Skip to content
Open
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -2491,6 +2491,19 @@ def _get_outbound_type(
CONST_OUTBOUND_TYPE_USER_ASSIGNED_NAT_GATEWAY,
]:
if not read_from_mc and self.get_vnet_subnet_id() in ["", None] and not byo_subnets_configured:
if self.decorator_mode == DecoratorMode.UPDATE:
# --vnet-subnet-id is not registered for 'aks update'. For BYO VNet clusters the subnet
# is already known from the agentpool, so validation passes above. Reaching here in update
# mode means the cluster uses a managed VNet, which cannot be migrated to UDR/userAssignedNATGateway.
raise InvalidArgumentValueError(
"Updating outbound type to {outbound_type} is only supported for "
"clusters using a custom (BYO) virtual network. Managed VNet clusters "
"cannot be updated to {outbound_type}. Please refer to "
"https://learn.microsoft.com/en-us/azure/aks/egress-outboundtype"
"#updating-outboundtype-after-cluster-creation for supported migration paths.".format(
outbound_type=outbound_type
)
)
self._raise_missing_vnet_subnet_for_outbound_type(outbound_type, skuName)
if outbound_type == CONST_OUTBOUND_TYPE_MANAGED_NAT_GATEWAY:
if self.get_vnet_subnet_id() not in ["", None] or byo_subnets_set:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2391,6 +2391,56 @@ def test_get_outbound_type(self):
with self.assertRaises(InvalidArgumentValueError):
ctx_17.get_outbound_type()

# update to UDR on a BYO VNet cluster (subnet known from agentpool) should succeed
ctx_18 = AKSManagedClusterContext(
self.cmd,
AKSManagedClusterParamDict(
{"outbound_type": CONST_OUTBOUND_TYPE_USER_DEFINED_ROUTING}
),
self.models,
DecoratorMode.UPDATE,
)
ctx_18.agentpool_context = mock.MagicMock()
ctx_18.agentpool_context.get_vnet_subnet_id.return_value = "test_vnet_subnet_id"
self.assertEqual(
ctx_18.get_outbound_type(), CONST_OUTBOUND_TYPE_USER_DEFINED_ROUTING
)

# update to UDR on a managed VNet cluster (no subnet) should fail with a clear error,
# not ask for --vnet-subnet-id (which is not registered for 'aks update')
ctx_19 = AKSManagedClusterContext(
self.cmd,
AKSManagedClusterParamDict(
{"outbound_type": CONST_OUTBOUND_TYPE_USER_DEFINED_ROUTING}
),
self.models,
DecoratorMode.UPDATE,
)
ctx_19.agentpool_context = mock.MagicMock()
ctx_19.agentpool_context.get_vnet_subnet_id.return_value = None
with self.assertRaisesRegex(
InvalidArgumentValueError,
"only supported for clusters using a custom",
):
ctx_19.get_outbound_type()

# update to userAssignedNATGateway on a managed VNet cluster (no subnet) should fail with a clear error
ctx_20 = AKSManagedClusterContext(
self.cmd,
AKSManagedClusterParamDict(
{"outbound_type": CONST_OUTBOUND_TYPE_USER_ASSIGNED_NAT_GATEWAY}
),
self.models,
DecoratorMode.UPDATE,
)
ctx_20.agentpool_context = mock.MagicMock()
ctx_20.agentpool_context.get_vnet_subnet_id.return_value = None
with self.assertRaisesRegex(
InvalidArgumentValueError,
"only supported for clusters using a custom",
):
ctx_20.get_outbound_type()

Comment thread
FumingZhang marked this conversation as resolved.
def test_get_network_plugin_mode(self):
# default
ctx_1 = AKSManagedClusterContext(
Expand Down
Loading