From 208ab5fe16b8753cb3c5a85e408e39b86fa626fe Mon Sep 17 00:00:00 2001 From: Shalom Yerushalmy Date: Thu, 1 Apr 2021 15:22:12 +0300 Subject: [PATCH 1/4] add open service mesh option for kuberentes service (public preview) --- .../services/containers/kubernetes_addons.go | 29 ++++++++ ...kubernetes_cluster_addons_resource_test.go | 67 +++++++++++++++++++ .../kubernetes_cluster_data_source.go | 13 ++++ .../kubernetes_cluster_data_source_test.go | 33 +++++++++ 4 files changed, 142 insertions(+) diff --git a/azurerm/internal/services/containers/kubernetes_addons.go b/azurerm/internal/services/containers/kubernetes_addons.go index d66e1c745c6d..5471d3499d50 100644 --- a/azurerm/internal/services/containers/kubernetes_addons.go +++ b/azurerm/internal/services/containers/kubernetes_addons.go @@ -21,6 +21,7 @@ const ( kubernetesDashboardKey = "kubeDashboard" httpApplicationRoutingKey = "httpApplicationRouting" omsAgentKey = "omsagent" + openServiceMeshKey = "openServiceMesh" ) // The AKS API hard-codes which add-ons are supported in which environment @@ -34,11 +35,13 @@ var unsupportedAddonsForEnvironment = map[string][]string{ azurePolicyKey, // https://github.com/terraform-providers/terraform-provider-azurerm/issues/6462 httpApplicationRoutingKey, // https://github.com/terraform-providers/terraform-provider-azurerm/issues/5960 kubernetesDashboardKey, // https://github.com/terraform-providers/terraform-provider-azurerm/issues/7487 + openServiceMeshKey, // Preview features are not supported in Azure China }, azure.USGovernmentCloud.Name: { azurePolicyKey, // https://github.com/terraform-providers/terraform-provider-azurerm/issues/6702 httpApplicationRoutingKey, // https://github.com/terraform-providers/terraform-provider-azurerm/issues/5960 kubernetesDashboardKey, // https://github.com/terraform-providers/terraform-provider-azurerm/issues/7136 + openServiceMeshKey, // Preview features are not supported in Azure Government }, } @@ -154,6 +157,20 @@ func schemaKubernetesAddOnProfiles() *schema.Schema { }, }, }, + + "open_service_mesh": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enabled": { + Type: schema.TypeBool, + Required: true, + }, + }, + }, + }, }, }, } @@ -170,6 +187,7 @@ func expandKubernetesAddOnProfiles(input []interface{}, env azure.Environment) ( kubernetesDashboardKey: &disabled, httpApplicationRoutingKey: &disabled, omsAgentKey: &disabled, + openServiceMeshKey: &disabled, } if len(input) == 0 { @@ -248,6 +266,17 @@ func expandKubernetesAddOnProfiles(input []interface{}, env azure.Environment) ( } } + openServiceMesh := profile[""].([]interface{}) + if len(openServiceMesh) > 0 && openServiceMesh[0] != nil { + value := openServiceMesh[0].(map[string]interface{}) + enabled := value["enabled"].(bool) + + addonProfiles[openServiceMeshKey] = &containerservice.ManagedClusterAddonProfile{ + Enabled: utils.Bool(enabled), + Config: nil, + } + } + return filterUnsupportedKubernetesAddOns(addonProfiles, env) } diff --git a/azurerm/internal/services/containers/kubernetes_cluster_addons_resource_test.go b/azurerm/internal/services/containers/kubernetes_cluster_addons_resource_test.go index 2155dccad0e2..00d9a7faa116 100644 --- a/azurerm/internal/services/containers/kubernetes_cluster_addons_resource_test.go +++ b/azurerm/internal/services/containers/kubernetes_cluster_addons_resource_test.go @@ -17,6 +17,7 @@ var kubernetesAddOnTests = map[string]func(t *testing.T){ "addonProfileOMS": testAccKubernetesCluster_addonProfileOMS, "addonProfileOMSToggle": testAccKubernetesCluster_addonProfileOMSToggle, "addonProfileRouting": testAccKubernetesCluster_addonProfileRoutingToggle, + "addonProfileOpenServiceMesh": testAccKubernetesCluster_addonProfileOpenServiceMesh, } func TestAccKubernetesCluster_addonProfileAciConnectorLinux(t *testing.T) { @@ -256,6 +257,28 @@ func testAccKubernetesCluster_addonProfileRoutingToggle(t *testing.T) { }) } +func TestAccKubernetesCluster_addonProfileOpenServiceMesh(t *testing.T) { + checkIfShouldRunTestsIndividually(t) + testAccKubernetesCluster_addonProfileOpenServiceMesh(t) +} + +func testAccKubernetesCluster_addonProfileOpenServiceMesh(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") + r := KubernetesClusterResource{} + + data.ResourceTest(t, r, []resource.TestStep{ + { + Config: r.addonProfileOpenServiceMeshConfig(data), + Check: resource.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("addon_profile.0.open_service_mesh.#").HasValue("1"), + check.That(data.ResourceName).Key("addon_profile.0.open_service_mesh.0.enabled").HasValue("false"), + ), + }, + data.ImportStep(), + }) +} + func (KubernetesClusterResource) addonProfileAciConnectorLinuxConfig(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { @@ -727,3 +750,47 @@ resource "azurerm_kubernetes_cluster" "test" { } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger) } + +func (KubernetesClusterResource) addonProfileOpenServiceMeshConfig(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-aks-%d" + location = "%s" +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + dns_prefix = "acctestaks%d" + + linux_profile { + admin_username = "acctestuser%d" + + ssh_key { + key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt terraform@demo.tld" + } + } + + default_node_pool { + name = "default" + node_count = 1 + vm_size = "Standard_DS2_v2" + } + + addon_profile { + open_service_mesh { + enabled = false + } + } + + identity { + type = "SystemAssigned" + } +} +`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger, data.RandomInteger) +} diff --git a/azurerm/internal/services/containers/kubernetes_cluster_data_source.go b/azurerm/internal/services/containers/kubernetes_cluster_data_source.go index f02d14e90647..1eb29a307607 100644 --- a/azurerm/internal/services/containers/kubernetes_cluster_data_source.go +++ b/azurerm/internal/services/containers/kubernetes_cluster_data_source.go @@ -118,6 +118,19 @@ func dataSourceKubernetesCluster() *schema.Resource { }, }, }, + + "open_service_mesh": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enabled": { + Type: schema.TypeBool, + Computed: true, + }, + }, + }, + }, }, }, }, diff --git a/azurerm/internal/services/containers/kubernetes_cluster_data_source_test.go b/azurerm/internal/services/containers/kubernetes_cluster_data_source_test.go index d6dbaf2f3b43..c20817fd5bf3 100644 --- a/azurerm/internal/services/containers/kubernetes_cluster_data_source_test.go +++ b/azurerm/internal/services/containers/kubernetes_cluster_data_source_test.go @@ -30,6 +30,7 @@ var kubernetesDataSourceTests = map[string]func(t *testing.T){ "addOnProfileKubeDashboard": testAccDataSourceKubernetesCluster_addOnProfileKubeDashboard, "addOnProfileAzurePolicy": testAccDataSourceKubernetesCluster_addOnProfileAzurePolicy, "addOnProfileRouting": testAccDataSourceKubernetesCluster_addOnProfileRouting, + "addOnProfileOpenServiceMesh": testAccDataSourceKubernetesCluster_addOnProfileOpenServiceMesh, "autoscalingNoAvailabilityZones": testAccDataSourceKubernetesCluster_autoscalingNoAvailabilityZones, "autoscalingWithAvailabilityZones": testAccDataSourceKubernetesCluster_autoscalingWithAvailabilityZones, "nodeLabels": testAccDataSourceKubernetesCluster_nodeLabels, @@ -450,6 +451,27 @@ func testAccDataSourceKubernetesCluster_addOnProfileRouting(t *testing.T) { }) } +func TestAccDataSourceKubernetesCluster_addOnProfileOpenServiceMesh(t *testing.T) { + checkIfShouldRunTestsIndividually(t) + testAccDataSourceKubernetesCluster_addOnProfileOpenServiceMesh(t) +} + +func testAccDataSourceKubernetesCluster_addOnProfileOpenServiceMesh(t *testing.T) { + data := acceptance.BuildTestData(t, "data.azurerm_kubernetes_cluster", "test") + r := KubernetesClusterDataSource{} + + data.DataSourceTest(t, []resource.TestStep{ + { + Config: r.addOnProfileOpenServiceMeshConfig(data), + Check: resource.ComposeTestCheckFunc( + check.That(data.ResourceName).Key("addon_profile.#").HasValue("1"), + check.That(data.ResourceName).Key("addon_profile.0.open_service_mesh.#").HasValue("1"), + check.That(data.ResourceName).Key("addon_profile.0.open_service_mesh.0.enabled").HasValue("false"), + ), + }, + }) +} + func TestAccDataSourceKubernetesCluster_autoscalingNoAvailabilityZones(t *testing.T) { checkIfShouldRunTestsIndividually(t) testAccDataSourceKubernetesCluster_autoscalingNoAvailabilityZones(t) @@ -713,6 +735,17 @@ data "azurerm_kubernetes_cluster" "test" { `, KubernetesClusterResource{}.addonProfileRoutingConfig(data)) } +func (KubernetesClusterDataSource) addOnProfileOpenServiceMeshConfig(data acceptance.TestData) string { + return fmt.Sprintf(` +%s + +data "azurerm_kubernetes_cluster" "test" { + name = azurerm_kubernetes_cluster.test.name + resource_group_name = azurerm_kubernetes_cluster.test.resource_group_name +} +`, KubernetesClusterResource{}.addOnProfileOpenServiceMeshConfig(data)) +} + func (KubernetesClusterDataSource) autoScalingNoAvailabilityZonesConfig(data acceptance.TestData) string { return fmt.Sprintf(` %s From 13c39918bec4dc16c7a8e790f23f8e37ed2c6772 Mon Sep 17 00:00:00 2001 From: Shalom Yerushalmy Date: Thu, 1 Apr 2021 15:43:27 +0300 Subject: [PATCH 2/4] fixed a typo --- .../services/containers/kubernetes_cluster_data_source_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/internal/services/containers/kubernetes_cluster_data_source_test.go b/azurerm/internal/services/containers/kubernetes_cluster_data_source_test.go index c20817fd5bf3..14a3eab3fb7e 100644 --- a/azurerm/internal/services/containers/kubernetes_cluster_data_source_test.go +++ b/azurerm/internal/services/containers/kubernetes_cluster_data_source_test.go @@ -743,7 +743,7 @@ data "azurerm_kubernetes_cluster" "test" { name = azurerm_kubernetes_cluster.test.name resource_group_name = azurerm_kubernetes_cluster.test.resource_group_name } -`, KubernetesClusterResource{}.addOnProfileOpenServiceMeshConfig(data)) +`, KubernetesClusterResource{}.addonProfileOpenServiceMeshConfig(data)) } func (KubernetesClusterDataSource) autoScalingNoAvailabilityZonesConfig(data acceptance.TestData) string { From 01afb5a6a7db02e07e3a40ff7df75f77ebea89d5 Mon Sep 17 00:00:00 2001 From: Shalom Yerushalmy Date: Wed, 7 Apr 2021 15:53:35 +0300 Subject: [PATCH 3/4] add docs --- website/docs/d/kubernetes_cluster.html.markdown | 8 ++++++++ website/docs/r/kubernetes_cluster.html.markdown | 14 ++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/website/docs/d/kubernetes_cluster.html.markdown b/website/docs/d/kubernetes_cluster.html.markdown index c7f24dcf5edb..386a77d49cb6 100644 --- a/website/docs/d/kubernetes_cluster.html.markdown +++ b/website/docs/d/kubernetes_cluster.html.markdown @@ -98,6 +98,8 @@ A `addon_profile` block exports the following: * `azure_policy` - A `azure_policy` block. +* `open_service_mesh` - A `open_service_mesh` block. + --- A `agent_pool_profile` block exports the following: @@ -258,6 +260,12 @@ A `azure_policy` block supports the following: --- +A `open_service_mesh` block supports the following: + +* `enabled` - Is Open Service Mesh enabled? + +--- + A `role_based_access_control` block exports the following: * `azure_active_directory` - A `azure_active_directory` block as documented above. diff --git a/website/docs/r/kubernetes_cluster.html.markdown b/website/docs/r/kubernetes_cluster.html.markdown index 73bc490c2a32..9a94eb5539b4 100644 --- a/website/docs/r/kubernetes_cluster.html.markdown +++ b/website/docs/r/kubernetes_cluster.html.markdown @@ -215,6 +215,12 @@ A `addon_profile` block supports the following: * `oms_agent` - (Optional) A `oms_agent` block as defined below. For more details, please visit [How to onboard Azure Monitor for containers](https://docs.microsoft.com/en-us/azure/monitoring/monitoring-container-insights-onboard). +* `open_service_mesh` - (Optional) A `open_service_mesh` block as defined below. For more details please visit [Announcing Public Preview of the Open Service Mesh (OSM) AKS add-on](https://techcommunity.microsoft.com/t5/apps-on-azure/announcing-public-preview-of-the-open-service-mesh-osm-aks-add/ba-p/2247361) + +-> **NOTE:** At this time Open Service Mesh is not supported in Azure China or Azure US Government. + +~> **Note:** Open Service Mesh is available on an opt-in Preview basis - to use this the Preview Feature `AKS-OpenServiceMesh` will need to be registered, [see the AKS Documentation for more information](https://docs.microsoft.com/en-gb/azure/aks/servicemesh-osm-about) + --- A `auto_scaler_profile` block supports the following: @@ -466,6 +472,14 @@ A `upgrade_settings` block supports the following: -> **Note:** If a percentage is provided, the number of surge nodes is calculated from the `node_count` value on the current cluster. Node surge can allow a cluster to have more nodes than `max_count` during an upgrade. Ensure that your cluster has enough [IP space](https://docs.microsoft.com/en-us/azure/aks/upgrade-cluster#customize-node-surge-upgrade) during an upgrade. +--- + +The `open_service_mesh` block exports the following: + +* `enabled` - (Required) Is the Open Service Mesh enabled? + +--- + ## Attributes Reference The following attributes are exported: From ba0d48a64b9ea63443f5b514cf3ce0ca0acebe87 Mon Sep 17 00:00:00 2001 From: Shalom Yerushalmy Date: Thu, 8 Apr 2021 12:01:50 +0300 Subject: [PATCH 4/4] Update azurerm/internal/services/containers/kubernetes_addons.go per tombuildsstuff review Co-authored-by: Tom Harvey --- azurerm/internal/services/containers/kubernetes_addons.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/internal/services/containers/kubernetes_addons.go b/azurerm/internal/services/containers/kubernetes_addons.go index 5471d3499d50..20d604a80851 100644 --- a/azurerm/internal/services/containers/kubernetes_addons.go +++ b/azurerm/internal/services/containers/kubernetes_addons.go @@ -266,7 +266,7 @@ func expandKubernetesAddOnProfiles(input []interface{}, env azure.Environment) ( } } - openServiceMesh := profile[""].([]interface{}) + openServiceMesh := profile["open_service_mesh"].([]interface{}) if len(openServiceMesh) > 0 && openServiceMesh[0] != nil { value := openServiceMesh[0].(map[string]interface{}) enabled := value["enabled"].(bool)