From 58186f6c959756fce1e4484e8835211d3a80b42b Mon Sep 17 00:00:00 2001 From: Jun Sun <33297523+JunSun17@users.noreply.github.com> Date: Tue, 20 Apr 2021 18:01:30 -0700 Subject: [PATCH] Add FIPS support to CLI extension. (#3254) --- src/aks-preview/azext_aks_preview/_help.py | 6 + src/aks-preview/azext_aks_preview/_params.py | 2 + src/aks-preview/azext_aks_preview/custom.py | 4 + .../recordings/test_aks_create_with_fips.yaml | 1191 +++++++++++++++++ .../tests/latest/test_aks_commands.py | 34 + 5 files changed, 1237 insertions(+) create mode 100644 src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_create_with_fips.yaml diff --git a/src/aks-preview/azext_aks_preview/_help.py b/src/aks-preview/azext_aks_preview/_help.py index 47bfa890692..f1998a0e133 100644 --- a/src/aks-preview/azext_aks_preview/_help.py +++ b/src/aks-preview/azext_aks_preview/_help.py @@ -213,6 +213,9 @@ - name: --ppg type: string short-summary: The ID of a PPG. + - name: --enable-fips-image + type: bool + short-summary: Use FIPS-enabled OS on agent nodes. - name: --workspace-resource-id type: string short-summary: The resource ID of an existing Log Analytics Workspace to use for storing monitoring data. If not specified, uses the default Log Analytics Workspace if it exists, otherwise creates one. @@ -834,6 +837,9 @@ - name: --os-type type: string short-summary: The OS Type. Linux or Windows. + - name: --enable-fips-image + type: bool + short-summary: Use FIPS-enabled OS on agent nodes. - name: --enable-cluster-autoscaler -e type: bool short-summary: Enable cluster autoscaler. diff --git a/src/aks-preview/azext_aks_preview/_params.py b/src/aks-preview/azext_aks_preview/_params.py index a8e19b9304e..bcdabe0dc81 100644 --- a/src/aks-preview/azext_aks_preview/_params.py +++ b/src/aks-preview/azext_aks_preview/_params.py @@ -91,6 +91,7 @@ def load_arguments(self, _): c.argument('ppg') c.argument('workspace_resource_id') c.argument('skip_subnet_role_assignment', action='store_true') + c.argument('enable_fips_image', action='store_true', is_preview=True) c.argument('enable_cluster_autoscaler', action='store_true') c.argument('uptime_sla', action='store_true') c.argument('cluster_autoscaler_profile', nargs='+', validator=validate_cluster_autoscaler_profile) @@ -202,6 +203,7 @@ def load_arguments(self, _): c.argument('node_vm_size', options_list=['--node-vm-size', '-s'], completer=get_vm_size_completion_list) c.argument('max_pods', type=int, options_list=['--max-pods', '-m']) c.argument('os_type', type=str) + c.argument('enable_fips_image', action='store_true', is_preview=True) c.argument('enable_cluster_autoscaler', options_list=["--enable-cluster-autoscaler", "-e"], action='store_true') c.argument('node_taints', type=str, validator=validate_taints) c.argument('priority', arg_type=get_enum_type([CONST_SCALE_SET_PRIORITY_REGULAR, CONST_SCALE_SET_PRIORITY_SPOT]), validator=validate_priority) diff --git a/src/aks-preview/azext_aks_preview/custom.py b/src/aks-preview/azext_aks_preview/custom.py index 9dfa8d24383..a027497b055 100644 --- a/src/aks-preview/azext_aks_preview/custom.py +++ b/src/aks-preview/azext_aks_preview/custom.py @@ -971,6 +971,7 @@ def aks_create(cmd, # pylint: disable=too-many-locals,too-many-statements,to enable_vmss=None, vm_set_type=None, skip_subnet_role_assignment=False, + enable_fips_image=False, enable_cluster_autoscaler=False, cluster_autoscaler_profile=None, network_plugin=None, @@ -1087,6 +1088,7 @@ def aks_create(cmd, # pylint: disable=too-many-locals,too-many-statements,to proximity_placement_group_id=ppg, availability_zones=node_zones, enable_node_public_ip=enable_node_public_ip, + enable_fips=enable_fips_image, node_public_ip_prefix_id=node_public_ip_prefix_id, enable_encryption_at_host=enable_encryption_at_host, max_pods=int(max_pods) if max_pods else None, @@ -2933,6 +2935,7 @@ def aks_agentpool_add(cmd, # pylint: disable=unused-argument,too-many-local ppg=None, max_pods=0, os_type="Linux", + enable_fips_image=False, min_count=None, max_count=None, enable_cluster_autoscaler=False, @@ -2982,6 +2985,7 @@ def aks_agentpool_add(cmd, # pylint: disable=unused-argument,too-many-local count=int(node_count), vm_size=node_vm_size, os_type=os_type, + enable_fips=enable_fips_image, storage_profile=ContainerServiceStorageProfileTypes.managed_disks, vnet_subnet_id=vnet_subnet_id, pod_subnet_id=pod_subnet_id, diff --git a/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_create_with_fips.yaml b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_create_with_fips.yaml new file mode 100644 index 00000000000..09d7698d8df --- /dev/null +++ b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_create_with_fips.yaml @@ -0,0 +1,1191 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-resource/12.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + accept-language: + - en-US + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001?api-version=2020-10-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001","name":"clitest000001","type":"Microsoft.Resources/resourceGroups","location":"eastus2euap","tags":{"product":"azurecli","cause":"automation","date":"2021-04-19T16:50:25Z"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '317' + content-type: + - application/json; charset=utf-8 + date: + - Mon, 19 Apr 2021 16:50:26 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "eastus2euap", "properties": {"kubernetesVersion": "", "dnsPrefix": + "cliakstest-clitestpletz3jtr-c10894", "agentPoolProfiles": [{"count": 3, "vmSize": + "Standard_DS2_v2", "osType": "Linux", "type": "VirtualMachineScaleSets", "mode": + "System", "enableNodePublicIP": false, "scaleSetPriority": "Regular", "scaleSetEvictionPolicy": + "Delete", "enableEncryptionAtHost": false, "enableFIPS": true, "name": "nodepool1"}], + "linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4XWu6dN1UBl8ZQKdx5vBO+jDxrTVVo0C8QFqS5zj71MRkZmu36fCma/OmDLSPRyulUYj9ZbZoKiUbm+UlDlj/JPc4nrPyyTqP8kJEJGdm5wmLgAhSlE9gD9vjlq3IISrXX8t+cr9+vBorq+lG+RVq6l6uPdsXWgCAWEjvU9/rK5lyC5JjWoP1MmYwm3xs5NT07DKI+m5UIzIONbwNJXPCTDjaslayic7M+xgU1nXkWyWAR5gRiM4D2mJzwGAc2BCbMEzybEbupPZudBa7jE9oE+Z7bxr0Q2obebbHCpvoLpGSxfmjI1FL7nz+g3CsAu4YjpgZGV0y8yljP45sV03F"}]}}, + "addonProfiles": {}, "enableRBAC": true, "enablePodSecurityPolicy": false, "networkProfile": + {"networkPlugin": "kubenet", "podCidr": "10.244.0.0/16", "serviceCidr": "10.0.0.0/16", + "dnsServiceIP": "10.0.0.10", "dockerBridgeCidr": "172.17.0.1/16", "outboundType": + "loadBalancer", "loadBalancerSku": "standard"}}, "identity": {"type": "SystemAssigned"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + Content-Length: + - '1247' + Content-Type: + - application/json; charset=utf-8 + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + accept-language: + - en-US + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001?api-version=2021-03-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001\",\n + \ \"location\": \"eastus2euap\",\n \"name\": \"cliakstest000001\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Creating\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.19.9\",\n \"dnsPrefix\": \"cliakstest-clitestpletz3jtr-c10894\",\n \"fqdn\": + \"cliakstest-clitestpletz3jtr-c10894-4a2d882c.hcp.eastus2euap.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitestpletz3jtr-c10894-4a2d882c.portal.hcp.eastus2euap.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"maxPods\": 110,\n + \ \"type\": \"VirtualMachineScaleSets\",\n \"provisioningState\": \"Creating\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.19.9\",\n \"enableNodePublicIP\": false,\n \"nodeLabels\": {},\n + \ \"mode\": \"System\",\n \"enableEncryptionAtHost\": false,\n \"osType\": + \"Linux\",\n \"nodeImageVersion\": \"AKSUbuntu-1804gen2fipscontainerd-2021.03.31\",\n + \ \"enableFIPS\": true\n }\n ],\n \"linuxProfile\": {\n \"adminUsername\": + \"azureuser\",\n \"ssh\": {\n \"publicKeys\": [\n {\n \"keyData\": + \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4XWu6dN1UBl8ZQKdx5vBO+jDxrTVVo0C8QFqS5zj71MRkZmu36fCma/OmDLSPRyulUYj9ZbZoKiUbm+UlDlj/JPc4nrPyyTqP8kJEJGdm5wmLgAhSlE9gD9vjlq3IISrXX8t+cr9+vBorq+lG+RVq6l6uPdsXWgCAWEjvU9/rK5lyC5JjWoP1MmYwm3xs5NT07DKI+m5UIzIONbwNJXPCTDjaslayic7M+xgU1nXkWyWAR5gRiM4D2mJzwGAc2BCbMEzybEbupPZudBa7jE9oE+Z7bxr0Q2obebbHCpvoLpGSxfmjI1FL7nz+g3CsAu4YjpgZGV0y8yljP45sV03F\"\n + \ }\n ]\n }\n },\n \"servicePrincipalProfile\": {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n + \ },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000001_eastus2euap\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"networkProfile\": + {\n \"networkPlugin\": \"kubenet\",\n \"loadBalancerSku\": \"standard\",\n + \ \"loadBalancerProfile\": {\n \"managedOutboundIPs\": {\n \"count\": + 1\n }\n },\n \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": + \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\",\n \"dockerBridgeCidr\": + \"172.17.0.1/16\",\n \"outboundType\": \"loadBalancer\"\n },\n \"maxAgentPools\": + 100\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Basic\",\n \"tier\": \"Free\"\n }\n }" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + cache-control: + - no-cache + content-length: + - '2621' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:50:35 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"c6c632df-bf21-094a-ac76-38a25040e05b\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:50:33.8466666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:51:05 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"c6c632df-bf21-094a-ac76-38a25040e05b\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:50:33.8466666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:51:35 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"c6c632df-bf21-094a-ac76-38a25040e05b\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:50:33.8466666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:52:06 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"c6c632df-bf21-094a-ac76-38a25040e05b\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:50:33.8466666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:52:37 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"c6c632df-bf21-094a-ac76-38a25040e05b\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:50:33.8466666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:53:08 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"c6c632df-bf21-094a-ac76-38a25040e05b\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:50:33.8466666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:53:38 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"c6c632df-bf21-094a-ac76-38a25040e05b\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:50:33.8466666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:54:08 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/df32c6c6-21bf-4a09-ac76-38a25040e05b?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"c6c632df-bf21-094a-ac76-38a25040e05b\",\n \"status\": + \"Succeeded\",\n \"startTime\": \"2021-04-19T16:50:33.8466666Z\",\n \"endTime\": + \"2021-04-19T16:54:12.7845244Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '170' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:54:38 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --enable-fips-image --generate-ssh-keys + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001?api-version=2021-03-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001\",\n + \ \"location\": \"eastus2euap\",\n \"name\": \"cliakstest000001\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Succeeded\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.19.9\",\n \"dnsPrefix\": \"cliakstest-clitestpletz3jtr-c10894\",\n \"fqdn\": + \"cliakstest-clitestpletz3jtr-c10894-4a2d882c.hcp.eastus2euap.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitestpletz3jtr-c10894-4a2d882c.portal.hcp.eastus2euap.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"maxPods\": 110,\n + \ \"type\": \"VirtualMachineScaleSets\",\n \"provisioningState\": \"Succeeded\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.19.9\",\n \"enableNodePublicIP\": false,\n \"nodeLabels\": {},\n + \ \"mode\": \"System\",\n \"enableEncryptionAtHost\": false,\n \"osType\": + \"Linux\",\n \"nodeImageVersion\": \"AKSUbuntu-1804gen2fipscontainerd-2021.03.31\",\n + \ \"enableFIPS\": true\n }\n ],\n \"linuxProfile\": {\n \"adminUsername\": + \"azureuser\",\n \"ssh\": {\n \"publicKeys\": [\n {\n \"keyData\": + \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4XWu6dN1UBl8ZQKdx5vBO+jDxrTVVo0C8QFqS5zj71MRkZmu36fCma/OmDLSPRyulUYj9ZbZoKiUbm+UlDlj/JPc4nrPyyTqP8kJEJGdm5wmLgAhSlE9gD9vjlq3IISrXX8t+cr9+vBorq+lG+RVq6l6uPdsXWgCAWEjvU9/rK5lyC5JjWoP1MmYwm3xs5NT07DKI+m5UIzIONbwNJXPCTDjaslayic7M+xgU1nXkWyWAR5gRiM4D2mJzwGAc2BCbMEzybEbupPZudBa7jE9oE+Z7bxr0Q2obebbHCpvoLpGSxfmjI1FL7nz+g3CsAu4YjpgZGV0y8yljP45sV03F\"\n + \ }\n ]\n }\n },\n \"servicePrincipalProfile\": {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n + \ },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000001_eastus2euap\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"networkProfile\": + {\n \"networkPlugin\": \"kubenet\",\n \"loadBalancerSku\": \"Standard\",\n + \ \"loadBalancerProfile\": {\n \"managedOutboundIPs\": {\n \"count\": + 1\n },\n \"effectiveOutboundIPs\": [\n {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000001_eastus2euap/providers/Microsoft.Network/publicIPAddresses/30ca40fa-52b5-48bb-ab55-c38a7d54a823\"\n + \ }\n ]\n },\n \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": + \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\",\n \"dockerBridgeCidr\": + \"172.17.0.1/16\",\n \"outboundType\": \"loadBalancer\"\n },\n \"maxAgentPools\": + 100,\n \"identityProfile\": {\n \"kubeletidentity\": {\n \"resourceId\": + \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000001_eastus2euap/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cliakstest000001-agentpool\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n }\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Basic\",\n \"tier\": \"Free\"\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '3292' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:54:40 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + accept-language: + - en-US + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001/agentPools?api-version=2021-03-01 + response: + body: + string: "{\n \"value\": [\n {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001/agentPools/nodepool1\",\n + \ \"name\": \"nodepool1\",\n \"type\": \"Microsoft.ContainerService/managedClusters/agentPools\",\n + \ \"properties\": {\n \"count\": 3,\n \"vmSize\": \"Standard_DS2_v2\",\n + \ \"osDiskSizeGB\": 128,\n \"osDiskType\": \"Managed\",\n \"kubeletDiskType\": + \"OS\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"provisioningState\": \"Succeeded\",\n \"powerState\": {\n \"code\": + \"Running\"\n },\n \"orchestratorVersion\": \"1.19.9\",\n \"enableNodePublicIP\": + false,\n \"nodeLabels\": {},\n \"mode\": \"System\",\n \"enableEncryptionAtHost\": + false,\n \"osType\": \"Linux\",\n \"nodeImageVersion\": \"AKSUbuntu-1804gen2fipscontainerd-2021.03.31\",\n + \ \"enableFIPS\": true\n }\n }\n ]\n }" + headers: + cache-control: + - no-cache + content-length: + - '906' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:54:41 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"properties": {"count": 3, "vmSize": "Standard_DS2_v2", "osType": "Linux", + "type": "VirtualMachineScaleSets", "mode": "User", "upgradeSettings": {}, "enableNodePublicIP": + false, "scaleSetPriority": "Regular", "scaleSetEvictionPolicy": "Delete", "nodeTaints": + [], "enableEncryptionAtHost": false, "enableFIPS": true}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + Content-Length: + - '317' + Content-Type: + - application/json; charset=utf-8 + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + accept-language: + - en-US + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001/agentPools/np2?api-version=2021-03-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001/agentPools/np2\",\n + \ \"name\": \"np2\",\n \"type\": \"Microsoft.ContainerService/managedClusters/agentPools\",\n + \ \"properties\": {\n \"count\": 3,\n \"vmSize\": \"Standard_DS2_v2\",\n + \ \"osDiskSizeGB\": 128,\n \"osDiskType\": \"Managed\",\n \"kubeletDiskType\": + \"OS\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"provisioningState\": \"Creating\",\n \"powerState\": {\n \"code\": + \"Running\"\n },\n \"orchestratorVersion\": \"1.19.9\",\n \"enableNodePublicIP\": + false,\n \"mode\": \"User\",\n \"enableEncryptionAtHost\": false,\n \"osType\": + \"Linux\",\n \"nodeImageVersion\": \"AKSUbuntu-1804gen2fipscontainerd-2021.03.31\",\n + \ \"upgradeSettings\": {},\n \"enableFIPS\": true\n }\n }" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/c527d52c-aa73-4b1e-a8c1-6de136065114?api-version=2016-03-30 + cache-control: + - no-cache + content-length: + - '821' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:54:46 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/c527d52c-aa73-4b1e-a8c1-6de136065114?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"2cd527c5-73aa-1e4b-a8c1-6de136065114\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:54:46.0566666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:55:17 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/c527d52c-aa73-4b1e-a8c1-6de136065114?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"2cd527c5-73aa-1e4b-a8c1-6de136065114\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:54:46.0566666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:55:47 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/c527d52c-aa73-4b1e-a8c1-6de136065114?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"2cd527c5-73aa-1e4b-a8c1-6de136065114\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:54:46.0566666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:56:17 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/c527d52c-aa73-4b1e-a8c1-6de136065114?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"2cd527c5-73aa-1e4b-a8c1-6de136065114\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:54:46.0566666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:56:48 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/c527d52c-aa73-4b1e-a8c1-6de136065114?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"2cd527c5-73aa-1e4b-a8c1-6de136065114\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:54:46.0566666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:57:19 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/c527d52c-aa73-4b1e-a8c1-6de136065114?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"2cd527c5-73aa-1e4b-a8c1-6de136065114\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2021-04-19T16:54:46.0566666Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:57:49 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/c527d52c-aa73-4b1e-a8c1-6de136065114?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"2cd527c5-73aa-1e4b-a8c1-6de136065114\",\n \"status\": + \"Succeeded\",\n \"startTime\": \"2021-04-19T16:54:46.0566666Z\",\n \"endTime\": + \"2021-04-19T16:58:06.6317801Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '170' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:58:19 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks nodepool add + Connection: + - keep-alive + ParameterSetName: + - --resource-group --cluster-name --name --enable-fips-image + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.0.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001/agentPools/np2?api-version=2021-03-01 + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001/agentPools/np2\",\n + \ \"name\": \"np2\",\n \"type\": \"Microsoft.ContainerService/managedClusters/agentPools\",\n + \ \"properties\": {\n \"count\": 3,\n \"vmSize\": \"Standard_DS2_v2\",\n + \ \"osDiskSizeGB\": 128,\n \"osDiskType\": \"Managed\",\n \"kubeletDiskType\": + \"OS\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"provisioningState\": \"Succeeded\",\n \"powerState\": {\n \"code\": + \"Running\"\n },\n \"orchestratorVersion\": \"1.19.9\",\n \"enableNodePublicIP\": + false,\n \"mode\": \"User\",\n \"enableEncryptionAtHost\": false,\n \"osType\": + \"Linux\",\n \"nodeImageVersion\": \"AKSUbuntu-1804gen2fipscontainerd-2021.03.31\",\n + \ \"upgradeSettings\": {},\n \"enableFIPS\": true\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '822' + content-type: + - application/json + date: + - Mon, 19 Apr 2021 16:58:21 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks delete + Connection: + - keep-alive + Content-Length: + - '0' + ParameterSetName: + - -g -n --yes --no-wait + User-Agent: + - python/3.7.3 (Linux-4.15.0-1113-azure-x86_64-with-debian-10.2) msrest/0.6.21 + cloud-shell/1.0 msrest_azure/0.6.3 azure-mgmt-containerservice/11.1.0 Azure-SDK-For-Python + AZURECLI/2.21.0 + accept-language: + - en-US + method: DELETE + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000001?api-version=2021-02-01 + response: + body: + string: '' + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operations/32caa27b-cd58-41ca-b69b-e468de99d27f?api-version=2016-03-30 + cache-control: + - no-cache + content-length: + - '0' + date: + - Mon, 19 Apr 2021 16:58:26 GMT + expires: + - '-1' + location: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/operationresults/32caa27b-cd58-41ca-b69b-e468de99d27f?api-version=2016-03-30 + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-deletes: + - '14999' + status: + code: 202 + message: Accepted +version: 1 diff --git a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py index 5df690021be..c14c234dbc2 100644 --- a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py +++ b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py @@ -870,6 +870,40 @@ def test_aks_create_with_windows(self, resource_group, resource_group_location): self.cmd( 'aks delete -g {resource_group} -n {name} --yes --no-wait', checks=[self.is_empty()]) + @AllowLargeResponse() + @ResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='eastus2euap') + def test_aks_create_with_fips(self, resource_group, resource_group_location): + # reset the count so in replay mode the random names will start with 0 + self.test_resources_count = 0 + # kwargs for string formatting + aks_name = self.create_random_name('cliakstest', 16) + self.kwargs.update({ + 'resource_group': resource_group, + 'name': aks_name, + 'dns_name_prefix': self.create_random_name('cliaksdns', 16), + 'location': resource_group_location, + 'resource_type': 'Microsoft.ContainerService/ManagedClusters', + 'nodepool2_name': 'np2', + }) + + # create + create_cmd = 'aks create --resource-group={resource_group} --name={name} --enable-fips-image ' \ + '--generate-ssh-keys ' + self.cmd(create_cmd, checks=[ + self.check('provisioningState', 'Succeeded'), + self.check('agentPoolProfiles[0].enableFips', True) + ]) + + # nodepool add + self.cmd('aks nodepool add --resource-group={resource_group} --cluster-name={name} --name={nodepool2_name} --enable-fips-image', checks=[ + self.check('provisioningState', 'Succeeded'), + self.check('enableFips', True) + ]) + + # delete + self.cmd( + 'aks delete -g {resource_group} -n {name} --yes --no-wait', checks=[self.is_empty()]) + @AllowLargeResponse() @ResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2') def test_aks_create_with_ahub(self, resource_group, resource_group_location):