cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

adding enable_rbac option in aks (#47730)

Browse source 
* adding enable_rbac option in aks

* fixes

* addressed comments
This commit is contained in:
Zim Kalinowski 2018-10-29 14:36:38 +08:00 committed by GitHub
parent bc1e6b3039
commit 7c11c67156
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 21 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
lib/ansible/modules/cloud/azure/azure_rm_aks.py
View file

@ -89,6 +89,13 @@ options:
description: description:
- The secret password associated with the service principal. - The secret password associated with the service principal.
required: true required: true
enable_rbac:
description:
- Enable RBAC.
- Existing non-RBAC enabled AKS clusters cannot currently be updated for RBAC use.
type: bool
default: no
version_added: 2.8
extends_documentation_fragment: extends_documentation_fragment:
- azure - azure
@ -248,7 +255,8 @@ def create_aks_dict(aks):
agent_pool_profiles=create_agent_pool_profiles_dict( agent_pool_profiles=create_agent_pool_profiles_dict(
aks.agent_pool_profiles), aks.agent_pool_profiles),
type=aks.type, type=aks.type,
kube_config=aks.kube_config kube_config=aks.kube_config,
enable_rbac=aks.enable_rbac
) )
@ -361,6 +369,10 @@ class AzureRMManagedCluster(AzureRMModuleBase):
type='dict', type='dict',
options=service_principal_spec options=service_principal_spec
), ),
enable_rbac=dict(
type='bool',
default=False
)
) )
self.resource_group = None self.resource_group = None
@ -373,6 +385,7 @@ class AzureRMManagedCluster(AzureRMModuleBase):
self.linux_profile = None self.linux_profile = None
self.agent_pool_profiles = None self.agent_pool_profiles = None
self.service_principal = None self.service_principal = None
self.enable_rbac = False
required_if = [ required_if = [
('state', 'present', [ ('state', 'present', [
@ -455,6 +468,9 @@ class AzureRMManagedCluster(AzureRMModuleBase):
if response['kubernetes_version'] != self.kubernetes_version: if response['kubernetes_version'] != self.kubernetes_version:
to_be_updated = True to_be_updated = True
if response['enable_rbac'] != self.enable_rbac:
to_be_updated = True
for profile_result in response['agent_pool_profiles']: for profile_result in response['agent_pool_profiles']:
matched = False matched = False
for profile_self in self.agent_pool_profiles: for profile_self in self.agent_pool_profiles:
@ -520,7 +536,8 @@ class AzureRMManagedCluster(AzureRMModuleBase):
tags=self.tags, tags=self.tags,
service_principal_profile=service_principal_profile, service_principal_profile=service_principal_profile,
agent_pool_profiles=agentpools, agent_pool_profiles=agentpools,
linux_profile=create_linux_profile_instance(self.linux_profile) linux_profile=create_linux_profile_instance(self.linux_profile),
enable_rbac=self.enable_rbac
) )
# self.log("service_principal_profile : {0}".format(parameters.service_principal_profile)) # self.log("service_principal_profile : {0}".format(parameters.service_principal_profile))

2
test/integration/targets/azure_rm_aks/tasks/main.yml
View file

@ -45,6 +45,7 @@
- name: default - name: default
count: 1 count: 1
vm_size: Standard_DS1_v2 vm_size: Standard_DS1_v2
enable_rbac: yes
register: output register: output
- name: Assert the AKS instance is well created - name: Assert the AKS instance is well created
@ -81,6 +82,7 @@
- name: default - name: default
count: 1 count: 1
vm_size: Standard_DS1_v2 vm_size: Standard_DS1_v2
enable_rbac: yes
register: output register: output
- name: Assert idempotent - name: Assert idempotent