ansible-collections · xuzhang3 · Nov 14, 2024 · Oct 11, 2024 · Oct 11, 2024 · Oct 12, 2024
diff --git a/plugins/modules/azure_rm_aks.py b/plugins/modules/azure_rm_aks.py
@@ -174,6 +174,15 @@
                 description:
                     - The tags to be persisted on the agent pool virtual machine scale set.
                 type: dict
+            os_sku:
+                description:
+                    - The operating system sku.
+                type: str
+                choices:
+                    - Ubuntu
+                    - AzureLinux
+                    - Windows2019
+                    - Windows2022
             security_profile:
                 description:
                     - The security settings of an agent pool.
@@ -533,6 +542,21 @@
                                 description:
                                     - The client ID of the user assigned identity.
                                 type: str
+    windows_profile:
+        description:
+            - The Windows profile suboptions.
+        type: dict
+        suboptions:
+            admin_username:
+                description:
+                    - The Admin Username for the cluster.
+                required: true
+                type: str
+            admin_password:
+                description:
+                    - The Admin password for the cluster.
+                required: true
+                type: str
     disable_local_accounts:
         description:
             - If set to true, getting static credentials will be disabled for this cluster.
@@ -710,6 +734,43 @@
             client_id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
             object_id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
 
+- name: Create a kubernet service with I(os_type=Windows)
+  azure_rm_aks:
+    name: myaks02
+    location: eastus
+    resource_group: "{{ resource_group }}"
+    kubernetes_version: "{{ versions }}"
+    dns_prefix: "aks_dns"
+    enable_rbac: true
+    windows_profile:
+      admin_username: azureuser
+      admin_password: Password@0329
+    aad_profile:
+      managed: true
+    agent_pool_profiles:
+      - name: default
+        count: 1
+        vm_size: Standard_D8ds_v5
+        mode: System
+        os_type: Linux
+        os_sku: Ubuntu
+      - name: def
+        count: 1
+        vm_size: Standard_D2as_v4
+        mode: User
+        os_type: Windows
+        os_sku: Windows2022
+    api_server_access_profile:
+      authorized_ip_ranges:
+        - "192.0.2.0"
+        - "198.51.100.0"
+        - "203.0.113.0"
+      enable_private_cluster: false
+    network_profile:
+      load_balancer_sku: standard
+      network_plugin: azure
+      outbound_type: loadBalancer
+
 - name: Remove a managed Azure Container Services (AKS) instance
   azure_rm_aks:
     name: myAKS
@@ -734,6 +795,7 @@
            storage_profile: ManagedDisks
            vm_size: Standard_B2s
            vnet_subnet_id: Null
+           os_sku: Ubuntu
            security_profile: { 'enable_secure_boot': true, 'enable_vtpm': false }
         auto_upgrade_profile:
           node_os_upgrade_channel: NodeImage
@@ -784,6 +846,7 @@
         }
         tags: {}
         type: Microsoft.ContainerService/ManagedClusters
+        windows_profile: None
 '''
 from ansible_collections.azure.azcollection.plugins.module_utils.azure_rm_common_ext import AzureRMModuleBaseExt
 
@@ -827,6 +890,7 @@ def create_aks_dict(aks):
         fqdn=aks.fqdn,
         node_resource_group=aks.node_resource_group,
         auto_upgrade_profile=create_auto_upgrade_profile_dict(aks.auto_upgrade_profile),
+        windows_profile=create_windows_profile_dict(aks.windows_profile),
         pod_identity_profile=create_pod_identity_profile(aks.pod_identity_profile.as_dict()) if aks.pod_identity_profile else None,
         security_profile=aks.security_profile.as_dict() if aks.security_profile else None,
     )
@@ -906,6 +970,21 @@ def create_service_principal_profile_dict(serviceprincipalprofile):
     )
 
 
+def create_windows_profile_dict(windowsprofile):
+    '''
+    Helper method to deserialize a ManagedClusterWindowsProfile to a dict
+    :param: windowsprofile: ManagedClusterWindowsProfile with the Azure callback object
+    :return: dict with the state on Azure
+    '''
+    if windowsprofile:
+        return dict(
+            admin_username=windowsprofile.admin_username,
+            admin_password=windowsprofile.admin_password
+        )
+    else:
+        return None
+
+
 def create_agent_pool_profiles_dict(agentpoolprofiles):
     '''
     Helper method to deserialize a ContainerServiceAgentPoolProfile to a dict
@@ -929,6 +1008,7 @@ def create_agent_pool_profiles_dict(agentpoolprofiles):
         min_count=profile.min_count,
         max_pods=profile.max_pods,
         tags=profile.tags,
+        os_sku=profile.os_sku,
         security_profile=dict(
             enable_secure_boot=profile.security_profile.enable_secure_boot,
             enable_vtpm=profile.security_profile.enable_vtpm
@@ -993,6 +1073,7 @@ def create_addon_profiles_spec():
     min_count=dict(type='int'),
     max_pods=dict(type='int'),
     tags=dict(type='dict'),
+    os_sku=dict(type='str', choices=['Ubuntu', 'AzureLinux', 'Windows2019', 'Windows2022']),
     security_profile=dict(
         type='dict',
         options=dict(
@@ -1038,6 +1119,12 @@ def create_addon_profiles_spec():
 )
 
 
+windows_profile_spec = dict(
+    admin_username=dict(type='str', required=True),
+    admin_password=dict(type='str', no_log=True, required=True),
+)
+
+
 class dotdict(dict):
     """dot.notation access to dictionary attributes"""
     __getattr__ = dict.get
@@ -1081,6 +1168,10 @@ def __init__(self):
                 elements='dict',
                 options=agent_pool_profile_spec
             ),
+            windows_profile=dict(
+                type='dict',
+                options=windows_profile_spec
+            ),
             service_principal=dict(
                 type='dict',
                 options=service_principal_spec
@@ -1220,6 +1311,7 @@ def __init__(self):
         self.node_resource_group = None
         self.pod_identity_profile = None
         self.auto_upgrade_profile = None
+        self.windows_profile = None
         self.disable_local_accounts = None
         self.security_profile = None
 
@@ -1448,6 +1540,12 @@ def compare_addon(origin, patch, config):
                         changed, self.identity = self.update_identity(self.identity, response['identity'])
                         if changed:
                             to_be_updated = True
+                    # Cannot Update the Username for now // Let service to handle it
+                    if self.windows_profile and is_property_changed('windows_profile', 'admin_username'):
+                        self.log(("Windows Profile Diff User, Was {0} / Now {1}"
+                                  .format(response['windows_profile']['admin_username'], self.windows_profile.get('admin_username'))))
+                        to_be_updated = True
+                        # self.module.warn("windows_profile.admin_username cannot be updated")
 
             if update_agentpool:
                 self.log("Need to update agentpool")
@@ -1520,6 +1618,11 @@ def create_update_aks(self):
         else:
             linux_profile = None
 
+        if self.windows_profile:
+            windows_profile = self.create_windows_profile_instance(self.windows_profile)
+        else:
+            windows_profile = None
+
         if self.pod_identity_profile:
             pod_identity_profile = self.managedcluster_models.ManagedClusterPodIdentityProfile(
                 enabled=self.pod_identity_profile.get('enabled'),
@@ -1550,6 +1653,7 @@ def create_update_aks(self):
             service_principal_profile=service_principal_profile,
             agent_pool_profiles=agentpools,
             linux_profile=linux_profile,
+            windows_profile=windows_profile,
             identity=self.identity,
             enable_rbac=self.enable_rbac,
             network_profile=self.create_network_profile_instance(self.network_profile),
@@ -1711,6 +1815,17 @@ def create_linux_profile_instance(self, linuxprofile):
                 self.managedcluster_models.ContainerServiceSshPublicKey(key_data=str(linuxprofile['ssh_key']))])
         )
 
+    def create_windows_profile_instance(self, windowsprofile):
+        '''
+        Helper method to serialize a dict to a ManagedClusterWindowsProfile
+        :param: windowsprofile: dict with the parameters to setup the ManagedClusterWindowsProfile
+        :return: ManagedClusterWindowsProfile
+        '''
+        return self.managedcluster_models.ManagedClusterWindowsProfile(
+            admin_username=windowsprofile['admin_username'],
+            admin_password=windowsprofile['admin_password']
+        )
+
     def create_network_profile_instance(self, network):
         return self.managedcluster_models.ContainerServiceNetworkProfile(**network) if network else None
 

diff --git a/plugins/modules/azure_rm_aksagentpool.py b/plugins/modules/azure_rm_aksagentpool.py
@@ -126,10 +126,13 @@
         description:
             - Specifies an OS SKU.
             - This value must not be specified if OSType is Windows.
+            - The I(os_sku=CBLMariner) deprecated. Microsoft recommends that new deployments choose 'AzureLinux' instead.
         type: str
         choices:
             - Ubuntu
-            - CBLMariner
+            - AzureLinux
+            - Windows2019
+            - Windows2022
     scale_down_mode:
         description:
             - This also effects the cluster autoscaler behavior.
@@ -883,7 +886,7 @@ def __init__(self):
                 type='str', choices=['OCIContainer', 'WasmWasi']
             ),
             os_sku=dict(
-                type='str', choices=["Ubuntu", "CBLMariner"]
+                type='str', choices=["Ubuntu", "AzureLinux", "Windows2022", "Windows2019"]
             ),
             scale_down_mode=dict(
                 type='str',
@@ -1194,7 +1197,7 @@ def to_dict(self, agent_pool):
             enable_encryption_at_host=agent_pool.enable_encryption_at_host,
             enable_ultra_ssd=agent_pool.enable_ultra_ssd,
             enable_fips=agent_pool.enable_fips,
-            gpu_instance_profile=agent_pool.gpu_instance_profile
+            gpu_instance_profile=agent_pool.gpu_instance_profile,
         )
 
         if agent_pool.upgrade_settings is not None:

diff --git a/plugins/modules/azure_rm_aksagentpool_info.py b/plugins/modules/azure_rm_aksagentpool_info.py
@@ -439,7 +439,7 @@ def to_dict(self, agent_pool):
             enable_encryption_at_host=agent_pool.enable_encryption_at_host,
             enable_ultra_ssd=agent_pool.enable_ultra_ssd,
             enable_fips=agent_pool.enable_fips,
-            gpu_instance_profile=agent_pool.gpu_instance_profile
+            gpu_instance_profile=agent_pool.gpu_instance_profile,
         )
 
         if agent_pool.upgrade_settings is not None: