From d2975bb62419083c4740befca4d67bf793618144 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Thu, 27 Jul 2023 09:00:45 +0200 Subject: [PATCH 1/6] `azurerm_kubernetes_cluster` - Update Azure CNI to Azure CNI Overlay enabled --- ...ubernetes_cluster_network_resource_test.go | 68 +++++++++++++++++++ .../containers/kubernetes_cluster_resource.go | 2 - .../docs/r/kubernetes_cluster.html.markdown | 4 +- 3 files changed, 70 insertions(+), 4 deletions(-) diff --git a/internal/services/containers/kubernetes_cluster_network_resource_test.go b/internal/services/containers/kubernetes_cluster_network_resource_test.go index fa322b52e7d1..3914e3554636 100644 --- a/internal/services/containers/kubernetes_cluster_network_resource_test.go +++ b/internal/services/containers/kubernetes_cluster_network_resource_test.go @@ -826,6 +826,28 @@ func TestAccKubernetesCluster_networkPluginMode(t *testing.T) { }) } +func TestAccKubernetesCluster_networkPluginModeUpdate(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") + r := KubernetesClusterResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.networkPluginModeBase(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + { + Config: r.networkPluginMode(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + func TestAccKubernetesCluster_ebpfDataPlane(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_kubernetes_cluster", "test") r := KubernetesClusterResource{} @@ -3521,6 +3543,52 @@ resource "azurerm_kubernetes_cluster" "test" { `, data.Locations.Primary, data.RandomInteger, ebpfDataPlaneValue) } +func (KubernetesClusterResource) networkPluginModeBase(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} +resource "azurerm_resource_group" "test" { + name = "acctestRG-aks-%[2]d" + location = "%[1]s" +} + +resource "azurerm_virtual_network" "test" { + name = "acctestRG-vnet-%[2]d" + address_space = ["10.0.0.0/8"] + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name +} + +resource "azurerm_subnet" "test" { + name = "acctestRG-subnet-%[2]d" + resource_group_name = azurerm_resource_group.test.name + virtual_network_name = azurerm_virtual_network.test.name + address_prefixes = ["10.10.0.0/16"] + +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "acctestaks%[2]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + dns_prefix = "acctestaks%[2]d" + default_node_pool { + name = "default" + node_count = 1 + vm_size = "Standard_DS2_v2" + vnet_subnet_id = azurerm_subnet.test.id + } + identity { + type = "SystemAssigned" + } + network_profile { + network_plugin = "azure" + } +} +`, "westcentralus", data.RandomInteger) +} + func (KubernetesClusterResource) networkPluginMode(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { diff --git a/internal/services/containers/kubernetes_cluster_resource.go b/internal/services/containers/kubernetes_cluster_resource.go index 37ef324cecdc..9012ef2edf22 100644 --- a/internal/services/containers/kubernetes_cluster_resource.go +++ b/internal/services/containers/kubernetes_cluster_resource.go @@ -1072,7 +1072,6 @@ func resourceKubernetesCluster() *pluginsdk.Resource { "network_plugin_mode": { Type: pluginsdk.TypeString, Optional: true, - ForceNew: true, ValidateFunc: validation.StringInSlice([]string{ string(managedclusters.NetworkPluginModeOverlay), }, false), @@ -1546,7 +1545,6 @@ func resourceKubernetesCluster() *pluginsdk.Resource { resource.Schema["network_profile"].Elem.(*pluginsdk.Resource).Schema["network_plugin_mode"] = &pluginsdk.Schema{ Type: pluginsdk.TypeString, Optional: true, - ForceNew: true, ValidateFunc: validation.StringInSlice([]string{ string(managedclusters.NetworkPluginModeOverlay), "Overlay", diff --git a/website/docs/r/kubernetes_cluster.html.markdown b/website/docs/r/kubernetes_cluster.html.markdown index dd15afff6cce..7fa6d0abc6d0 100644 --- a/website/docs/r/kubernetes_cluster.html.markdown +++ b/website/docs/r/kubernetes_cluster.html.markdown @@ -681,9 +681,9 @@ A `network_profile` block supports the following: -> **Note:** This requires that the Preview Feature `Microsoft.ContainerService/CiliumDataplanePreview` is enabled and the Resource Provider is re-registered, see [the documentation](https://learn.microsoft.com/en-us/azure/aks/azure-cni-powered-by-cilium) for more information. -* `network_plugin_mode` - (Optional) Specifies the network plugin mode used for building the Kubernetes network. Possible value is `overlay`. Changing this forces a new resource to be created. +* `network_plugin_mode` - (Optional) Specifies the network plugin mode used for building the Kubernetes network. Possible value is `overlay`. -~> **Note:** When `network_plugin_mode` is set to `overlay`, the `network_plugin` field can only be set to `azure`. +~> **Note:** When `network_plugin_mode` is set to `overlay`, the `network_plugin` field can only be set to `azure`. When upgrading from Azure CNI without overlay, `pod_subnet_id` must be specified. * `outbound_type` - (Optional) The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are `loadBalancer`, `userDefinedRouting`, `managedNATGateway` and `userAssignedNATGateway`. Defaults to `loadBalancer`. Changing this forces a new resource to be created. From bbff56f3a263bd56b007b2a75649de15354e0f80 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Thu, 27 Jul 2023 09:19:43 +0200 Subject: [PATCH 2/6] fmt --- .../containers/kubernetes_cluster_network_resource_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/services/containers/kubernetes_cluster_network_resource_test.go b/internal/services/containers/kubernetes_cluster_network_resource_test.go index 3914e3554636..665bcdfc4b85 100644 --- a/internal/services/containers/kubernetes_cluster_network_resource_test.go +++ b/internal/services/containers/kubernetes_cluster_network_resource_test.go @@ -3583,7 +3583,7 @@ resource "azurerm_kubernetes_cluster" "test" { type = "SystemAssigned" } network_profile { - network_plugin = "azure" + network_plugin = "azure" } } `, "westcentralus", data.RandomInteger) From 3b3d1bf190df4a672b257dff4eaa654ea650282e Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Thu, 27 Jul 2023 10:06:20 +0200 Subject: [PATCH 3/6] Test data naming improved --- .../containers/kubernetes_cluster_network_resource_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/services/containers/kubernetes_cluster_network_resource_test.go b/internal/services/containers/kubernetes_cluster_network_resource_test.go index 665bcdfc4b85..0de518892049 100644 --- a/internal/services/containers/kubernetes_cluster_network_resource_test.go +++ b/internal/services/containers/kubernetes_cluster_network_resource_test.go @@ -832,7 +832,7 @@ func TestAccKubernetesCluster_networkPluginModeUpdate(t *testing.T) { data.ResourceTest(t, r, []acceptance.TestStep{ { - Config: r.networkPluginModeBase(data), + Config: r.networkPluginBase(data), Check: acceptance.ComposeTestCheckFunc( check.That(data.ResourceName).ExistsInAzure(r), ), @@ -3543,7 +3543,7 @@ resource "azurerm_kubernetes_cluster" "test" { `, data.Locations.Primary, data.RandomInteger, ebpfDataPlaneValue) } -func (KubernetesClusterResource) networkPluginModeBase(data acceptance.TestData) string { +func (KubernetesClusterResource) networkPluginBase(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { features {} From 10d9a1e4c2a3c35ec372d509ac7a7caddae18f34 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Thu, 27 Jul 2023 22:22:50 +0200 Subject: [PATCH 4/6] Validate reverse overlay --- .../containers/kubernetes_cluster_network_resource_test.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/internal/services/containers/kubernetes_cluster_network_resource_test.go b/internal/services/containers/kubernetes_cluster_network_resource_test.go index 0de518892049..c41c9c138b59 100644 --- a/internal/services/containers/kubernetes_cluster_network_resource_test.go +++ b/internal/services/containers/kubernetes_cluster_network_resource_test.go @@ -845,6 +845,13 @@ func TestAccKubernetesCluster_networkPluginModeUpdate(t *testing.T) { ), }, data.ImportStep(), + { + Config: r.networkPluginBase(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), }) } From 0f5ce2c30b384e5bb795be15784a854f0401b62a Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Wed, 23 Aug 2023 11:40:17 +0200 Subject: [PATCH 5/6] Make the upgrade one-way --- .../containers/kubernetes_cluster_network_resource_test.go | 7 ------- .../services/containers/kubernetes_cluster_resource.go | 3 +++ 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/internal/services/containers/kubernetes_cluster_network_resource_test.go b/internal/services/containers/kubernetes_cluster_network_resource_test.go index c41c9c138b59..0de518892049 100644 --- a/internal/services/containers/kubernetes_cluster_network_resource_test.go +++ b/internal/services/containers/kubernetes_cluster_network_resource_test.go @@ -845,13 +845,6 @@ func TestAccKubernetesCluster_networkPluginModeUpdate(t *testing.T) { ), }, data.ImportStep(), - { - Config: r.networkPluginBase(data), - Check: acceptance.ComposeTestCheckFunc( - check.That(data.ResourceName).ExistsInAzure(r), - ), - }, - data.ImportStep(), }) } diff --git a/internal/services/containers/kubernetes_cluster_resource.go b/internal/services/containers/kubernetes_cluster_resource.go index 9012ef2edf22..1c2965fd510c 100644 --- a/internal/services/containers/kubernetes_cluster_resource.go +++ b/internal/services/containers/kubernetes_cluster_resource.go @@ -105,6 +105,9 @@ func resourceKubernetesCluster() *pluginsdk.Resource { } return nil }, + pluginsdk.ForceNewIfChange("network_profile.0.network_plugin_mode", func(ctx context.Context, _, new, meta interface{}) bool { + return new.(string) != string(managedclusters.NetworkPluginModeOverlay) || new != "Overlay" + }), ), Timeouts: &pluginsdk.ResourceTimeout{ From d69d3ad54e719a0c9003adc94537ae93c048f352 Mon Sep 17 00:00:00 2001 From: aristosvo <8375124+aristosvo@users.noreply.github.com> Date: Wed, 6 Sep 2023 17:15:04 +0200 Subject: [PATCH 6/6] Update kubernetes_cluster_resource.go Co-authored-by: stephybun --- internal/services/containers/kubernetes_cluster_resource.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/services/containers/kubernetes_cluster_resource.go b/internal/services/containers/kubernetes_cluster_resource.go index 1c2965fd510c..067f87c652ae 100644 --- a/internal/services/containers/kubernetes_cluster_resource.go +++ b/internal/services/containers/kubernetes_cluster_resource.go @@ -106,7 +106,7 @@ func resourceKubernetesCluster() *pluginsdk.Resource { return nil }, pluginsdk.ForceNewIfChange("network_profile.0.network_plugin_mode", func(ctx context.Context, _, new, meta interface{}) bool { - return new.(string) != string(managedclusters.NetworkPluginModeOverlay) || new != "Overlay" + return !strings.EqualFold(new.(string), string(managedclusters.NetworkPluginModeOverlay)) }), ),