AKS: Add-On Profiles #1751
AKS: Add-On Profiles #1751
Conversation
….com/lfshr/terraform-provider-azurerm into containerservices-advancednetworking
….com/lfshr/terraform-provider-azurerm into containerservices-advancednetworking
This is default when network_profile is not specified. We already test this.
Better to make this explicit.
Tests pass: ``` $ acctests azurerm TestAccAzureRMKubernetesCluster_basic === RUN TestAccAzureRMKubernetesCluster_basic --- PASS: TestAccAzureRMKubernetesCluster_basic (1329.57s) PASS ok github.com/terraform-providers/terraform-provider-azurerm/azurerm 1329.613s ```
|
Thanks for your work! |
| @@ -321,6 +372,7 @@ func resourceArmKubernetesClusterCreate(d *schema.ResourceData, meta interface{} | |||
| agentProfiles := expandAzureRmKubernetesClusterAgentProfiles(d) | |||
| servicePrincipalProfile := expandAzureRmKubernetesClusterServicePrincipal(d) | |||
| networkProfile := expandAzureRmKubernetesClusterNetworkProfile(d) | |||
| addOnProfile := expandAzureRmKubernetesClusterAddOnProfile(d) | |||
There was a problem hiding this comment.
Am I being nit-picky to request this to be addonProfiles instead of addOnProfile? (just to reflect AddonProfiles with camel-casing)
There was a problem hiding this comment.
not at all - the schema field is addon_profile to match the general convention, but I can push a commit to update this :)
There was a problem hiding this comment.
pushed: be893dc :)
|
@yves-vogl this is mostly @lfshr's work/original PR - I've just pushed a couple of commits to finish it off, so thanks to @lfshr here :) |
|
#1488 has a dependency on this |
|
Resource Tests pass:
|
|
Data Source tests pass:
|
| @@ -419,3 +465,49 @@ func flattenKubernetesClusterDataSourceNetworkProfile(profile *containerservice. | |||
|
|
|||
| return []interface{}{values} | |||
| } | |||
|
|
|||
| func flattenKubernetesClusterDataSourceAddonProfiles(profile map[string]*containerservice.ManagedClusterAddonProfile) interface{} { | |||
There was a problem hiding this comment.
Can't we just rename either this function or flattenAzureRmKubernetesClusterAddonProfiles and reuse it? It's exactly the same function with the same interface, just a different name.
There was a problem hiding this comment.
probably - but historically this has caused us issues where the schema's diverged - so we're trying to avoid that
There was a problem hiding this comment.
I'm not sure I follow, how could it diverge if the output is coming from the exact same API call? If the API response is going to diverge, then both functions (as they're exactly the same except name) need fixing, AFAICT?
There was a problem hiding this comment.
the schema being the Terraform schema here - since one is a Data Source and hence Computed (this one) vs the other being a Resource / not computed. We've had PR's in the past with folks adding items to each independently, which means there's a Set error when this happens - as such it appears preferable to dupe this logic?
There was a problem hiding this comment.
ah, I see what do you mean 🤔That's tricky, yeah.
I wish we had a better way to reuse parts of schema between resources and data sources 😞
There was a problem hiding this comment.
Thanks for this discussion -- this is something we can run into on AWS as well since we generally are pushing for separate schema definitions and read functions, but usually sharing the flatten functions. 🤔
| testCheckAzureRMKubernetesClusterExists(resourceName), | ||
| resource.TestCheckResourceAttr(resourceName, "addon_profile.0.http_application_routing.#", "1"), | ||
| resource.TestCheckResourceAttrSet(resourceName, "addon_profile.0.http_application_routing.0.enabled"), | ||
| resource.TestCheckResourceAttrSet(resourceName, "addon_profile.0.http_application_routing.0.http_application_routing_zone_name"), |
There was a problem hiding this comment.
Nitpick: Can't/shouldn't we be testing the exact value, instead of just whether it's set?
There was a problem hiding this comment.
it's a computed value from the API - so we're just ensuring it's returned
There was a problem hiding this comment.
I meant mainly enabled (which presumably is just "true"), I'm not sure about http_application_routing_zone_name, but in theory TestMatchResourceAttrSet might work?
Again, it's just a nitpick, so feel free to ignore ;-)
| linux_profile { | ||
| admin_username = "acctestuser%d" | ||
| ssh_key { | ||
| key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqaZoyiz1qbdOQ8xEf6uEu1cCwYowo5FHtsBhqLoDnnp7KUTEBN+L2NxRIfQ781rxV6Iq5jSav6b2Q8z5KiseOlvKA/RF2wqU0UPYqQviQhLmW6THTpmrv/YkUCuzxDpsH7DUDhZcwySLKVVe0Qm3+5N2Ta6UYH3lsDf9R9wTP2K/+vAnflKebuypNlmocIvakFWoZda18FOmsOoIVXQ8HWFNCuw9ZCunMSN62QGamCe3dL5cXlkgHYv7ekJE15IA9aOJcM7e90oeTqo+7HTcWfdu0qQqPWY5ujyMw/llas8tsXY85LFqRnr3gJ02bAscjc477+X+j/gkpFoN1QEmt [email protected]" |
There was a problem hiding this comment.
Nitpick: This could live in a separate file/dir (test-fixtures) and be reused in any other tests which need SSH pubkey.
| * `linux_profile` - (Required) A Linux Profile block as documented below. | ||
|
|
||
| * `agent_pool_profile` - (Required) One or more Agent Pool Profile's block as documented below. | ||
|
|
||
| * `service_principal` - (Required) A Service Principal block as documented below. | ||
|
|
||
| --- |
There was a problem hiding this comment.
Just curious - what's the point of separating these arguments by line?
There was a problem hiding this comment.
separating arguments by line means the diff's/merge conflicts are generally clearer
the dashes are to make it clearer to read - see the VM resource for an example: https://www.terraform.io/docs/providers/azurerm/r/virtual_machine.html - which makes it clearer what's required / makes it easier to understand
|
|
||
| * `network_plugin` - (Required) Network plugin to use for networking. Currently supported values are `azure` and `kubenet`. Changing this forces a new resource to be created. |
There was a problem hiding this comment.
Nitpick: I'd actually argue that backticks were more appropriate here as they enable highlighting of the string and make it stand out.
|
hey @yves-vogl @lfshr Just to let you know that we've just shipped support for this as a part of v1.13.0 of the AzureRM Provider :) Thanks! |
|
@tombuildsstuff Hi, thanks for implementing it. For both addon_profile elements: http_application_routing and oms_agent, you have choosen ForceNew: true. What was the motivation or intension to force a new cluster, when changing the values? The Azure CLI offers inplace update of an existing cluster. az aks enable-addons |
|
@thommaa I believe that the azure-sdk-for-go threw an error when trying to update the cluster. |
|
@thommaa @yves-vogl I'll try and do some more testing at some point this week (before spider-man gets released ofc) |
|
I'll try to have a look at the sources, too. We currently make heavy use of those stuff and it seems to be just fair if we spend some customer paid hours for contribution. So if any help is required, let us know. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks! |
ghost
locked and limited conversation to collaborators
Includes the changes originally contributed by @lfshr in #1502 - but updates this to resolve the merge conflicts