AKS: GA private cluster public fqdn feature (#3788)

* GA private cluster public fqdn feature * trigger pipeline * add breaking change parameter in release history Co-authored-by: Li Ma <lima2@microsoft.com>
Azure · Aug 19, 2021 · 2ceb992 · 2ceb992
1 parent 1fbebf8
commit 2ceb992
Show file tree

Hide file tree

Showing 7 changed files with 455 additions and 580 deletions.
diff --git a/src/aks-preview/HISTORY.md b/src/aks-preview/HISTORY.md
@@ -3,6 +3,10 @@
 Release History
 ===============
 
+0.5.27
++++++
+* GA private cluster public FQDN feature, breaking change to replace create parameter `--enable-public-fqdn` with `--disable-public-fqdn` since now it's enabled by default for private cluster during cluster creation.
+
 0.5.26
 +++++
 * Correct containerLogMaxSizeMb to containerLogMaxSizeMB in customized kubelet config

diff --git a/src/aks-preview/azext_aks_preview/_help.py b/src/aks-preview/azext_aks_preview/_help.py
@@ -263,9 +263,9 @@
         - name: --fqdn-subdomain
           type: string
           short-summary: Prefix for FQDN that is created for private cluster with custom private dns zone scenario.
-        - name: --enable-public-fqdn
+        - name: --disable-public-fqdn
           type: bool
-          short-summary: (Preview) Enable public fqdn feature for private cluster.
+          short-summary: Disable public fqdn feature for private cluster.
         - name: --enable-node-public-ip
           type: bool
           short-summary: Enable VMSS node public IP.
@@ -559,10 +559,10 @@
           short-summary: (Preview) If set to true, will enable getting static credential for this cluster.
         - name: --enable-public-fqdn
           type: bool
-          short-summary: (Preview) Enable public fqdn feature for private cluster.
+          short-summary: Enable public fqdn feature for private cluster.
         - name: --disable-public-fqdn
           type: bool
-          short-summary: (Preview) Disable public fqdn feature for private cluster.
+          short-summary: Disable public fqdn feature for private cluster.
     examples:
       - name: Enable cluster-autoscaler within node count range [1,5]
         text: az aks update --enable-cluster-autoscaler --min-count 1 --max-count 5 -g MyResourceGroup -n MyManagedCluster
@@ -1106,7 +1106,7 @@
     long-summary: Credentials are always in YAML format, so this argument is effectively ignored.
   - name: --public-fqdn
     type: bool
-    short-summary: (Preview) Get private cluster credential with server address to be public fqdn.
+    short-summary: Get private cluster credential with server address to be public fqdn.
 examples:
   - name: Get access credentials for a managed Kubernetes cluster. (autogenerated)
     text: az aks get-credentials --name MyManagedCluster --resource-group MyResourceGroup

diff --git a/src/aks-preview/azext_aks_preview/_params.py b/src/aks-preview/azext_aks_preview/_params.py
@@ -114,7 +114,7 @@ def load_arguments(self, _):
         c.argument('enable_private_cluster', action='store_true')
         c.argument('private_dns_zone')
         c.argument('fqdn_subdomain')
-        c.argument('enable_public_fqdn', action='store_true', is_preview=True)
+        c.argument('disable_public_fqdn', action='store_true')
         c.argument('enable_managed_identity', action='store_true')
         c.argument('assign_identity', type=str, validator=validate_assign_identity)
         c.argument('enable_sgxquotehelper', action='store_true')
@@ -154,8 +154,8 @@ def load_arguments(self, _):
         c.argument('api_server_authorized_ip_ranges', type=str, validator=validate_ip_ranges)
         c.argument('enable_pod_security_policy', action='store_true')
         c.argument('disable_pod_security_policy', action='store_true')
-        c.argument('enable_public_fqdn', action='store_true', is_preview=True)
-        c.argument('disable_public_fqdn', action='store_true', is_preview=True)
+        c.argument('enable_public_fqdn', action='store_true')
+        c.argument('disable_public_fqdn', action='store_true')
         c.argument('attach_acr', acr_arg_type, validator=validate_acr)
         c.argument('detach_acr', acr_arg_type, validator=validate_acr)
         c.argument('aks_custom_headers')
@@ -267,7 +267,7 @@ def load_arguments(self, _):
         c.argument('user', options_list=['--user', '-u'], default='clusterUser', validator=validate_user)
         c.argument('path', options_list=['--file', '-f'], type=file_type, completer=FilesCompleter(),
                    default=os.path.join(os.path.expanduser('~'), '.kube', 'config'))
-        c.argument('public_fqdn', default=False, action='store_true', is_preview=True)
+        c.argument('public_fqdn', default=False, action='store_true')
 
     with self.argument_context('aks pod-identity') as c:
         c.argument('cluster_name', type=str, help='The cluster name.')

diff --git a/src/aks-preview/azext_aks_preview/custom.py b/src/aks-preview/azext_aks_preview/custom.py
@@ -1012,7 +1012,7 @@ def aks_create(cmd,     # pylint: disable=too-many-locals,too-many-statements,to
                private_dns_zone=None,
                enable_managed_identity=True,
                fqdn_subdomain=None,
-               enable_public_fqdn=False,
+               disable_public_fqdn=False,
                api_server_authorized_ip_ranges=None,
                aks_custom_headers=None,
                appgw_name=None,
@@ -1411,17 +1411,17 @@ def aks_create(cmd,     # pylint: disable=too-many-locals,too-many-statements,to
         mc.node_resource_group = node_resource_group
 
     use_custom_private_dns_zone = False
-    if not enable_private_cluster and enable_public_fqdn:
-        raise ArgumentUsageError("--enable-public-fqdn should only be used with --enable-private-cluster")
+    if not enable_private_cluster and disable_public_fqdn:
+        raise ArgumentUsageError("--disable_public_fqdn should only be used with --enable-private-cluster")
     if enable_private_cluster:
         if load_balancer_sku.lower() != "standard":
             raise ArgumentUsageError(
                 "Please use standard load balancer for private cluster")
         mc.api_server_access_profile = ManagedClusterAPIServerAccessProfile(
             enable_private_cluster=True
         )
-        if enable_public_fqdn:
-            mc.api_server_access_profile.enable_private_cluster_public_fqdn = True
+        if disable_public_fqdn:
+            mc.api_server_access_profile.enable_private_cluster_public_fqdn = False
 
     if private_dns_zone:
         if not enable_private_cluster: