsPrefix": "dnsprefix1", - "agentPoolProfiles": [ - { - "name": "nodepool1", - "count": 3, - "vmSize": "Standard_DS1_v2", - "maxPods": 110, - "osType": "Linux", - "provisioningState": "Creating", - "orchestratorVersion": "1.21.9", - "currentOrchestratorVersion": "1.21.9", - "type": "VirtualMachineScaleSets", - "scaleDownMode": "Deallocate", - "availabilityZones": [ - "1", - "2", - "3" - ], - "enableNodePublicIP": true, - "mode": "System" - } - ], - "linuxProfile": { - "adminUsername": "azureuser", - "ssh": { - "publicKeys": [ - { - "keyData": "keydata" - } - ] - } - }, - "servicePrincipalProfile": { - "clientId": "clientid" - }, - "nodeResourceGroup": "MC_rg1_clustername1_location1", - "enableRBAC": true, - "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des", - "enablePodSecurityPolicy": true, - "networkProfile": { - "networkPlugin": "azure", - "networkPluginMode": "overlay", - "podCidr": "10.244.0.0/16", - "serviceCidr": "10.0.0.0/16", - "dnsServiceIP": "10.0.0.10", - "dockerBridgeCidr": "172.17.0.1/16", - "loadBalancerSku": "standard", - "outboundType": "loadBalancer", - "podCidrs": [ - "10.244.0.0/16" - ], - "serviceCidrs": [ - "10.0.0.0/16" - ], - "ipFamilies": [ - "IPv4" - ], - "loadBalancerProfile": { - "allocatedOutboundPorts": 2000, - "idleTimeoutInMinutes": 10, - "managedOutboundIPs": { - "count": 1, - "countIPv6": 0 - }, - "effectiveOutboundIPs": [ - { - "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1" - } - ] - } - }, - "autoScalerProfile": { - "scan-interval": "20s", - "scale-down-delay-after-add": "15m" - } - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": { - "principalId": "principalId1", - "clientId": "clientId1" - } - } - } - } - } - } -} From d92e31116ea7c78b29046338aeec5ece86bfbf3e Mon Sep 17 00:00:00 2001 From: Tyler Lloyd Date: Wed, 20 Apr 2022 22:48:43 +0000 Subject: [PATCH 4/4] only keep overlap as option --- .../preview/2022-04-02-preview/managedClusters.json | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/managedClusters.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/managedClusters.json index c472b7273a98..75722c9e1c70 100644 --- a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/managedClusters.json +++ b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-04-02-preview/managedClusters.json @@ -6094,22 +6094,12 @@ "NetworkPluginMode": { "type": "string", "enum": [ - "PodSubnet", - "NodeSubnet", "Overlay" ], "x-ms-enum": { "name": "networkPluginMode", "modelAsString": true, "values": [ - { - "value": "PodSubnet", - "description": "Pods receive IPs from a separate VNET subnet apart from the subnet the nodes are using. See [Dynamic allocation of IPs](https://docs.microsoft.com/en-us/azure/aks/configure-azure-cni#dynamic-allocation-of-ips-and-enhanced-subnet-support-preview) for more information." - }, - { - "value": "NodeSubnet", - "description": "Pods receive IPs from the same subnet as the nodes (default behavior of Azure CNI). See [Azure CNI (advanced) networking](https://docs.microsoft.com/azure/aks/concepts-network#azure-cni-advanced-networking) for more information." - }, { "value": "Overlay", "description": "Pods are given IPs from the PodCIDR address space but use Azure Routing Domains rather than Kubenet reference plugins host-local and bridge."