Open mani3887 opened 5 months ago
This issue is currently awaiting triage.
CAPI contributors will take a look as soon as possible, apply one of the triage/*
labels and provide further guidance.
Heyho, I'll move this issue to CAPZ
/transfer cluster-api-provider-azure
@mani3887 are the AAD extensions an AKS configuration (i.e., a configuration against an "agentPoolProfile"), or is this a VMSS-specific extension that you add after cluster creation to the VMSS in the "MC_" resource group?
@jackfrancis : Thanks for your response. This is for Azure VMSS specific extension that we need to add after the cluster creation. This is a self managed cluster created by Cluster API. We do not have the MC_resource group(as I have seen while creating AKS as a service). We have already created the cluster using Cluster API. On researching the cluster API -https://capz.sigs.k8s.io/topics/custom-vm-extensions, I saw there was a provision for configuring the AAD VM extensions, something like this on the azure machine pool: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: AzureMachinePool spec: template: vmExtensions:
On researching the cluster API -https://capz.sigs.k8s.io/topics/custom-vm-extensions, I saw there was a provision for configuring the AAD VM extensions, something like this on the azure machine pool:
Did specifying the AAD VM extension fix the problem, or is it still being overwritten? Specifying the extension in the spec should do the trick.
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
What steps did you take and what happened?
We created a AKS cluster using Cluster API. Recently we tried adding AAD plugins on our VMSS. It was added successfully, but it was removed after few mins. We suspect this is happening because some other configuration is overwriting this and we suspect that this could be because of CapZ. When we inspect the CapZ azure machine pools, we do not see a spec for extensions. Can you please let us know whether this could be because of an incorrect configuration on CapZ?
What did you expect to happen?
AAD extensions getting added successfully in VMSS pools.
Cluster API version
https://doc.crds.dev/github.com/kubernetes-sigs/cluster-api/cluster.x-k8s.io/MachinePool/v1beta1@v1.3.2
Kubernetes version
No response
Anything else you would like to add?
No response
Label(s) to be applied
/kind bug One or more /area label. See https://github.com/kubernetes-sigs/cluster-api/labels?q=area for the list of labels.