[Aks] Add some properties for New-AzAksCluster and Set-AzAksCluster (Azure#19280)

* Add properties

* Add some properties for New-AzAksCluster and Set-AzAksCluster

Co-authored-by: wyunchi-ms <[email protected]>

Author: wyunchi-ms

src/Aks/Aks/ChangeLog.md

@@ -21,6 +21,9 @@
 * Added support of `FQDN` in `Import-AzAksCredential` [#17711]
 * Added hint when `Import-AzAksCredential` meets bad formatted kubernetes configuration file [#16741]
 * Added parameter `-NodeResourceGroup` for `New-AzAksCluster`. [#19014]
+* Added support for `Auto Upgrade` in `New-AzAksCluster` and `Set-AzAksCluster`.
+* Added support for `Http Proxy` in `New-AzAksCluster` and `Set-AzAksCluster`.
+* Added parameter `DisableLocalAccount` and `DiskEncryptionSetID` in `New-AzAksCluster` and `Set-AzAksCluster`.
 
 ## Version 4.2.1
 * Removed the warning messages for MSGraph migration [#18856]

src/Aks/Aks/Commands/CreateOrUpdateKubeBase.cs

@@ -164,6 +164,28 @@ public abstract class CreateOrUpdateKubeBase : KubeCmdletBase
         [Parameter(Mandatory = false, HelpMessage = "ResourceId of user assign managed identity for cluster.")]
         public string AssignIdentity { get; set; }
 
+        [Parameter(Mandatory = false, HelpMessage = "The upgrade channel for auto upgrade. For more information see https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel.")]
+        [PSArgumentCompleter("rapid", "stable", "patch", "node-image", "none")]
+        public string AutoUpgradeChannel { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "The resource ID of the disk encryption set to use for enabling encryption.")]
+        public string DiskEncryptionSetID { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "Local accounts should be disabled on the Managed Cluster.")]
+        public SwitchParameter DisableLocalAccount { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "The HTTP proxy server endpoint to use.")]
+        public string HttpProxy { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "The HTTPS proxy server endpoint to use")]
+        public string HttpsProxy { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "The endpoints that should not go through proxy.")]
+        public string[] HttpProxyConfigNoProxyEndpoint { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "Alternative CA cert to use for connecting to proxy servers.")]
+        public string HttpProxyConfigTrustedCa { get; set; }
+
         protected void BeforeBuildNewCluster()
         {
             if (!string.IsNullOrEmpty(ResourceGroupName) && string.IsNullOrEmpty(Location))
@@ -528,6 +550,49 @@ protected ManagedClusterLoadBalancerProfile CreateOrUpdateLoadBalancerProfile(Ma
             return loadBalancerProfile;
         }
 
+        protected ManagedClusterAutoUpgradeProfile CreateOrUpdateAutoUpgradeProfile(ManagedClusterAutoUpgradeProfile autoUpgradeProfile)
+        {
+            if (this.IsParameterBound(c => c.AutoUpgradeChannel) && autoUpgradeProfile == null)
+            {
+                autoUpgradeProfile = new ManagedClusterAutoUpgradeProfile();
+            }
+            if (this.IsParameterBound(c => c.AutoUpgradeChannel))
+            {
+                autoUpgradeProfile.UpgradeChannel = AutoUpgradeChannel;
+            }
+            return autoUpgradeProfile;
+        }
+
+        protected ManagedClusterHTTPProxyConfig CreateOrUpdateHttpProxyConfig(ManagedClusterHTTPProxyConfig httpProxyConfig)
+        {
+            if ((this.IsParameterBound(c => c.HttpProxy) ||
+                this.IsParameterBound(c => c.HttpsProxy) ||
+                this.IsParameterBound(c => c.HttpProxyConfigNoProxyEndpoint) ||
+                this.IsParameterBound(c => c.HttpProxyConfigTrustedCa)) &&
+                httpProxyConfig == null)
+            {
+                httpProxyConfig = new ManagedClusterHTTPProxyConfig();
+            }
+            if (this.IsParameterBound(c => c.HttpProxy))
+            {
+                httpProxyConfig.HttpProxy = HttpProxy;
+            }
+            if (this.IsParameterBound(c => c.HttpsProxy))
+            {
+                httpProxyConfig.HttpsProxy = HttpsProxy;
+            }
+            if (this.IsParameterBound(c => c.HttpProxyConfigNoProxyEndpoint))
+            {
+                httpProxyConfig.NoProxy = HttpProxyConfigNoProxyEndpoint;
+            }
+            if (this.IsParameterBound(c => c.HttpProxyConfigTrustedCa))
+            {
+                httpProxyConfig.TrustedCa = HttpProxyConfigTrustedCa;
+            }
+
+            return httpProxyConfig;
+        }
+
         protected ManagedClusterAPIServerAccessProfile CreateOrUpdateApiServerAccessProfile(ManagedClusterAPIServerAccessProfile apiServerAccessProfile)
         {
             if ((this.IsParameterBound(c => c.ApiServerAccessAuthorizedIpRange) ||

src/Aks/Aks/Commands/NewAzureRmAks.cs

@@ -343,6 +343,10 @@ private ManagedCluster BuildNewCluster()
 
             var apiServerAccessProfile = CreateOrUpdateApiServerAccessProfile(null);
 
+            var httpProxyConfig = CreateOrUpdateHttpProxyConfig(null);
+
+            var autoUpgradeProfile = CreateOrUpdateAutoUpgradeProfile(null);
+
             var addonProfiles = CreateAddonsProfiles();
 
             WriteVerbose(string.Format(Resources.DeployingYourManagedKubeCluster, AcsSpFilePath));
@@ -361,7 +365,9 @@ private ManagedCluster BuildNewCluster()
                 aadProfile: aadProfile,
                 addonProfiles: addonProfiles,
                 networkProfile: networkProfile,
-                apiServerAccessProfile: apiServerAccessProfile);
+                apiServerAccessProfile: apiServerAccessProfile,
+                httpProxyConfig: httpProxyConfig,
+                autoUpgradeProfile: autoUpgradeProfile);
 
             SetIdentity(managedCluster);
 
@@ -373,6 +379,14 @@ private ManagedCluster BuildNewCluster()
             {
                 managedCluster.FqdnSubdomain = FqdnSubdomain;
             }
+            if (this.IsParameterBound(c => c.DiskEncryptionSetID))
+            {
+                managedCluster.DiskEncryptionSetID = DiskEncryptionSetID;
+            }
+            if (DisableLocalAccount.IsPresent)
+            {
+                managedCluster.DisableLocalAccounts = DisableLocalAccount;
+            }
             //if(EnablePodSecurityPolicy.IsPresent)
             //{
             //    managedCluster.EnablePodSecurityPolicy = EnablePodSecurityPolicy;

src/Aks/Aks/Commands/SetAzureRmAks.cs

@@ -376,6 +376,8 @@ public override void ExecuteCmdlet()
                     }
                     cluster.NetworkProfile = SetNetworkProfile(cluster.NetworkProfile);
                     cluster.ApiServerAccessProfile = CreateOrUpdateApiServerAccessProfile(cluster.ApiServerAccessProfile);
+                    cluster.HttpProxyConfig = CreateOrUpdateHttpProxyConfig(cluster.HttpProxyConfig);
+                    cluster.AutoUpgradeProfile = CreateOrUpdateAutoUpgradeProfile(cluster.AutoUpgradeProfile);
                     if (this.IsParameterBound(c => c.FqdnSubdomain))
                     {
                         cluster.FqdnSubdomain = FqdnSubdomain;
@@ -384,6 +386,15 @@ public override void ExecuteCmdlet()
 
                     var kubeCluster = Client.ManagedClusters.CreateOrUpdate(ResourceGroupName, Name, cluster);
 
+                    if (this.IsParameterBound(c => c.DiskEncryptionSetID))
+                    {
+                        cluster.DiskEncryptionSetID = DiskEncryptionSetID;
+                    }
+                    if (DisableLocalAccount.IsPresent)
+                    {
+                        cluster.DisableLocalAccounts = DisableLocalAccount;
+                    }
+
                     WriteObject(PSMapper.Instance.Map<PSKubernetesCluster>(kubeCluster));
                 });
             }

src/Aks/Aks/Models/Mapper.cs

@@ -47,6 +47,16 @@ static PSMapper()
                 cfg.CreateMap<ManagedClusterPoolUpgradeProfileUpgradesItem,PSManagedClusterPoolUpgradeProfileUpgradesItem>().ReverseMap();
                 cfg.CreateMap<ManagedClusterUpgradeProfile,PSManagedClusterUpgradeProfile>().ReverseMap();
                 cfg.CreateMap<ManagedClusterWindowsProfile, PSManagedClusterWindowsProfile>().ReverseMap();
+                cfg.CreateMap<ManagedClusterAutoUpgradeProfile, PSManagedClusterAutoUpgradeProfile>().ReverseMap();
+                cfg.CreateMap<ManagedClusterHTTPProxyConfig, PSManagedClusterHTTPProxyConfig>().ReverseMap();
+                cfg.CreateMap<ManagedClusterPodIdentity, PSManagedClusterPodIdentity>().ReverseMap();
+                cfg.CreateMap<ManagedClusterPodIdentityException, PSManagedClusterPodIdentityException>().ReverseMap();
+                cfg.CreateMap<ManagedClusterPodIdentityProfile, PSManagedClusterPodIdentityProfile>().ReverseMap();
+                cfg.CreateMap<UserAssignedIdentity, PSManagedClusterPodIdentityProfileUserAssignedIdentity>().ReverseMap();
+                cfg.CreateMap<ManagedClusterPodIdentityProvisioningError, PSManagedClusterPodIdentityProvisioningError>().ReverseMap();
+                cfg.CreateMap<ManagedClusterPodIdentityProvisioningErrorBody, PSManagedClusterPodIdentityProvisioningErrorBody>().ReverseMap();
+                cfg.CreateMap<ManagedClusterPodIdentityProvisioningInfo, PSManagedClusterPodIdentityProvisioningInfo>().ReverseMap();
+                cfg.CreateMap<ManagedClusterPropertiesAutoScalerProfile, PSManagedClusterAutoScalerProfile>().ReverseMap();
                 cfg.CreateMap<Resource,PSResource>().ReverseMap();
                 cfg.CreateMap<ResourceIdentityType, PSResourceIdentityType>().ReverseMap();
                 cfg.CreateMap<AgentPool, PSNodePool>().ReverseMap();

src/Aks/Aks/Models/PSKubernetesCluster.cs

@@ -94,6 +94,11 @@ public class PSKubernetesCluster : PSResource
         /// </summary>
         public string DnsPrefix { get; set; }
 
+        /// <summary>
+        /// Gets or sets the FQDN subdomain of the private cluster with custom private dns.
+        /// </summary>
+        public string FqdnSubdomain { get; set; }
+
         /// <summary>
         /// Gets FQDN for the master pool.
         /// </summary>
@@ -104,6 +109,13 @@ public class PSKubernetesCluster : PSResource
         /// </summary>
         public string PrivateFQDN { get; private set; }
 
+        /// <summary>
+        /// Gets the special FQDN used by the Azure Portal to access the Managed Cluster.
+        /// This FQDN is for use only by the Azure Portal and should not be used by other
+        /// clients.
+        /// </summary>
+        public string AzurePortalFQDN { get; private set; }
+
         /// <summary>
         /// Gets or sets properties of the agent pool.
         /// </summary>
@@ -120,6 +132,11 @@ public class PSKubernetesCluster : PSResource
         /// </summary>
         public IDictionary<string, PSManagedClusterAddonProfile> AddonProfiles { get; set; }
 
+        /// <summary>
+        /// Gets or sets the pod identity profile of the Managed Cluster.
+        /// </summary>
+        public PSManagedClusterPodIdentityProfile PodIdentityProfile { get; set; }
+
         /// <summary>
         /// Gets or sets name of the resource group containing agent pool
         /// nodes.
@@ -147,17 +164,43 @@ public class PSKubernetesCluster : PSResource
         /// Gets or sets profile of Azure Active Directory configuration.
         /// </summary>
         public PSManagedClusterAadProfile AadProfile { get; set; }
+        
+        /// <summary>
+        /// Gets or sets the auto upgrade configuration.
+        /// </summary>
+        public PSManagedClusterAutoUpgradeProfile AutoUpgradeProfile { get; set; }
+
+        /// <summary>
+        /// Gets or sets parameters to be applied to the cluster-autoscaler when enabled
+        /// </summary>
+        public PSManagedClusterAutoScalerProfile AutoScalerProfile;
+
+        /// <summary>
+        /// Gets or sets the Resource ID of the disk encryption set to use for enabling encryption
+        /// at rest.
+        /// </summary>
+        public string DiskEncryptionSetID { get; set; }
 
         /// <summary>
         /// Gets or sets access profile for managed cluster API server.
         /// </summary>
         public PSManagedClusterAPIServerAccessProfile ApiServerAccessProfile { get; set; }
 
-        //
-        // Summary:
-        //     Gets or sets identities associated with the cluster.
+        /// <summary>
+        /// Gets or sets identities associated with the cluster.
+        /// </summary>
         public IDictionary<string, PSManagedClusterPropertiesIdentityProfile> IdentityProfile { get; set; }
 
+        /// <summary>
+        /// Gets or sets if local accounts should be disabled on the Managed Cluster.
+        /// </summary>
+        public bool? DisableLocalAccounts { get; set; }
+
+        /// <summary>
+        /// Gets or sets configurations for provisioning the cluster with HTTP proxy servers.
+        /// </summary>
+        public PSManagedClusterHTTPProxyConfig HttpProxyConfig { get; set; }
+
         /// <summary>
         /// Gets or sets the identity of the managed cluster, if configured.
         /// </summary>

src/Aks/Aks/Models/PSManagedClusterAutoScalerProfile.cs

@@ -0,0 +1,119 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System.Collections.Generic;
+
+namespace Microsoft.Azure.Commands.Aks.Models
+{
+    /// <summary>
+    /// Parameters to be applied to the cluster-autoscaler when enabled.
+    /// </summary>
+    public partial class PSManagedClusterAutoScalerProfile
+    {
+        /// <summary>
+        /// Gets or sets detects similar node pools and balances the number of nodes between
+        /// them.
+        /// </summary>
+        public string BalanceSimilarNodeGroups { get; set; }
+
+        /// <summary>
+        /// Gets or sets the expander to use when scaling up
+        /// </summary>
+        public string Expander { get; set; }
+
+        /// <summary>
+        /// Gets or sets the maximum number of empty nodes that can be deleted at the same
+        /// time. This must be a positive integer.
+        /// </summary>
+        public string MaxEmptyBulkDelete { get; set; }
+
+        /// <summary>
+        /// Gets or sets the maximum number of seconds the cluster autoscaler waits for pod
+        /// termination when trying to scale down a node.
+        /// </summary>
+        public string MaxGracefulTerminationSec { get; set; }
+
+        /// <summary>
+        /// Gets or sets the maximum time the autoscaler waits for a node to be provisioned.
+        /// </summary>
+        public string MaxNodeProvisionTime { get; set; }
+
+        /// <summary>
+        /// Gets or sets the maximum percentage of unready nodes in the cluster. After this
+        /// percentage is exceeded, cluster autoscaler halts operations.
+        /// </summary>
+        public string MaxTotalUnreadyPercentage { get; set; }
+
+        /// <summary>
+        /// Gets or sets ignore unscheduled pods before they're a certain age.
+        /// </summary>
+        public string NewPodScaleUpDelay { get; set; }
+
+        /// <summary>
+        /// Gets or sets the number of allowed unready nodes, irrespective of max-total-unready-percentage.
+        /// </summary>
+        public string OkTotalUnreadyCount { get; set; }
+
+        /// <summary>
+        /// Gets or sets how often cluster is reevaluated for scale up or down.
+        /// </summary>
+        public string ScanInterval { get; set; }
+
+        /// <summary>
+        /// Gets or sets how long after scale up that scale down evaluation resumes
+        /// </summary>
+        public string ScaleDownDelayAfterAdd { get; set; }
+
+        /// <summary>
+        /// Gets or sets how long after node deletion that scale down evaluation resumes.
+        /// </summary>
+        public string ScaleDownDelayAfterDelete { get; set; }
+
+        /// <summary>
+        /// Gets or sets how long after scale down failure that scale down evaluation resumes.
+        /// </summary>
+        public string ScaleDownDelayAfterFailure { get; set; }
+
+        /// <summary>
+        /// Gets or sets how long a node should be unneeded before it is eligible for scale
+        /// </summary>
+        /// down.
+        public string ScaleDownUnneededTime { get; set; }
+
+        /// <summary>
+        /// Gets or sets how long an unready node should be unneeded before it is eligible
+        /// for scale down
+        /// </summary>
+        public string ScaleDownUnreadyTime { get; set; }
+
+        /// <summary>
+        /// Gets or sets node utilization level, defined as sum of requested resources divided
+        /// by capacity, below which a node can be considered for scale down.
+        /// </summary>
+        public string ScaleDownUtilizationThreshold { get; set; }
+
+        /// <summary>
+        /// Gets or sets if cluster autoscaler will skip deleting nodes with pods with local
+        /// storage, for example, EmptyDir or HostPath.
+        /// </summary>
+        public string SkipNodesWithLocalStorage { get; set; }
+
+        /// <summary>
+        /// Gets or sets if cluster autoscaler will skip deleting nodes with pods from kube-system
+        /// (except for DaemonSet or mirror pods)
+        /// </summary>
+        public string SkipNodesWithSystemPods { get; set; }
+
+    }
+}