Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_kubernetes_clusterazurerm_kubernetes_cluster_node_pool - support for the node_public_ip_tags property #19731

Conversation

ms-henglu
Copy link
Contributor

@ms-henglu ms-henglu commented Dec 20, 2022

Closes #19128

@ms-henglu ms-henglu force-pushed the ticket-14362631-aks-pool-network-profile-ip-tags branch from 04c29de to 6aad1fc Compare December 20, 2022 01:48
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this PR @ms-henglu. I left a few minor comments in-line, but once those are fixed up this should be good to go!

@github-actions github-actions bot added size/XL and removed size/L labels Jan 16, 2023
@ms-henglu ms-henglu requested a review from stephybun January 16, 2023 02:42
@github-actions github-actions bot added size/L and removed size/XL labels Jan 19, 2023
@ms-henglu ms-henglu requested a review from stephybun January 19, 2023 11:04
Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are test failures:

------- Stdout: -------
=== RUN   TestAccKubernetesClusterNodePool_nodeIPTags
=== PAUSE TestAccKubernetesClusterNodePool_nodeIPTags
=== CONT  TestAccKubernetesClusterNodePool_nodeIPTags
testcase.go:110: Step 1/2 error: After applying this test step, the plan was not empty.
stdout:
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement
Terraform will perform the following actions:
# azurerm_kubernetes_cluster_node_pool.test must be replaced
-/+ resource "azurerm_kubernetes_cluster_node_pool" "test" {
- custom_ca_trust_enabled = false -> null
- enable_auto_scaling     = false -> null
- enable_host_encryption  = false -> null
- fips_enabled            = false -> null
~ id                      = "/subscriptions/*******/resourceGroups/acctestRG-aks-230119131734642943/providers/Microsoft.ContainerService/managedClusters/acctestaks230119131734642943/agentPools/internal" -> (known after apply)
~ kubelet_disk_type       = "OS" -> (known after apply)
- max_count               = 0 -> null
~ max_pods                = 110 -> (known after apply)
- min_count               = 0 -> null
name                    = "internal"
~ node_count              = 0 -> (known after apply)
~ node_labels             = {} -> (known after apply)
~ orchestrator_version    = "1.24.6" -> (known after apply)
~ os_disk_size_gb         = 128 -> (known after apply)
~ os_sku                  = "Ubuntu" -> (known after apply)
# (10 unchanged attributes hidden)
+ node_network_profile {
+ node_public_ip_tags = {
+ "RoutingPreference" = "Internet"
} # forces replacement
}
}
Plan: 1 to add, 0 to change, 1 to destroy.
--- FAIL: TestAccKubernetesClusterNodePool_nodeIPTags (872.74s)
FAIL
------- Stdout: -------
=== RUN   TestAccKubernetesCluster_clusterPoolNodePublicIPTags
=== PAUSE TestAccKubernetesCluster_clusterPoolNodePublicIPTags
=== CONT  TestAccKubernetesCluster_clusterPoolNodePublicIPTags
testcase.go:110: Step 1/2 error: After applying this test step, the plan was not empty.
stdout:
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement
Terraform will perform the following actions:
# azurerm_kubernetes_cluster.test must be replaced
-/+ resource "azurerm_kubernetes_cluster" "test" {
~ api_server_authorized_ip_ranges     = [] -> (known after apply)
- enable_pod_security_policy          = false -> null
~ fqdn                                = "acctestaks230119130043638271-64f6eacc.hcp.eastus.azmk8s.io" -> (known after apply)
+ http_application_routing_zone_name  = (known after apply)
~ id                                  = "/subscriptions/*******/resourceGroups/acctestRG-aks-230119130043638271/providers/Microsoft.ContainerService/managedClusters/acctestaks230119130043638271" -> (known after apply)
~ kube_admin_config                   = (sensitive value)
+ kube_admin_config_raw               = (sensitive value)
~ kube_config                         = (sensitive value)
~ kube_config_raw                     = (sensitive value)
~ kubernetes_version                  = "1.24.6" -> (known after apply)
- local_account_disabled              = false -> null
name                                = "acctestaks230119130043638271"
~ node_resource_group                 = "MC_acctestRG-aks-230119130043638271_acctestaks230119130043638271_eastus" -> (known after apply)
- oidc_issuer_enabled                 = false -> null
+ oidc_issuer_url                     = (known after apply)
~ portal_fqdn                         = "acctestaks230119130043638271-64f6eacc.portal.hcp.eastus.azmk8s.io" -> (known after apply)
+ private_dns_zone_id                 = (known after apply)
+ private_fqdn                        = (known after apply)
# (12 unchanged attributes hidden)
+ api_server_access_profile {
+ authorized_ip_ranges     = (known after apply)
+ subnet_id                = (known after apply)
+ vnet_integration_enabled = (known after apply)
}
+ auto_scaler_profile {
+ balance_similar_node_groups      = (known after apply)
+ empty_bulk_delete_max            = (known after apply)
+ expander                         = (known after apply)
+ max_graceful_termination_sec     = (known after apply)
+ max_node_provisioning_time       = (known after apply)
+ max_unready_nodes                = (known after apply)
+ max_unready_percentage           = (known after apply)
+ new_pod_scale_up_delay           = (known after apply)
+ scale_down_delay_after_add       = (known after apply)
+ scale_down_delay_after_delete    = (known after apply)
+ scale_down_delay_after_failure   = (known after apply)
+ scale_down_unneeded              = (known after apply)
+ scale_down_unready               = (known after apply)
+ scale_down_utilization_threshold = (known after apply)
+ scan_interval                    = (known after apply)
+ skip_nodes_with_local_storage    = (known after apply)
+ skip_nodes_with_system_pods      = (known after apply)
}
~ default_node_pool {
- custom_ca_trust_enabled      = false -> null
- enable_auto_scaling          = false -> null
- enable_host_encryption       = false -> null
- fips_enabled                 = false -> null
~ kubelet_disk_type            = "OS" -> (known after apply)
- max_count                    = 0 -> null
~ max_pods                     = 110 -> (known after apply)
- min_count                    = 0 -> null
name                         = "default"
~ node_labels                  = {} -> (known after apply)
- only_critical_addons_enabled = false -> null
~ orchestrator_version         = "1.24.6" -> (known after apply)
~ os_disk_size_gb              = 128 -> (known after apply)
~ os_sku                       = "Ubuntu" -> (known after apply)
+ workload_runtime             = (known after apply)
# (7 unchanged attributes hidden)
+ node_network_profile {
+ node_public_ip_tags = {
+ "RoutingPreference" = "Internet"
} # forces replacement
}
}
~ identity {
~ principal_id = "302382d3-eb99-4e11-b83e-0e2d5ca4a104" -> (known after apply)
~ tenant_id    = "*******" -> (known after apply)
# (1 unchanged attribute hidden)
}
~ kubelet_identity {
~ client_id                 = "d63e049c-7ea2-4716-afd1-adf4269719f0" -> (known after apply)
~ object_id                 = "4bccf6e5-0892-4457-b60b-cec34641e670" -> (known after apply)
~ user_assigned_identity_id = "/subscriptions/*******/resourceGroups/MC_acctestRG-aks-230119130043638271_acctestaks230119130043638271_eastus/providers/Microsoft.ManagedIdentity/userAssignedIdentities/acctestaks230119130043638271-agentpool" -> (known after apply)
}
~ network_profile {
~ dns_service_ip      = "10.0.0.10" -> (known after apply)
~ docker_bridge_cidr  = "172.17.0.1/16" -> (known after apply)
+ ebpf_data_plane     = (known after apply)
~ ip_versions         = [
- "IPv4",
] -> (known after apply)
~ load_balancer_sku   = "standard" -> (known after apply)
+ network_mode        = (known after apply)
~ network_plugin      = "kubenet" -> (known after apply)
+ network_plugin_mode = (known after apply)
+ network_policy      = (known after apply)
~ outbound_type       = "loadBalancer" -> (known after apply)
~ pod_cidr            = "10.244.0.0/16" -> (known after apply)
~ pod_cidrs           = [
- "10.244.0.0/16",
] -> (known after apply)
~ service_cidr        = "10.0.0.0/16" -> (known after apply)
~ service_cidrs       = [
- "10.0.0.0/16",
] -> (known after apply)
~ load_balancer_profile {
~ effective_outbound_ips      = [
- "/subscriptions/*******/resourceGroups/MC_acctestRG-aks-230119130043638271_acctestaks230119130043638271_eastus/providers/Microsoft.Network/publicIPAddresses/28086d92-d5f8-4de2-842f-36a21059e706",
] -> (known after apply)
~ idle_timeout_in_minutes     = 0 -> (known after apply)
~ managed_outbound_ip_count   = 1 -> (known after apply)
~ managed_outbound_ipv6_count = 0 -> (known after apply)
~ outbound_ip_address_ids     = [] -> (known after apply)
~ outbound_ip_prefix_ids      = [] -> (known after apply)
~ outbound_ports_allocated    = 0 -> (known after apply)
}
+ nat_gateway_profile {
+ effective_outbound_ips    = (known after apply)
+ idle_timeout_in_minutes   = (known after apply)
+ managed_outbound_ip_count = (known after apply)
}
}
+ windows_profile {
+ admin_password = (sensitive value)
+ admin_username = (known after apply)
+ license        = (known after apply)
+ gmsa {
+ dns_server  = (known after apply)
+ root_domain = (known after apply)
}
}
}
Plan: 1 to add, 0 to change, 1 to destroy.
--- FAIL: TestAccKubernetesCluster_clusterPoolNodePublicIPTags (815.74s)
FAIL

@ms-henglu
Copy link
Contributor Author

Hi @stephybun ,

Tests passed!

image

image

@ms-henglu ms-henglu requested a review from stephybun January 19, 2023 16:16
@ms-henglu
Copy link
Contributor Author

Hi @stephybun ,

Would you please take another look? The tests are passed.

Copy link
Member

@stephybun stephybun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @ms-henglu. I reverted the last change which added a check on the length of the tags, since that would become problematic if more properties are added to the network profile block for nodes. For now this is fine.

LGTM 👍

@stephybun stephybun merged commit 6160ba4 into hashicorp:main Jan 26, 2023
@github-actions github-actions bot added this to the v3.41.0 milestone Jan 26, 2023
stephybun added a commit that referenced this pull request Jan 26, 2023
@github-actions
Copy link

This functionality has been released in v3.41.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Support for internet routing ip tag on node level public ip in AKS
2 participants