search

Azure / bicep-registry-modules

Bicep registry modules
MIT License
465 stars 308 forks source link

[AVM Module Issue]: Upgrading bicep API version of `Microsoft.ContainerService/managedClusters` resource seems to have induce an error for maxSurge property #2872

Open jonasssa opened 1 month ago

jonasssa commented 1 month ago

Check for previous/existing GitHub issues

Issue Type?

Bug

Module Name

avm/res/container-service/managed-cluster

(Optional) Module Version

0.2.0

Description

I tried deploying the new 0.2.0 (or really the 0.2.2 version, but it's in 0.2.0 the new API version of Microsoft.ContainerService/managedClusters was introduced) on an existing cluster that previously had been deployed using version 0.1.0. This led to the following error:

{
    "code": "DeploymentFailed",
    "target": "/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.ContainerService/managedClusters/xxxx",
    "message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.",
    "details": [
        {
            "code": "UnmarshalError",
            "target": "/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.ContainerService/managedClusters/xxxx",
            "message": "Invalid request body. Converting request body to a managed cluster encountered error: json: unknown field \"maxSurge\" Check that the field is in the right location, is spelled correctly, and is supported in the API version. Visit aka.ms/aks/apiversions for more API version information.."
        }
    ]
}

I don't see any changes in the way the maxSurge property is requested from the Microsoft.ContainerService/managedClusters resource, so not sure why this error is thrown.

The reason I want to use this new API version is because I hit this bug while trying to deploy prometheus-metrics on the cluster: https://github.com/Azure/bicep-registry-modules/issues/1966#issuecomment-2143807734, which supposedly is solved by updating the bicep API-version of the managed cluster resource.

(Optional) Correlation Id

No response

avm-team-linter[bot] commented 1 month ago

@jonasssa, thanks for submitting this issue for the avm/res/container-service/managed-cluster module!

[!IMPORTANT] A member of the @Azure/avm-res-containerservice-managedcluster-module-owners-bicep or @Azure/avm-res-containerservice-managedcluster-module-contributors-bicep team will review it soon!

microsoft-github-policy-service[bot] commented 1 month ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot] commented 1 month ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot] commented 1 month ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

  • To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
  • Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
microsoft-github-policy-service[bot] commented 4 weeks ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot] commented 4 weeks ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

  • To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
  • Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
microsoft-github-policy-service[bot] commented 3 weeks ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot] commented 3 weeks ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

  • To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
  • Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
microsoft-github-policy-service[bot] commented 2 weeks ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot] commented 2 weeks ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

  • To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
  • Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
AlexanderSehr commented 2 weeks ago

Hey @JPEasier, could you please triage this issue when you have a moment? :)

JPEasier commented 2 weeks ago

Hi @jonasssa , could you please add your bicep code for the AKS?

Thanks

microsoft-github-policy-service[bot] commented 1 week ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot] commented 1 week ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

  • To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
  • Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
jonasssa commented 1 week ago

Hi @jonasssa , could you please add your bicep code for the AKS?

Thanks

module aks 'br/public:avm/res/container-service/managed-cluster:0.2.2' = {
  name: '${deployment().name}-${aksName}'
  scope: resourceGroup(aksResourceGroupName)
  dependsOn: [ aksRg ]
  params: {
    name: aksName
    primaryAgentPoolProfile: [
      {
        count: systemAgentPoolCount
        mode: 'System'
        name: 'npsystem'
        vmSize: systemAgentPoolVmSize
        osDiskSizeGB: systemAgentPoolOsDiskSizeGB
        minCount: systemAgentPoolMinCount
        maxCount: systemAgentPoolMaxCount
        enableAutoScaling: true
        availabilityZones: [
          '1'
          '2'
          '3'
        ]
        maxSurge: '33%'
        osType: 'Linux'
        type: 'VirtualMachineScaleSets'
        nodeTaints: [
          'CriticalAddonsOnly=true:NoSchedule'
        ]
        osDiskType: 'Ephemeral'
        vnetSubnetID: aksNodesSubnet.outputs.resourceId
      }
    ]
    agentPools: [
      {
        availabilityZones: [
          '1'
          '2'
          '3'
        ]
        count: userAgentPoolCount
        enableAutoScaling: true
        vmSize: userAgentPoolVmSize
        osDiskSizeGB: userAgentPoolOsDiskSizeGB
        minCount: userAgentPoolMinCount
        maxCount: userAgentPoolMaxCount
        maxPods: 30
        mode: 'User'
        maxSurge: '33%'
        name: 'npuser01'
        osType: 'Linux'
        type: 'VirtualMachineScaleSets'
        vnetSubnetID: aksNodesSubnet.outputs.resourceId
      }
    ]
    kubernetesVersion: kubernetesVersion
    networkPlugin: 'azure'
    networkPolicy: 'azure'
    serviceCidr: '172.16.0.0/16'
    dnsServiceIP: '172.16.0.10'
    enableOidcIssuerProfile: aksEnableOidcIssuerProfile
    autoUpgradeProfileUpgradeChannel: 'stable'
    nodeResourceGroup: '${aksName}-node-rg'
    authorizedIPRanges: authorizedIPRanges
    disableLocalAccounts: true
    outboundType: 'userDefinedRouting'
    location: location
    managedIdentities: {
      systemAssigned: true
    }
    aadProfileEnableAzureRBAC: true
    enableKeyvaultSecretsProvider: true
    enableSecretRotation: 'false'
    azurePolicyEnabled: true
    enableStorageProfileBlobCSIDriver: enableStorageProfileBlobCSIDriver
    enableStorageProfileDiskCSIDriver: enableStorageProfileDiskCSIDriver
    enableStorageProfileFileCSIDriver: enableStorageProfileFileCSIDriver
    enableStorageProfileSnapshotController: enableStorageProfileSnapshotController
    omsAgentEnabled: true
    enableWorkloadIdentity: aksEnableworkloadIdentity
  }
}
microsoft-github-policy-service[bot] commented 6 days ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot] commented 6 days ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

  • To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
  • Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
microsoft-github-policy-service[bot] commented 1 day ago

[!WARNING] Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

[!TIP]

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
microsoft-github-policy-service[bot] commented 1 day ago

[!CAUTION] This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days.

[!TIP]

  • To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
  • Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.