fix: networkplugin conversion only if networkpolicy is empty #1823
Conversation
jackfrancis
changed the title
Codecov Report
@@ Coverage Diff @@
## master #1823 +/- ##
==========================================
- Coverage 76.42% 76.41% -0.01%
==========================================
Files 130 130
Lines 19419 19413 -6
==========================================
- Hits 14841 14835 -6
Misses 3780 3780
Partials 798 798 |
| @@ -747,7 +747,7 @@ func setVlabsKubernetesDefaults(vp *vlabs.Properties, api *OrchestratorProfile) | |||
| api.KubernetesConfig.NetworkPolicy = vp.OrchestratorProfile.KubernetesConfig.NetworkPolicy | |||
| } | |||
| } | |||
| if api.KubernetesConfig.NetworkPlugin == "" { | |||
| if api.KubernetesConfig.NetworkPlugin == "" && api.KubernetesConfig.NetworkPolicy == "" { | |||
There was a problem hiding this comment.
This is the fix to the prior logic during vlabs-->unversioned conversion. Because not every version of NetworkPolicy will work with the default NetworkPlugin values below, we don't want to brute force set the default unless NetworkPolicy is also empty.
There was a problem hiding this comment.
so what happens now if NetworkPlugin is empty but not NetworkPolicy? Do we set the NetworkPlugin somewhere else?
jackfrancis
changed the title
| @@ -39,8 +39,8 @@ | |||
| } | |||
| ], | |||
| "servicePrincipalProfile": { | |||
| "servicePrincipalClientID": "", | |||
| "servicePrincipalClientSecret": "" | |||
| "clientId": "", | |||
There was a problem hiding this comment.
These properties were not valid :|
| @@ -40,8 +40,8 @@ | |||
| } | |||
| ], | |||
| "servicePrincipalProfile": { | |||
| "servicePrincipalClientID": "", | |||
| "servicePrincipalClientSecret": "" | |||
| "clientId": "", | |||
| @@ -43,8 +43,8 @@ | |||
| } | |||
| ], | |||
| "servicePrincipalProfile": { | |||
| "servicePrincipalClientID": "", | |||
| "servicePrincipalClientSecret": "" | |||
| "clientId": "", | |||
| 4. **swarmmodevnet.json** - deploying and using [Swarm Mode](../../docs/swarmmode.md) | ||
| 1. First, deploy a custom vnet. An example of an arm template that does this is under directory vnetarmtemplate. | ||
| 2. Next configure the example templates, and deploy according to the examples: | ||
| 1. **kubernetesvnet.json** - deploying and using [Kubernetes](../../docs/topics/features.md#feat-custom-vnet) |
There was a problem hiding this comment.
Cleaned up broken references and did a super quick version of making what remains more or less correct.
| @@ -50,19 +50,11 @@ | |||
| }, | |||
| { | |||
| "name": "keyvault-flexvolume", | |||
| "enabled": false, | |||
There was a problem hiding this comment.
These properties were not valid :|
| }, | ||
| { | ||
| "name": "blobfuse-flexvolume", | ||
| "enabled": false, |
| @@ -99,7 +99,7 @@ func (cs *ContainerService) setOrchestratorDefaults(isUpgrade, isScale bool) { | |||
| // we translate deprecated NetworkPolicy usage to the NetworkConfig equivalent | |||
| // and set a default network policy enforcement configuration | |||
| switch o.KubernetesConfig.NetworkPolicy { | |||
| case NetworkPluginAzure: | |||
| case NetworkPolicyAzure: | |||
There was a problem hiding this comment.
@CecileRobertMichon I made this sort of superficial change because (1) it's more expressive to use the NetworkPolicy const here and (2) hopefully it answers your question below.
There was a problem hiding this comment.
Sorry, your question above ;)
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: CecileRobertMichon, jackfrancis, mboersma The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Reason for Change:
This PR adds unit test coverage to generate + validate as vlabs (the new default flow with #1766), and fixes a faulty bit of logic in automatically setting the
networkPluginto the default value during "vlabs to unversioned" api model conversion.This work reflects the fact that one of the examples api models we use to perform E2E tests was broken with the above commit, and we didn't know about it. In order to protect against that a full audit of the
examples/directory was performed, and all vlabs JSON files were given basicaks-engine generateunit test coverage. Where appropriate, api model specs were updated when these new unit tests revealed that in fact they were non-working. Also, where appropriate, api model files (e.g., no-longer aks-engine-supported Kubernetes versions) were deleted from theexamples/directory to improve the fidelity of stuff in there that actually works.Additionally,
*.json.envfiles which were used by an older, no longer used/maintained E2E script, were deleted.Only api model examples under
examples/that arevlabs-versioned were included in additional unit tests.Issue Fixed:
Fixes #1828
Requirements:
Notes: