aks-preview: Add managedNATGatewayV2 outbound type support#9676
aks-preview: Add managedNATGatewayV2 outbound type support#9676christine33-creator wants to merge 1 commit intoAzure:mainfrom
Conversation
|
| rule | cmd_name | rule_message | suggest_message |
|---|---|---|---|
| aks create | cmd aks create added parameter nat_gateway_managed_outbound_ipv6_count |
||
| aks create | cmd aks create added parameter nat_gateway_outbound_ip_ids |
||
| aks create | cmd aks create added parameter nat_gateway_outbound_ip_prefix_ids |
||
| aks create | cmd aks create update parameter outbound_type: updated property choices from ['block', 'loadBalancer', 'managedNATGateway', 'none', 'userAssignedNATGateway', 'userDefinedRouting'] to ['block', 'loadBalancer', 'managedNATGateway', 'managedNATGatewayV2', 'none', 'userAssignedNATGateway', 'userDefinedRouting'] |
||
| aks update | cmd aks update added parameter nat_gateway_managed_outbound_ipv6_count |
||
| aks update | cmd aks update added parameter nat_gateway_outbound_ip_ids |
||
| aks update | cmd aks update added parameter nat_gateway_outbound_ip_prefix_ids |
||
| aks update | cmd aks update update parameter outbound_type: updated property choices from ['block', 'loadBalancer', 'managedNATGateway', 'none', 'userAssignedNATGateway', 'userDefinedRouting'] to ['block', 'loadBalancer', 'managedNATGateway', 'managedNATGatewayV2', 'none', 'userAssignedNATGateway', 'userDefinedRouting'] |
|
Hi @christine33-creator, |
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
microsoft-github-policy-service
bot
requested review from
FumingZhang,
yanzhudd,
yonzhan and
zhoxing-ms
CodeGen Tools Feedback CollectionThank you for using our CodeGen tool. We value your feedback, and we would like to know how we can improve our product. Please take a few minutes to fill our codegen survey |
christine33-creator
force-pushed
the
cdossa/natgatewayv2-aks-preview
branch
from
e31e235 to
ba2665c
Compare
Release SuggestionsModule: aks-preview
Notes
|
christine33-creator
force-pushed
the
cdossa/natgatewayv2-aks-preview
branch
4 times, most recently
from
2143e0d to
93f2e7f
Compare
There was a problem hiding this comment.
Pull request overview
This PR adds support for the managedNATGatewayV2 outbound type in the aks-preview extension, which uses Azure NAT Gateway Standard V2 SKU. It introduces three new CLI parameters for NAT Gateway V2 configuration and updates the relevant create/update command flows.
Changes:
- Adds
CONST_OUTBOUND_TYPE_MANAGED_NAT_GATEWAY_V2constant and three new CLI parameters (--nat-gateway-managed-outbound-ipv6-count,--nat-gateway-outbound-ip-ids,--nat-gateway-outbound-ip-prefix-ids) with validation and help text. - Extends
_natgateway.pyfunctions (create_nat_gateway_profile,update_nat_gateway_profile,configure_nat_gateway_profile,is_nat_gateway_profile_provided) to handle V2-specific fields (IPv6 count, outbound IPs, IP prefixes). - Updates the managed cluster decorator to wire V2 parameters through create and update flows, and overrides
nat_gateway_modelsto include V2 sub-models.
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
setup.py |
Bumps version to 19.0.0b25 |
HISTORY.rst |
Adds changelog entry for V2 support |
_consts.py |
Adds CONST_OUTBOUND_TYPE_MANAGED_NAT_GATEWAY_V2 constant |
_natgateway.py |
Extends all NAT gateway profile functions with V2 parameters |
_validators.py |
Adds IPv6 count range validator (1-16) |
_params.py |
Registers three new CLI arguments for create and update commands |
_help.py |
Updates existing help text to mention managedNATGatewayV2 |
custom.py |
Adds new parameters to aks_create and aks_update signatures |
managed_cluster_decorator.py |
Overrides nat_gateway_models, adds context getters, wires V2 params into create/update flows |
test_natgateway.py |
Adds unit tests for V2 create, update, and is_nat_gateway_profile_provided |
You can also share your feedback on Copilot code review. Take the survey.
| outbound_ip_ids, | ||
| outbound_ip_prefix_ids, |
There was a problem hiding this comment.
The truthiness checks for outbound_ip_ids and outbound_ip_prefix_ids (lines 65-66) are inconsistent with the is not None checks used for managed_outbound_ip_count and managed_outbound_ipv6_count (lines 62, 64). An empty list [] would be treated as "not provided" with the truthiness check but as "provided" with is not None. While this may not be an issue in practice (since nargs="+" requires at least one value from the CLI), using is not None consistently would be more robust and clearer in intent.
| outbound_ip_ids, | |
| outbound_ip_prefix_ids, | |
| outbound_ip_ids is not None, | |
| outbound_ip_prefix_ids is not None, |
| type: string | ||
| short-summary: How outbound traffic will be configured for a cluster. | ||
| long-summary: This option will change the way how the outbound connections are managed in the AKS cluster. Available options are loadbalancer, managedNATGateway, userAssignedNATGateway, userDefinedRouting, none and block. For custom vnet, loadbalancer, userAssignedNATGateway and userDefinedRouting are supported. For aks managed vnet, loadbalancer, managedNATGateway and userDefinedRouting are supported. | ||
| long-summary: This option will change the way how the outbound connections are managed in the AKS cluster. Available options are loadbalancer, managedNATGateway, managedNATGatewayV2, userAssignedNATGateway, userDefinedRouting, none and block. |
There was a problem hiding this comment.
The updated help text for --outbound-type in the update command removed useful guidance about which outbound types are supported for different vnet configurations (custom vnet vs. AKS managed vnet). The previous text included: "For custom vnet, loadbalancer, userAssignedNATGateway and userDefinedRouting are supported. For aks managed vnet, loadbalancer, managedNATGateway and userDefinedRouting are supported." Consider retaining this information (updated with managedNATGatewayV2) to help users understand vnet-specific constraints.
| long-summary: This option will change the way how the outbound connections are managed in the AKS cluster. Available options are loadbalancer, managedNATGateway, managedNATGatewayV2, userAssignedNATGateway, userDefinedRouting, none and block. | |
| long-summary: This option will change the way how the outbound connections are managed in the AKS cluster. Available options are loadbalancer, managedNATGateway, managedNATGatewayV2, userAssignedNATGateway, userDefinedRouting, none and block. For clusters using a custom virtual network, supported values are loadbalancer, userAssignedNATGateway and userDefinedRouting. For clusters using an AKS-managed virtual network, supported values are loadbalancer, managedNATGateway, managedNATGatewayV2 and userDefinedRouting. |
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
FumingZhang
left a comment
FumingZhang
left a comment
There was a problem hiding this comment.
lgtm, would you like to add some scenario tests to test_aks_commands.py to verify the change end-to-end?
|
Please resolve merge conflicts, @christine33-creator |
BabyCakes13
left a comment
BabyCakes13
left a comment
There was a problem hiding this comment.
looks good in general, but the main thing to be changed is the name of the NAT Gateway Outbound IP / Prefixes parameters, I left a comment about it :D
christine33-creator
force-pushed
the
cdossa/natgatewayv2-aks-preview
branch
from
93f2e7f to
b1a40c0
Compare
Add support for the managedNATGatewayV2 outbound type which uses Azure NAT Gateway Standard V2 SKU. New CLI parameters: - --nat-gateway-managed-outbound-ipv6-count: IPv6 managed IPs (1-16, dual-stack) - --nat-gateway-outbound-ip-ids: User-provided public IP resource IDs - --nat-gateway-outbound-ip-prefix-ids: User-provided IP prefix resource IDs These are valid only with --outbound-type managedNATGatewayV2.
thanks @FumingZhang! I'd like to add scenario tests. The V2 feature requires the ManagedNATGatewayV2Preview feature flag. Could you confirm the CI test subscription has this flag registered? If so, I'll add the tests. Otherwise, happy to add them in a follow-up PR once the flag is available on the test sub. |
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
If the server supports it, you can use a custom header to bypass feature flag validation. Otherwise, you can test in any subscription where this feature flag is registered to confirm it works. Exclude it from the default test matrix (src/aks-preview/azcli_aks_live_test/configs/ext_matrix_default.json), since the test subscriptions used for running tests don't have the feature flag registered. |
Add support for the managedNATGatewayV2 outbound type which uses Azure NAT Gateway Standard V2 SKU. New CLI parameters:
These are valid only with --outbound-type managedNATGatewayV2.
This checklist is used to make sure that common guidelines for a pull request are followed.
Related command
az aks create, az aks update
General Guidelines
azdev style <YOUR_EXT>locally? (pip install azdevrequired)python scripts/ci/test_index.py -qlocally? (pip install wheel==0.30.0required)For new extensions:
About Extension Publish
There is a pipeline to automatically build, upload and publish extension wheels.
Once your pull request is merged into main branch, a new pull request will be created to update
src/index.jsonautomatically.You only need to update the version information in file setup.py and historical information in file HISTORY.rst in your PR but do not modify
src/index.json.