jkroepke
commented
11 months ago I#m also interest into this feature. Updating a cluster from none to calico or azure should be supported.
Open jeremybusk opened 1 year ago
jkroepke
commented
11 months ago I#m also interest into this feature. Updating a cluster from none to calico or azure should be supported.
Is your feature request related to a problem? Please describe.
I want to be able to change network policy on AKS cluster from None to Calico without replacement of AKS Cluster. I can see maybe why having to do a replacement when going from azure -> calico as it would invalidate existing rules but don't see the reason from None or non-existent. At a minimum allow None to Calico/Azure Network Policy without rebuild because there would be no existing Network Policies in cluster. This currently seems like the old reboot windows solution rather than just actually fixing the issue. I really would expect network policy to be updated from azure to calico or calico to azure without rebuild and have someone just script to translation and application of rules. This seems to be the right way.
Terraform plan line examples using provider https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster
~ network_policy = "None" -> "calico" # forces replacement ~ network_policy = "calico" -> "azure" # forces replacement
Here is stack conversation. https://stackoverflow.com/questions/67395933/how-to-enable-calico-network-policy-on-the-existing-aks-cluster
Describe the solution you'd like At minimum update the Network Policy from None to calico to azure without complete replacement/rebuild of AKS Cluster. Even better would be changing network policy to anything without having to replace cluste.r
Describe alternatives you've considered Do full backup & restore but this is painful for large instances. Use alternatives to AKS for Kubernetes platform.
Additional context