From 73f6b2bf7f2b44bdf3fa9a081fe37a87a2a6a7d8 Mon Sep 17 00:00:00 2001 From: Tom Gamble Date: Tue, 23 Jul 2019 23:30:06 -0500 Subject: [PATCH] kubernetes_cluster: support specifying load balancer sku (#3890) Fixes #3726 --- azurerm/data_source_kubernetes_cluster.go | 9 + azurerm/resource_arm_kubernetes_cluster.go | 22 +- .../resource_arm_kubernetes_cluster_test.go | 204 +++++++++++++++++- .../docs/r/kubernetes_cluster.html.markdown | 4 + 4 files changed, 233 insertions(+), 6 deletions(-) diff --git a/azurerm/data_source_kubernetes_cluster.go b/azurerm/data_source_kubernetes_cluster.go index 1660549874fc..e2f5d93f12fe 100644 --- a/azurerm/data_source_kubernetes_cluster.go +++ b/azurerm/data_source_kubernetes_cluster.go @@ -321,6 +321,11 @@ func dataSourceArmKubernetesCluster() *schema.Resource { Type: schema.TypeString, Computed: true, }, + + "load_balancer_sku": { + Type: schema.TypeString, + Computed: true, + }, }, }, }, @@ -725,6 +730,10 @@ func flattenKubernetesClusterDataSourceNetworkProfile(profile *containerservice. values["pod_cidr"] = *profile.PodCidr } + if profile.LoadBalancerSku != "" { + values["load_balancer_sku"] = string(profile.LoadBalancerSku) + } + return []interface{}{values} } diff --git a/azurerm/resource_arm_kubernetes_cluster.go b/azurerm/resource_arm_kubernetes_cluster.go index 5be39c3621c5..d3bf1ab3a204 100644 --- a/azurerm/resource_arm_kubernetes_cluster.go +++ b/azurerm/resource_arm_kubernetes_cluster.go @@ -416,6 +416,17 @@ func resourceArmKubernetesCluster() *schema.Resource { ForceNew: true, ValidateFunc: validate.CIDR, }, + + "load_balancer_sku": { + Type: schema.TypeString, + Optional: true, + Default: string(containerservice.Basic), + ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + string(containerservice.Basic), + string(containerservice.Standard), + }, false), + }, }, }, }, @@ -1208,9 +1219,12 @@ func expandKubernetesClusterNetworkProfile(d *schema.ResourceData) *containerser networkPolicy := config["network_policy"].(string) + loadBalancerSku := config["load_balancer_sku"].(string) + networkProfile := containerservice.NetworkProfileType{ - NetworkPlugin: containerservice.NetworkPlugin(networkPlugin), - NetworkPolicy: containerservice.NetworkPolicy(networkPolicy), + NetworkPlugin: containerservice.NetworkPlugin(networkPlugin), + NetworkPolicy: containerservice.NetworkPolicy(networkPolicy), + LoadBalancerSku: containerservice.LoadBalancerSku(loadBalancerSku), } if v, ok := config["dns_service_ip"]; ok && v.(string) != "" { @@ -1265,6 +1279,10 @@ func flattenKubernetesClusterNetworkProfile(profile *containerservice.NetworkPro values["pod_cidr"] = *profile.PodCidr } + if profile.LoadBalancerSku != "" { + values["load_balancer_sku"] = string(profile.LoadBalancerSku) + } + return []interface{}{values} } diff --git a/azurerm/resource_arm_kubernetes_cluster_test.go b/azurerm/resource_arm_kubernetes_cluster_test.go index 7c246d9cbba9..397ed0cc21f4 100644 --- a/azurerm/resource_arm_kubernetes_cluster_test.go +++ b/azurerm/resource_arm_kubernetes_cluster_test.go @@ -39,6 +39,7 @@ func TestAccAzureRMKubernetesCluster_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "kube_admin_config.#", "0"), resource.TestCheckResourceAttr(resourceName, "kube_admin_config_raw", ""), resource.TestCheckResourceAttrSet(resourceName, "agent_pool_profile.0.max_pods"), + resource.TestCheckResourceAttr(resourceName, "network_profile.0.load_balancer_sku", "basic"), ), }, { @@ -280,17 +281,17 @@ func TestAccAzureRMKubernetesCluster_upgradeConfig(t *testing.T) { CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAzureRMKubernetesCluster_upgrade(ri, location, clientId, clientSecret, "1.10.9"), + Config: testAccAzureRMKubernetesCluster_upgrade(ri, location, clientId, clientSecret, "1.12.7"), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(resourceName), - resource.TestCheckResourceAttr(resourceName, "kubernetes_version", "1.10.9"), + resource.TestCheckResourceAttr(resourceName, "kubernetes_version", "1.12.7"), ), }, { - Config: testAccAzureRMKubernetesCluster_upgrade(ri, location, clientId, clientSecret, "1.11.5"), + Config: testAccAzureRMKubernetesCluster_upgrade(ri, location, clientId, clientSecret, "1.13.5"), Check: resource.ComposeTestCheckFunc( testCheckAzureRMKubernetesClusterExists(resourceName), - resource.TestCheckResourceAttr(resourceName, "kubernetes_version", "1.11.5"), + resource.TestCheckResourceAttr(resourceName, "kubernetes_version", "1.13.5"), ), }, }, @@ -586,6 +587,52 @@ func TestAccAzureRMKubernetesCluster_advancedNetworkingAzureNPMPolicyComplete(t }) } +func TestAccAzureRMKubernetesCluster_standardLoadBalancer(t *testing.T) { + resourceName := "azurerm_kubernetes_cluster.test" + ri := tf.AccRandTimeInt() + clientId := os.Getenv("ARM_CLIENT_ID") + clientSecret := os.Getenv("ARM_CLIENT_SECRET") + config := testAccAzureRMKubernetesCluster_standardLoadBalancer(ri, clientId, clientSecret, testLocation()) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "network_profile.0.load_balancer_sku", "standard"), + ), + }, + }, + }) +} + +func TestAccAzureRMKubernetesCluster_standardLoadBalancerComplete(t *testing.T) { + resourceName := "azurerm_kubernetes_cluster.test" + ri := tf.AccRandTimeInt() + clientId := os.Getenv("ARM_CLIENT_ID") + clientSecret := os.Getenv("ARM_CLIENT_SECRET") + config := testAccAzureRMKubernetesCluster_standardLoadBalancerComplete(ri, clientId, clientSecret, testLocation()) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMKubernetesClusterDestroy, + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMKubernetesClusterExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "network_profile.0.load_balancer_sku", "standard"), + ), + }, + }, + }) +} + func TestAccAzureRMKubernetesCluster_apiServerAuthorizedIPRanges(t *testing.T) { resourceName := "azurerm_kubernetes_cluster.test" ri := tf.AccRandTimeInt() @@ -1679,6 +1726,149 @@ resource "azurerm_kubernetes_cluster" "test" { `, rInt, location, rInt, rInt, rInt, rInt, rInt, rInt, rInt, clientId, clientSecret, networkPlugin, networkPolicy) } +func testAccAzureRMKubernetesCluster_standardLoadBalancer(rInt int, clientId string, clientSecret string, location string) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%d" + location = "%s" +} + +resource "azurerm_virtual_network" "test" { + name = "acctestvirtnet%d" + address_space = ["10.1.0.0/16"] + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + tags = { + environment = "Testing" + } +} + +resource "azurerm_subnet" "test" { + name = "acctestsubnet%d" + resource_group_name = "${azurerm_resource_group.test.name}" + virtual_network_name = "${azurerm_virtual_network.test.name}" + address_prefix = "10.1.0.0/24" +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + dns_prefix = "acctestaks%d" + kubernetes_version = "1.13.5" + + + linux_profile { + admin_username = "acctestuser%d" + + ssh_key { + key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" + } + } + + agent_pool_profile { + name = "default" + count = "2" + vm_size = "Standard_DS2_v2" + vnet_subnet_id = "${azurerm_subnet.test.id}" + } + + service_principal { + client_id = "%s" + client_secret = "%s" + } + + network_profile { + network_plugin = "azure" + load_balancer_sku = "standard" + } +} +`, rInt, location, rInt, rInt, rInt, rInt, rInt, clientId, clientSecret) +} + +func testAccAzureRMKubernetesCluster_standardLoadBalancerComplete(rInt int, clientId string, clientSecret string, location string) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestRG-%d" + location = "%s" +} + +resource "azurerm_route_table" "test" { + name = "akc-routetable-%d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + route { + name = "akc-route-%d" + address_prefix = "10.100.0.0/14" + next_hop_type = "VirtualAppliance" + next_hop_in_ip_address = "10.10.1.1" + } +} + +resource "azurerm_virtual_network" "test" { + name = "acctestvirtnet%d" + address_space = ["10.1.0.0/16"] + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + tags = { + environment = "Testing" + } +} + +resource "azurerm_subnet" "test" { + name = "acctestsubnet%d" + resource_group_name = "${azurerm_resource_group.test.name}" + virtual_network_name = "${azurerm_virtual_network.test.name}" + address_prefix = "10.1.0.0/24" + route_table_id = "${azurerm_route_table.test.id}" +} + +resource "azurerm_subnet_route_table_association" "test" { + subnet_id = "${azurerm_subnet.test.id}" + route_table_id = "${azurerm_route_table.test.id}" +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + dns_prefix = "acctestaks%d" + kubernetes_version = "1.13.5" + + linux_profile { + admin_username = "acctestuser%d" + + ssh_key { + key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" + } + } + + agent_pool_profile { + name = "default" + count = "2" + vm_size = "Standard_DS2_v2" + vnet_subnet_id = "${azurerm_subnet.test.id}" + } + + service_principal { + client_id = "%s" + client_secret = "%s" + } + + network_profile { + network_plugin = "azure" + dns_service_ip = "10.10.0.10" + docker_bridge_cidr = "172.18.0.1/16" + service_cidr = "10.10.0.0/16" + load_balancer_sku = "standard" + } +} +`, rInt, location, rInt, rInt, rInt, rInt, rInt, rInt, rInt, clientId, clientSecret) +} + func testAccAzureRMKubernetesCluster_apiServerAuthorizedIPRanges(rInt int, clientId string, clientSecret string, location string) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { @@ -1815,6 +2005,7 @@ resource "azurerm_kubernetes_cluster" "test" { location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" dns_prefix = "acctestaks%d" + kubernetes_version = "1.13.5" agent_pool_profile { name = "pool1" @@ -1830,6 +2021,11 @@ resource "azurerm_kubernetes_cluster" "test" { client_id = "%s" client_secret = "%s" } + + network_profile { + network_plugin = "kubenet" + load_balancer_sku = "standard" + } } `, rInt, location, rInt, rInt, clientId, clientSecret) } diff --git a/website/docs/r/kubernetes_cluster.html.markdown b/website/docs/r/kubernetes_cluster.html.markdown index 705cce890908..71e863e7cfee 100644 --- a/website/docs/r/kubernetes_cluster.html.markdown +++ b/website/docs/r/kubernetes_cluster.html.markdown @@ -230,6 +230,10 @@ A `network_profile` block supports the following: Examples of how to use [AKS with Advanced Networking](https://docs.microsoft.com/en-us/azure/aks/networking-overview#advanced-networking) can be [found in the `./examples/kubernetes/` directory in the Github repository](https://github.com/terraform-providers/terraform-provider-azurerm/tree/master/examples/kubernetes). +* `load_balancer_sku` - (Optional) Specifies the SKU of the Load Balancer used for this Kubernetes Cluster. Possible values are `basic` and `standard`. Defaults to `basic`. + +~> **NOTE:** Support for using a `standard` load balancer is currently in Public Preview on an opt-in basis. To use it, enable feature `VMSSPreview` and `AKSAzureStandardLoadBalancer` for `namespace Microsoft.ContainerService`. For additional information please visit [Standard SKU LoadBalancer](https://docs.microsoft.com/en-us/azure/aks/load-balancer-standard). + --- A `oms_agent` block supports the following: