Vytvoří nebo aktualizuje spravovaný cluster.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}?api-version=2024-09-01
Parametry identifikátoru URI
| Name |
V |
Vyžadováno |
Typ |
Description |
|
resourceGroupName
|
path |
True
|
string
|
Název skupiny prostředků. Název nerozlišuje malá a velká písmena.
|
|
resourceName
|
path |
True
|
string
|
Název prostředku spravovaného clusteru.
Vzor regulárního výrazu: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$
|
|
subscriptionId
|
path |
True
|
string
uuid
|
ID cílového předplatného. Hodnota musí být UUID.
|
|
api-version
|
query |
True
|
string
|
Verze rozhraní API, která se má použít pro tuto operaci.
|
| Name |
Vyžadováno |
Typ |
Description |
|
If-Match
|
|
string
|
Požadavek by měl pokračovat pouze v případě, že entita odpovídá tomuto řetězci.
|
|
If-None-Match
|
|
string
|
Požadavek by měl pokračovat pouze v případě, že žádná entita neodpovídá tomuto řetězci.
|
Text požadavku
| Name |
Vyžadováno |
Typ |
Description |
|
location
|
True
|
string
|
Geografické umístění, ve kterém se nachází zdroj
|
|
extendedLocation
|
|
ExtendedLocation
|
Rozšířené umístění virtuálního počítače.
|
|
identity
|
|
ManagedClusterIdentity
|
Identita spravovaného clusteru, pokud je nakonfigurovaná.
|
|
properties.aadProfile
|
|
ManagedClusterAADProfile
|
AADProfile určuje atributy pro integraci Azure Active Directory.
Konfigurace Azure Active Directory.
|
|
properties.addonProfiles
|
|
<string,
ManagedClusterAddonProfile>
|
Profil doplňku spravovaného clusteru
|
|
properties.agentPoolProfiles
|
|
ManagedClusterAgentPoolProfile[]
|
Vlastnosti fondu agentů.
|
|
properties.apiServerAccessProfile
|
|
ManagedClusterAPIServerAccessProfile
|
Přístupový profil pro server rozhraní API spravovaného clusteru.
|
|
properties.autoScalerProfile
|
|
AutoScalerProfile
|
Parametry, které se mají použít u automatického škálování clusteru, když je povoleno
|
|
properties.autoUpgradeProfile
|
|
ManagedClusterAutoUpgradeProfile
|
Konfigurace automatického upgradu.
|
|
properties.azureMonitorProfile
|
|
ManagedClusterAzureMonitorProfile
|
Profily doplňků služby Azure Monitor pro monitorování spravovaného clusteru
|
|
properties.disableLocalAccounts
|
|
boolean
|
Pokud by místní účty měly být ve spravovaném clusteru zakázané.
Pokud je nastavená hodnota true, získání statických přihlašovacích údajů bude pro tento cluster zakázané. Tato možnost se musí používat jenom u spravovaných clusterů, které jsou povolené službou AAD. Další podrobnosti najdete v tématu zakázání místních účtů.
|
|
properties.diskEncryptionSetID
|
|
string
|
ID prostředku pro šifrování disku nastavené pro povolení šifrování neaktivních uložených dat.
Toto je formulář: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}.
|
|
properties.dnsPrefix
|
|
string
|
Předpona DNS spravovaného clusteru.
Po vytvoření spravovaného clusteru to nejde aktualizovat.
|
|
properties.enablePodSecurityPolicy
|
|
boolean
|
(ZASTARALÉ) Jestli chcete povolit zásady zabezpečení podů Kubernetes (Preview). PodSecurityPolicy byl v Kubernetes verze 1.21 vyřazen a odebrán z Kubernetes ve verzi 1.25. Další informace najdete v https://aka.ms/k8s/psp a https://aka.ms/aks/psp.
|
|
properties.enableRBAC
|
|
boolean
|
Jestli chcete povolit Kubernetes Role-Based řízení přístupu.
|
|
properties.fqdnSubdomain
|
|
string
|
Subdoména plně kvalifikovaného názvu domény privátního clusteru s vlastní zónou privátního dns.
Po vytvoření spravovaného clusteru to nejde aktualizovat.
|
|
properties.httpProxyConfig
|
|
ManagedClusterHTTPProxyConfig
|
Konfigurace pro zřizování clusteru pomocí proxy serverů HTTP.
|
|
properties.identityProfile
|
|
<string,
UserAssignedIdentity>
|
Identita uživatele přidružená ke spravovanému clusteru. Tuto identitu bude používat kubelet. Je povolena pouze jedna identita přiřazená uživatelem. Jediný akceptovaný klíč je kubeletidentity s hodnotou resourceId: "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}".
|
|
properties.ingressProfile
|
|
ManagedClusterIngressProfile
|
Profil příchozího přenosu dat pro spravovaný cluster
|
|
properties.kubernetesVersion
|
|
string
|
Verze Kubernetes určená uživatelem
Podporují se obě verze opravy <major.minor.patch> (např. 1.20.13) a <major.minor> (např. 1.20). Při <major.minor> je zvolena nejnovější podporovaná verze opravy GA automaticky. Aktualizace clusteru se stejným <major.minor> po vytvoření (např. 1.14.x –> 1.14) neaktivuje upgrade, i když je k dispozici novější verze opravy. Při upgradu podporovaného clusteru AKS není možné přeskočit podverze Kubernetes. Všechny upgrady se musí provádět postupně podle čísla hlavní verze. Například upgrady mezi verzemi 1.14.x –> 1.15.x nebo 1.15.x -> 1.16.x jsou povolené, ale verze 1.14.x –> 1.16.x není povolená. Další podrobnosti najdete v upgradu clusteru AKS.
|
|
properties.linuxProfile
|
|
ContainerServiceLinuxProfile
|
Profil virtuálních počítačů s Linuxem ve spravovaném clusteru.
|
|
properties.metricsProfile
|
|
ManagedClusterMetricsProfile
|
Volitelná konfigurace metrik clusteru
|
|
properties.networkProfile
|
|
ContainerServiceNetworkProfile
|
Profil konfigurace sítě.
|
|
properties.nodeResourceGroup
|
|
string
|
Název skupiny prostředků obsahující uzly fondu agentů.
|
|
properties.nodeResourceGroupProfile
|
|
ManagedClusterNodeResourceGroupProfile
|
Profil konfigurace skupiny prostředků uzlu
|
|
properties.oidcIssuerProfile
|
|
ManagedClusterOIDCIssuerProfile
|
Profil vystavitele OIDC spravovaného clusteru.
|
|
properties.podIdentityProfile
|
|
ManagedClusterPodIdentityProfile
|
Profil identity podu spravovaného clusteru.
Další podrobnosti o integraci identit podů AAD najdete v tématu použití identity podu AAD.
|
|
properties.privateLinkResources
|
|
PrivateLinkResource[]
|
Prostředky privátního propojení přidružené ke clusteru
|
|
properties.publicNetworkAccess
|
|
PublicNetworkAccess
|
PublicNetworkAccess spravovanéhoclusteru
Povolení nebo odepření přístupu k veřejné síti pro AKS
|
|
properties.securityProfile
|
|
ManagedClusterSecurityProfile
|
Profil zabezpečení spravovaného clusteru
|
|
properties.serviceMeshProfile
|
|
ServiceMeshProfile
|
Profil sítě služeb pro spravovaný cluster
|
|
properties.servicePrincipalProfile
|
|
ManagedClusterServicePrincipalProfile
|
Informace o identitě instančního objektu pro cluster, který se má použít pro manipulaci s rozhraními API Azure.
|
|
properties.storageProfile
|
|
ManagedClusterStorageProfile
|
Profil úložiště pro spravovaný cluster
|
|
properties.supportPlan
|
|
KubernetesSupportPlan
|
Plán podpory pro spravovaný cluster. Pokud není zadáno, výchozí hodnota je KubernetesOfficial.
|
|
properties.upgradeSettings
|
|
ClusterUpgradeSettings
|
Nastavení pro upgrade clusteru
|
|
properties.windowsProfile
|
|
ManagedClusterWindowsProfile
|
Profil pro virtuální počítače s Windows ve spravovaném clusteru.
|
|
properties.workloadAutoScalerProfile
|
|
ManagedClusterWorkloadAutoScalerProfile
|
Profil automatického škálování úloh pro spravovaný cluster
|
|
sku
|
|
ManagedClusterSKU
|
Skladová položka spravovaného clusteru.
|
|
tags
|
|
object
|
Značky prostředků
|
Odpovědi
| Name |
Typ |
Description |
|
200 OK
|
ManagedCluster
|
Stávající spravovaný cluster byl úspěšně aktualizován.
|
|
201 Created
|
ManagedCluster
|
Nový spravovaný cluster byl úspěšně vytvořen.
|
|
Other Status Codes
|
CloudError
|
Chybová odpověď popisující, proč operace selhala.
|
Zabezpečení
azure_auth
Azure Active Directory OAuth2 Flow
Typ:
oauth2
Tok:
implicit
URL autorizace:
https://login.microsoftonline.com/common/oauth2/authorize
Rozsahy
| Name |
Description |
|
user_impersonation
|
zosobnění uživatelského účtu
|
Příklady
Create Managed Cluster using an agent pool snapshot
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableFIPS": true,
"creationData": {
"sourceResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"
}
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.CreationData;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_Snapshot.json
*/
/**
* Sample code: Create Managed Cluster using an agent pool snapshot.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterUsingAnAgentPoolSnapshot(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableFips(true)
.withCreationData(new CreationData().withSourceResourceId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"))
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(false)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_snapshot.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"creationData": {
"sourceResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"
},
"enableFIPS": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": False,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Snapshot.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Snapshot.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterUsingAnAgentPoolSnapshot() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
CreationData: &armcontainerservice.CreationData{
SourceResourceID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"),
},
EnableFIPS: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(false),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CreationData: &armcontainerservice.CreationData{
// SourceResourceID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"),
// },
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableFIPS: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(false),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Snapshot.json
*/
async function createManagedClusterUsingAnAgentPoolSnapshot() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
creationData: {
sourceResourceId:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1",
},
enableFips: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: false,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableFIPS": true,
"creationData": {
"sourceResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"
}
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableFIPS": true,
"creationData": {
"sourceResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"
}
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with AKS-managed NAT gateway as outbound type
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "managedNATGateway",
"natGatewayProfile": {
"managedOutboundIPProfile": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterManagedOutboundIpProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterNatGatewayProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_ManagedNATGateway.json
*/
/**
* Sample code: Create Managed Cluster with AKS-managed NAT gateway as outbound type.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithAKSManagedNATGatewayAsOutboundType(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(false).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile()
.withOutboundType(OutboundType.MANAGED_NATGATEWAY).withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withNatGatewayProfile(new ManagedClusterNatGatewayProfile()
.withManagedOutboundIpProfile(new ManagedClusterManagedOutboundIpProfile().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_managed_nat_gateway.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": False,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerSku": "standard",
"natGatewayProfile": {"managedOutboundIPProfile": {"count": 2}},
"outboundType": "managedNATGateway",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_ManagedNATGateway.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_ManagedNATGateway.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithAksManagedNatGatewayAsOutboundType() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(false),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
NatGatewayProfile: &armcontainerservice.ManagedClusterNATGatewayProfile{
ManagedOutboundIPProfile: &armcontainerservice.ManagedClusterManagedOutboundIPProfile{
Count: to.Ptr[int32](2),
},
},
OutboundType: to.Ptr(armcontainerservice.OutboundTypeManagedNATGateway),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(false),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NatGatewayProfile: &armcontainerservice.ManagedClusterNATGatewayProfile{
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](4),
// ManagedOutboundIPProfile: &armcontainerservice.ManagedClusterManagedOutboundIPProfile{
// Count: to.Ptr[int32](2),
// },
// },
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeManagedNATGateway),
// PodCidr: to.Ptr("10.244.0.0/16"),
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_ManagedNATGateway.json
*/
async function createManagedClusterWithAksManagedNatGatewayAsOutboundType() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: false,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerSku: "standard",
natGatewayProfile: { managedOutboundIPProfile: { count: 2 } },
outboundType: "managedNATGateway",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "managedNATGateway",
"natGatewayProfile": {
"idleTimeoutInMinutes": 4,
"managedOutboundIPProfile": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "managedNATGateway",
"natGatewayProfile": {
"idleTimeoutInMinutes": 4,
"managedOutboundIPProfile": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with Azure KeyVault Secrets Provider Addon
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAddonProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_AzureKeyvaultSecretsProvider.json
*/
/**
* Sample code: Create Managed Cluster with Azure KeyVault Secrets Provider Addon.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithAzureKeyVaultSecretsProviderAddon(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf("azureKeyvaultSecretsProvider",
new ManagedClusterAddonProfile().withEnabled(true).withConfig(
mapOf("enableSecretRotation", "fakeTokenPlaceholder", "rotationPollInterval", "2m"))))
.withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_azure_keyvault_secrets_provider.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"config": {"enableSecretRotation": "true", "rotationPollInterval": "2m"},
"enabled": True,
}
},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureKeyvaultSecretsProvider.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureKeyvaultSecretsProvider.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithAzureKeyVaultSecretsProviderAddon() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{
"azureKeyvaultSecretsProvider": {
Config: map[string]*string{
"enableSecretRotation": to.Ptr("true"),
"rotationPollInterval": to.Ptr("2m"),
},
Enabled: to.Ptr(true),
},
},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{
// "azureKeyvaultSecretsProvider": &armcontainerservice.ManagedClusterAddonProfile{
// Config: map[string]*string{
// "enableSecretRotation": to.Ptr("true"),
// "rotationPollInterval": to.Ptr("2m"),
// },
// Enabled: to.Ptr(true),
// },
// },
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureKeyvaultSecretsProvider.json
*/
async function createManagedClusterWithAzureKeyVaultSecretsProviderAddon() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {
azureKeyvaultSecretsProvider: {
config: { enableSecretRotation: "true", rotationPollInterval: "2m" },
enabled: true,
},
},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with Capacity Reservation Group
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"capacityReservationGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_CRG.json
*/
/**
* Sample code: Create Managed Cluster with Capacity Reservation Group.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithCapacityReservationGroup(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true)
.withCapacityReservationGroupId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1")
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_crg.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"capacityReservationGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1",
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_CRG.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_CRG.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithCapacityReservationGroup() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
CapacityReservationGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// CapacityReservationGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_CRG.json
*/
async function createManagedClusterWithCapacityReservationGroup() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
capacityReservationGroupID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"capacityReservationGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"capacityReservationGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with Dedicated Host Group
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"hostGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_DedicatedHostGroup.json
*/
/**
* Sample code: Create Managed Cluster with Dedicated Host Group.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithDedicatedHostGroup(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withEnableNodePublicIp(true)
.withHostGroupId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1")
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(false)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_dedicated_host_group.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"hostGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": False,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DedicatedHostGroup.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DedicatedHostGroup.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithDedicatedHostGroup() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
HostGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(false),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// EnableNodePublicIP: to.Ptr(true),
// HostGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"),
// MaxPods: to.Ptr[int32](110),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(false),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DedicatedHostGroup.json
*/
async function createManagedClusterWithDedicatedHostGroup() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
hostGroupID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: false,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"hostGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"hostGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with EncryptionAtHost enabled
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_EnableEncryptionAtHost.json
*/
/**
* Sample code: Create Managed Cluster with EncryptionAtHost enabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithEncryptionAtHostEnabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_enable_encryption_at_host.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableEncryptionAtHost.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableEncryptionAtHost.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithEncryptionAtHostEnabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableEncryptionAtHost.json
*/
async function createManagedClusterWithEncryptionAtHostEnabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with FIPS enabled OS
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableFIPS": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_EnabledFIPS.json
*/
/**
* Sample code: Create Managed Cluster with FIPS enabled OS.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithFIPSEnabledOS(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableFips(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(false)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_enabled_fips.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableFIPS": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": False,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnabledFIPS.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnabledFIPS.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithFipsEnabledOs() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableFIPS: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(false),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableFIPS: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(false),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnabledFIPS.json
*/
async function createManagedClusterWithFipsEnabledOS() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableFips: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: false,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableFIPS": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableFIPS": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with GPUMIG
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_ND96asr_v4",
"osType": "Linux",
"gpuInstanceProfile": "MIG3g",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.GpuInstanceProfile;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterHttpProxyConfig;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_GPUMIG.json
*/
/**
* Sample code: Create Managed Cluster with GPUMIG.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithGPUMIG(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_ND96asr_v4")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true)
.withGpuInstanceProfile(GpuInstanceProfile.MIG3G).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des")
.withHttpProxyConfig(new ManagedClusterHttpProxyConfig().withHttpProxy("http://myproxy.server.com:8080")
.withHttpsProxy("https://myproxy.server.com:8080")
.withNoProxy(Arrays.asList("localhost", "127.0.0.1"))
.withTrustedCa("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=")),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_gpumig.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"gpuInstanceProfile": "MIG3g",
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_ND96asr_v4",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": ["localhost", "127.0.0.1"],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_GPUMIG.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_GPUMIG.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithGpumig() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
GpuInstanceProfile: to.Ptr(armcontainerservice.GPUInstanceProfileMIG3G),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_ND96asr_v4"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
NoProxy: []*string{
to.Ptr("localhost"),
to.Ptr("127.0.0.1")},
TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
},
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// GpuInstanceProfile: to.Ptr(armcontainerservice.GPUInstanceProfileMIG3G),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_ND96asr_v4"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
// HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
// HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
// NoProxy: []*string{
// to.Ptr("localhost"),
// to.Ptr("127.0.0.1")},
// TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
// },
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_GPUMIG.json
*/
async function createManagedClusterWithGpumig() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
gpuInstanceProfile: "MIG3g",
mode: "System",
osType: "Linux",
vmSize: "Standard_ND96asr_v4",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
httpProxyConfig: {
httpProxy: "http://myproxy.server.com:8080",
httpsProxy: "https://myproxy.server.com:8080",
noProxy: ["localhost", "127.0.0.1"],
trustedCa: "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_ND96asr_v4",
"maxPods": 110,
"osType": "Linux",
"gpuInstanceProfile": "MIG3g",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_ND96asr_v4",
"maxPods": 110,
"osType": "Linux",
"gpuInstanceProfile": "MIG3g",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterHttpProxyConfig;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_HTTPProxy.json
*/
/**
* Sample code: Create Managed Cluster with HTTP proxy configured.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithHTTPProxyConfigured(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des")
.withHttpProxyConfig(new ManagedClusterHttpProxyConfig().withHttpProxy("http://myproxy.server.com:8080")
.withHttpsProxy("https://myproxy.server.com:8080")
.withNoProxy(Arrays.asList("localhost", "127.0.0.1"))
.withTrustedCa("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=")),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_httpproxy.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": ["localhost", "127.0.0.1"],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_HTTPProxy.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_HTTPProxy.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithHttpProxyConfigured() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
NoProxy: []*string{
to.Ptr("localhost"),
to.Ptr("127.0.0.1")},
TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
},
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
// HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
// HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
// NoProxy: []*string{
// to.Ptr("localhost"),
// to.Ptr("127.0.0.1")},
// TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
// },
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_HTTPProxy.json
*/
async function createManagedClusterWithHttpProxyConfigured() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
httpProxyConfig: {
httpProxy: "http://myproxy.server.com:8080",
httpsProxy: "https://myproxy.server.com:8080",
noProxy: ["localhost", "127.0.0.1"],
trustedCa: "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
Create Managed Cluster with LongTermSupport
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Base",
"tier": "Premium"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"addonProfiles": {},
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"supportPlan": "AKSLongTermSupport"
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.KubernetesSupportPlan;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterApiServerAccessProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_Premium.json
*/
/**
* Sample code: Create Managed Cluster with LongTermSupport.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithLongTermSupport(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.BASE).withTier(ManagedClusterSkuTier.PREMIUM))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true)
.withSupportPlan(KubernetesSupportPlan.AKSLONG_TERM_SUPPORT).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withApiServerAccessProfile(new ManagedClusterApiServerAccessProfile().withDisableRunCommand(true)),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_premium.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"apiServerAccessProfile": {"disableRunCommand": True},
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"supportPlan": "AKSLongTermSupport",
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Base", "tier": "Premium"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Premium.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Premium.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithLongTermSupport() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
DisableRunCommand: to.Ptr(true),
},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
SupportPlan: to.Ptr(armcontainerservice.KubernetesSupportPlanAKSLongTermSupport),
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUNameBase),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierPremium),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
// DisableRunCommand: to.Ptr(true),
// },
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-ee788a1f.hcp.location1.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PrivateFQDN: to.Ptr("dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// SupportPlan: to.Ptr(armcontainerservice.KubernetesSupportPlanAKSLongTermSupport),
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// SKU: &armcontainerservice.ManagedClusterSKU{
// Name: to.Ptr(armcontainerservice.ManagedClusterSKUNameBase),
// Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierPremium),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Premium.json
*/
async function createManagedClusterWithLongTermSupport() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
apiServerAccessProfile: { disableRunCommand: true },
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Base", tier: "Premium" },
supportPlan: "AKSLongTermSupport",
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"sku": {
"name": "Base",
"tier": "Premium"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"supportPlan": "AKSLongTermSupport"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"sku": {
"name": "Base",
"tier": "Premium"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"supportPlan": "AKSLongTermSupport"
}
}
Create Managed Cluster with Node Public IP Prefix
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodePublicIPPrefixID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_NodePublicIPPrefix.json
*/
/**
* Sample code: Create Managed Cluster with Node Public IP Prefix.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithNodePublicIPPrefix(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true)
.withNodePublicIpPrefixId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix")
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_node_public_ip_prefix.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"nodePublicIPPrefixID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_NodePublicIPPrefix.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_NodePublicIPPrefix.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithNodePublicIpPrefix() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
NodePublicIPPrefixID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// NodePublicIPPrefixID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_NodePublicIPPrefix.json
*/
async function createManagedClusterWithNodePublicIPPrefix() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
nodePublicIPPrefixID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"nodePublicIPPrefixID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodePublicIPPrefixID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with OSSKU
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"osSKU": "AzureLinux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterHttpProxyConfig;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSSku;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_OSSKU.json
*/
/**
* Sample code: Create Managed Cluster with OSSKU.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithOSSKU(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX).withOsSku(OSSku.AZURE_LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des")
.withHttpProxyConfig(new ManagedClusterHttpProxyConfig().withHttpProxy("http://myproxy.server.com:8080")
.withHttpsProxy("https://myproxy.server.com:8080")
.withNoProxy(Arrays.asList("localhost", "127.0.0.1"))
.withTrustedCa("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=")),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_ossku.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osSKU": "AzureLinux",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": ["localhost", "127.0.0.1"],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_OSSKU.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_OSSKU.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithOssku() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSSKU: to.Ptr(armcontainerservice.OSSKUAzureLinux),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
NoProxy: []*string{
to.Ptr("localhost"),
to.Ptr("127.0.0.1")},
TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
},
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSSKU: to.Ptr(armcontainerservice.OSSKUAzureLinux),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
// HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
// HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
// NoProxy: []*string{
// to.Ptr("localhost"),
// to.Ptr("127.0.0.1")},
// TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
// },
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_OSSKU.json
*/
async function createManagedClusterWithOssku() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osSKU: "AzureLinux",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
httpProxyConfig: {
httpProxy: "http://myproxy.server.com:8080",
httpsProxy: "https://myproxy.server.com:8080",
noProxy: ["localhost", "127.0.0.1"],
trustedCa: "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"osSKU": "AzureLinux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"osSKU": "AzureLinux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
Create Managed Cluster with PodIdentity enabled
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"podIdentityProfile": {
"enabled": true,
"allowNetworkPluginKubenet": true
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPodIdentityProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_PodIdentity.json
*/
/**
* Sample code: Create Managed Cluster with PodIdentity enabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithPodIdentityEnabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf())
.withPodIdentityProfile(
new ManagedClusterPodIdentityProfile().withEnabled(true).withAllowNetworkPluginKubenet(true))
.withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_pod_identity.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"podIdentityProfile": {"allowNetworkPluginKubenet": True, "enabled": True},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PodIdentity.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PodIdentity.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithPodIdentityEnabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
PodIdentityProfile: &armcontainerservice.ManagedClusterPodIdentityProfile{
AllowNetworkPluginKubenet: to.Ptr(true),
Enabled: to.Ptr(true),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PodIdentityProfile: &armcontainerservice.ManagedClusterPodIdentityProfile{
// AllowNetworkPluginKubenet: to.Ptr(true),
// Enabled: to.Ptr(true),
// },
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PodIdentity.json
*/
async function createManagedClusterWithPodIdentityEnabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
podIdentityProfile: { allowNetworkPluginKubenet: true, enabled: true },
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"podIdentityProfile": {
"enabled": true,
"allowNetworkPluginKubenet": true
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"podIdentityProfile": {
"enabled": true,
"allowNetworkPluginKubenet": true
}
}
}
Create Managed Cluster with PPG
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"proximityPlacementGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_PPG.json
*/
/**
* Sample code: Create Managed Cluster with PPG.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithPPG(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true)
.withProximityPlacementGroupId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1")
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_ppg.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"proximityPlacementGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PPG.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PPG.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithPpg() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
ProximityPlacementGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// ProximityPlacementGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PPG.json
*/
async function createManagedClusterWithPpg() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
proximityPlacementGroupID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"proximityPlacementGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"proximityPlacementGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with RunCommand disabled
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"addonProfiles": {},
"enableRBAC": true,
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterApiServerAccessProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_DisableRunCommand.json
*/
/**
* Sample code: Create Managed Cluster with RunCommand disabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithRunCommandDisabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withApiServerAccessProfile(new ManagedClusterApiServerAccessProfile().withDisableRunCommand(true)),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_disable_run_command.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"apiServerAccessProfile": {"disableRunCommand": True},
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DisableRunCommand.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DisableRunCommand.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithRunCommandDisabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
DisableRunCommand: to.Ptr(true),
},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
// DisableRunCommand: to.Ptr(true),
// },
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-ee788a1f.hcp.location1.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PrivateFQDN: to.Ptr("dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// SupportPlan: to.Ptr(armcontainerservice.KubernetesSupportPlanKubernetesOfficial),
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DisableRunCommand.json
*/
async function createManagedClusterWithRunCommandDisabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
apiServerAccessProfile: { disableRunCommand: true },
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"supportPlan": "KubernetesOfficial"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"supportPlan": "KubernetesOfficial"
}
}
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"securityProfile": {
"defender": {
"logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
"securityMonitoring": {
"enabled": true
}
},
"workloadIdentity": {
"enabled": true
}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSecurityProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSecurityProfileDefender;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSecurityProfileDefenderSecurityMonitoring;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSecurityProfileWorkloadIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_SecurityProfile.json
*/
/**
* Sample code: Create Managed Cluster with Security Profile configured.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithSecurityProfileConfigured(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withSecurityProfile(new ManagedClusterSecurityProfile()
.withDefender(new ManagedClusterSecurityProfileDefender().withLogAnalyticsWorkspaceResourceId(
"/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME")
.withSecurityMonitoring(
new ManagedClusterSecurityProfileDefenderSecurityMonitoring().withEnabled(true)))
.withWorkloadIdentity(new ManagedClusterSecurityProfileWorkloadIdentity().withEnabled(true))),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_security_profile.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"dnsPrefix": "dnsprefix1",
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"securityProfile": {
"defender": {
"logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
"securityMonitoring": {"enabled": True},
},
"workloadIdentity": {"enabled": True},
},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_SecurityProfile.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_SecurityProfile.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithSecurityProfileConfigured() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
DNSPrefix: to.Ptr("dnsprefix1"),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
SecurityProfile: &armcontainerservice.ManagedClusterSecurityProfile{
Defender: &armcontainerservice.ManagedClusterSecurityProfileDefender{
LogAnalyticsWorkspaceResourceID: to.Ptr("/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME"),
SecurityMonitoring: &armcontainerservice.ManagedClusterSecurityProfileDefenderSecurityMonitoring{
Enabled: to.Ptr(true),
},
},
WorkloadIdentity: &armcontainerservice.ManagedClusterSecurityProfileWorkloadIdentity{
Enabled: to.Ptr(true),
},
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// SecurityProfile: &armcontainerservice.ManagedClusterSecurityProfile{
// Defender: &armcontainerservice.ManagedClusterSecurityProfileDefender{
// LogAnalyticsWorkspaceResourceID: to.Ptr("/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME"),
// SecurityMonitoring: &armcontainerservice.ManagedClusterSecurityProfileDefenderSecurityMonitoring{
// Enabled: to.Ptr(true),
// },
// },
// WorkloadIdentity: &armcontainerservice.ManagedClusterSecurityProfileWorkloadIdentity{
// Enabled: to.Ptr(true),
// },
// },
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_SecurityProfile.json
*/
async function createManagedClusterWithSecurityProfileConfigured() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
dnsPrefix: "dnsprefix1",
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
securityProfile: {
defender: {
logAnalyticsWorkspaceResourceId:
"/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
securityMonitoring: { enabled: true },
},
workloadIdentity: { enabled: true },
},
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"securityProfile": {
"defender": {
"logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
"securityMonitoring": {
"enabled": true
}
},
"workloadIdentity": {
"enabled": true
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"securityProfile": {
"defender": {
"logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
"securityMonitoring": {
"enabled": true
}
},
"workloadIdentity": {
"enabled": true
}
}
}
}
Create Managed Cluster with UltraSSD enabled
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableUltraSSD": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_EnableUltraSSD.json
*/
/**
* Sample code: Create Managed Cluster with UltraSSD enabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithUltraSSDEnabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableUltraSsd(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_enable_ultra_ssd.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"enableUltraSSD": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableUltraSSD.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableUltraSSD.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithUltraSsdEnabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
EnableUltraSSD: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// EnableUltraSSD: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableUltraSSD.json
*/
async function createManagedClusterWithUltraSsdEnabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
enableUltraSSD: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableUltraSSD": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableUltraSSD": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with user-assigned NAT gateway as outbound type
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "userAssignedNATGateway"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_UserAssignedNATGateway.json
*/
/**
* Sample code: Create Managed Cluster with user-assigned NAT gateway as outbound type.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithUserAssignedNATGatewayAsOutboundType(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(false).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(
new ContainerServiceNetworkProfile().withOutboundType(OutboundType.USER_ASSIGNED_NATGATEWAY)
.withLoadBalancerSku(LoadBalancerSku.STANDARD))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_user_assigned_nat_gateway.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": False,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {"loadBalancerSku": "standard", "outboundType": "userAssignedNATGateway"},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UserAssignedNATGateway.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UserAssignedNATGateway.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithUserAssignedNatGatewayAsOutboundType() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(false),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeUserAssignedNATGateway),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(false),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeUserAssignedNATGateway),
// PodCidr: to.Ptr("10.244.0.0/16"),
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UserAssignedNATGateway.json
*/
async function createManagedClusterWithUserAssignedNatGatewayAsOutboundType() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: false,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerSku: "standard",
outboundType: "userAssignedNATGateway",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "userAssignedNATGateway"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "userAssignedNATGateway"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"ingressProfile": {
"webAppRouting": {
"enabled": true,
"dnsZoneResourceIds": [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME"
]
}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIngressProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIngressProfileWebAppRouting;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_IngressProfile_WebAppRouting.json
*/
/**
* Sample code: Create Managed Cluster with Web App Routing Ingress Profile configured.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithWebAppRoutingIngressProfileConfigured(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withIngressProfile(new ManagedClusterIngressProfile()
.withWebAppRouting(new ManagedClusterIngressProfileWebAppRouting().withEnabled(true)
.withDnsZoneResourceIds(Arrays.asList(
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME")))),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_ingress_profile_web_app_routing.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"dnsPrefix": "dnsprefix1",
"ingressProfile": {
"webAppRouting": {
"dnsZoneResourceIds": [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME"
],
"enabled": True,
}
},
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_IngressProfile_WebAppRouting.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_IngressProfile_WebAppRouting.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithWebAppRoutingIngressProfileConfigured() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
DNSPrefix: to.Ptr("dnsprefix1"),
IngressProfile: &armcontainerservice.ManagedClusterIngressProfile{
WebAppRouting: &armcontainerservice.ManagedClusterIngressProfileWebAppRouting{
DNSZoneResourceIDs: []*string{
to.Ptr("/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME")},
Enabled: to.Ptr(true),
},
},
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// IngressProfile: &armcontainerservice.ManagedClusterIngressProfile{
// WebAppRouting: &armcontainerservice.ManagedClusterIngressProfileWebAppRouting{
// DNSZoneResourceIDs: []*string{
// to.Ptr("/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME")},
// Enabled: to.Ptr(true),
// },
// },
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_IngressProfile_WebAppRouting.json
*/
async function createManagedClusterWithWebAppRoutingIngressProfileConfigured() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
dnsPrefix: "dnsprefix1",
ingressProfile: {
webAppRouting: {
dnsZoneResourceIds: [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME",
],
enabled: true,
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"ingressProfile": {
"webAppRouting": {
"enabled": true,
"dnsZoneResourceIds": [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME"
]
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"ingressProfile": {
"webAppRouting": {
"enabled": true,
"dnsZoneResourceIds": [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME"
]
}
}
}
}
Create Managed Private Cluster with fqdn subdomain specified
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"fqdnSubdomain": "domain1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"privateDNSZone": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"
},
"addonProfiles": {},
"enableRBAC": true,
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterApiServerAccessProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_PrivateClusterFQDNSubdomain.json
*/
/**
* Sample code: Create Managed Private Cluster with fqdn subdomain specified.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedPrivateClusterWithFqdnSubdomainSpecified(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withFqdnSubdomain("domain1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withApiServerAccessProfile(
new ManagedClusterApiServerAccessProfile().withEnablePrivateCluster(true).withPrivateDnsZone(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io")),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_private_cluster_fqdn_subdomain.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"apiServerAccessProfile": {
"enablePrivateCluster": True,
"privateDNSZone": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io",
},
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"fqdnSubdomain": "domain1",
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterFQDNSubdomain.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterFQDNSubdomain.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedPrivateClusterWithFqdnSubdomainSpecified() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
EnablePrivateCluster: to.Ptr(true),
PrivateDNSZone: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"),
},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
FqdnSubdomain: to.Ptr("domain1"),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
// EnablePrivateCluster: to.Ptr(true),
// PrivateDNSZone: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"),
// },
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// FqdnSubdomain: to.Ptr("domain1"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PrivateFQDN: to.Ptr("domain1.privatelink.location1.azmk8s.io"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterFQDNSubdomain.json
*/
async function createManagedPrivateClusterWithFqdnSubdomainSpecified() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
apiServerAccessProfile: {
enablePrivateCluster: true,
privateDNSZone:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io",
},
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
enablePodSecurityPolicy: true,
enableRbac: true,
fqdnSubdomain: "domain1",
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"fqdnSubdomain": "domain1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"privateDNSZone": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"privateFQDN": "domain1.privatelink.location1.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"fqdnSubdomain": "domain1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"privateDNSZone": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"privateFQDN": "domain1.privatelink.location1.azmk8s.io",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Private Cluster with Public FQDN specified
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"enablePrivateClusterPublicFQDN": true
},
"addonProfiles": {},
"enableRBAC": true,
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterApiServerAccessProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_PrivateClusterPublicFQDN.json
*/
/**
* Sample code: Create Managed Private Cluster with Public FQDN specified.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedPrivateClusterWithPublicFQDNSpecified(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withApiServerAccessProfile(new ManagedClusterApiServerAccessProfile().withEnablePrivateCluster(true)
.withEnablePrivateClusterPublicFqdn(true)),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_private_cluster_public_fqdn.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"apiServerAccessProfile": {"enablePrivateCluster": True, "enablePrivateClusterPublicFQDN": True},
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterPublicFQDN.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterPublicFQDN.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedPrivateClusterWithPublicFqdnSpecified() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
EnablePrivateCluster: to.Ptr(true),
EnablePrivateClusterPublicFQDN: to.Ptr(true),
},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
// EnablePrivateCluster: to.Ptr(true),
// EnablePrivateClusterPublicFQDN: to.Ptr(true),
// PrivateDNSZone: to.Ptr("system"),
// },
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-ee788a1f.hcp.location1.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PrivateFQDN: to.Ptr("dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterPublicFQDN.json
*/
async function createManagedPrivateClusterWithPublicFqdnSpecified() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
apiServerAccessProfile: {
enablePrivateCluster: true,
enablePrivateClusterPublicFqdn: true,
},
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"enablePrivateClusterPublicFQDN": true,
"privateDNSZone": "system"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"enablePrivateClusterPublicFQDN": true,
"privateDNSZone": "system"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create/Update AAD Managed Cluster with EnableAzureRBAC
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"aadProfile": {
"managed": true,
"enableAzureRBAC": true
},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAadProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_UpdateWithEnableAzureRBAC.json
*/
/**
* Sample code: Create/Update AAD Managed Cluster with EnableAzureRBAC.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createUpdateAADManagedClusterWithEnableAzureRBAC(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS1_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withAvailabilityZones(Arrays.asList("1", "2", "3"))
.withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAadProfile(new ManagedClusterAadProfile().withManaged(true).withEnableAzureRbac(true))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_update_with_enable_azure_rbac.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"aadProfile": {"enableAzureRBAC": True, "managed": True},
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithEnableAzureRBAC.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithEnableAzureRBAC.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateAadManagedClusterWithEnableAzureRbac() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AADProfile: &armcontainerservice.ManagedClusterAADProfile{
EnableAzureRBAC: to.Ptr(true),
Managed: to.Ptr(true),
},
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AADProfile: &armcontainerservice.ManagedClusterAADProfile{
// EnableAzureRBAC: to.Ptr(true),
// Managed: to.Ptr(true),
// TenantID: to.Ptr("tenantID"),
// },
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithEnableAzureRBAC.json
*/
async function createOrUpdateAadManagedClusterWithEnableAzureRbac() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
aadProfile: { enableAzureRbac: true, managed: true },
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"aadProfile": {
"managed": true,
"adminGroupObjectIDs": null,
"enableAzureRBAC": true,
"tenantID": "tenantID"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"aadProfile": {
"managed": true,
"adminGroupObjectIDs": null,
"enableAzureRBAC": true,
"tenantID": "tenantID"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create/Update Managed Cluster
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"upgradeSettings": {
"overrideSettings": {
"forceUpgrade": false,
"until": "2022-11-01T13:00:00Z"
}
},
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ClusterUpgradeSettings;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.Expander;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.ManagedServiceIdentityUserAssignedIdentitiesValue;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import com.azure.resourcemanager.containerservice.models.ScaleDownMode;
import com.azure.resourcemanager.containerservice.models.UpgradeOverrideSettings;
import java.time.OffsetDateTime;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_Update.json
*/
/**
* Sample code: Create/Update Managed Cluster.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createUpdateManagedCluster(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku().withName(ManagedClusterSkuName.fromString("Basic"))
.withTier(ManagedClusterSkuTier.FREE))
.withIdentity(new ManagedClusterIdentity().withType(ResourceIdentityType.USER_ASSIGNED)
.withUserAssignedIdentities(mapOf(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1",
new ManagedServiceIdentityUserAssignedIdentitiesValue())))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS1_v2").withOsType(OSType.LINUX).withScaleDownMode(ScaleDownMode.DEALLOCATE)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withAvailabilityZones(Arrays.asList("1", "2", "3")).withEnableNodePublicIp(true)
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withUpgradeSettings(new ClusterUpgradeSettings().withOverrideSettings(new UpgradeOverrideSettings()
.withForceUpgrade(false).withUntil(OffsetDateTime.parse("2022-11-01T13:00:00Z"))))
.withAutoScalerProfile(
new ManagedClusterPropertiesAutoScalerProfile().withBalanceSimilarNodeGroups("true")
.withExpander(Expander.PRIORITY).withMaxNodeProvisionTime("15m").withNewPodScaleUpDelay("1m")
.withScanInterval("20s").withScaleDownDelayAfterAdd("15m").withSkipNodesWithSystemPods("false"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_update.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
},
},
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"scaleDownMode": "Deallocate",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false",
},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"upgradeSettings": {"overrideSettings": {"forceUpgrade": False, "until": "2022-11-01T13:00:00Z"}},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Update.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"time"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Update.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedCluster() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Identity: &armcontainerservice.ManagedClusterIdentity{
Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {},
},
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
ScaleDownMode: to.Ptr(armcontainerservice.ScaleDownModeDeallocate),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
BalanceSimilarNodeGroups: to.Ptr("true"),
Expander: to.Ptr(armcontainerservice.ExpanderPriority),
MaxNodeProvisionTime: to.Ptr("15m"),
NewPodScaleUpDelay: to.Ptr("1m"),
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
SkipNodesWithSystemPods: to.Ptr("false"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
UpgradeSettings: &armcontainerservice.ClusterUpgradeSettings{
OverrideSettings: &armcontainerservice.UpgradeOverrideSettings{
ForceUpgrade: to.Ptr(false),
Until: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-01T13:00:00.000Z"); return t }()),
},
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Identity: &armcontainerservice.ManagedClusterIdentity{
// Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": &armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// ClientID: to.Ptr("clientId1"),
// PrincipalID: to.Ptr("principalId1"),
// },
// },
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// ScaleDownMode: to.Ptr(armcontainerservice.ScaleDownModeDeallocate),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// BalanceSimilarNodeGroups: to.Ptr("true"),
// Expander: to.Ptr(armcontainerservice.ExpanderPriority),
// MaxNodeProvisionTime: to.Ptr("15m"),
// NewPodScaleUpDelay: to.Ptr("1m"),
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// SkipNodesWithSystemPods: to.Ptr("false"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// UpgradeSettings: &armcontainerservice.ClusterUpgradeSettings{
// OverrideSettings: &armcontainerservice.UpgradeOverrideSettings{
// ForceUpgrade: to.Ptr(false),
// Until: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-01T13:00:00.000Z"); return t}()),
// },
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Update.json
*/
async function createOrUpdateManagedCluster() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
scaleDownMode: "Deallocate",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: {
balanceSimilarNodeGroups: "true",
expander: "priority",
maxNodeProvisionTime: "15m",
newPodScaleUpDelay: "1m",
scaleDownDelayAfterAdd: "15m",
scanInterval: "20s",
skipNodesWithSystemPods: "false",
},
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/00000000000000000000000000000000/resourcegroups/rgName1/providers/MicrosoftManagedIdentity/userAssignedIdentities/identity1":
{},
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
upgradeSettings: {
overrideSettings: {
forceUpgrade: false,
until: new Date("2022-11-01T13:00:00Z"),
},
},
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"upgradeSettings": {
"overrideSettings": {
"forceUpgrade": false,
"until": "2022-11-01T13:00:00Z"
}
},
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
Create/Update Managed Cluster with Azure Service Mesh
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"serviceMeshProfile": {
"mode": "Istio",
"istio": {
"components": {
"ingressGateways": [
{
"enabled": true,
"mode": "Internal"
}
],
"egressGateways": [
{
"enabled": true
}
]
},
"certificateAuthority": {
"plugin": {
"keyVaultId": "/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
"certObjectName": "ca-cert",
"keyObjectName": "ca-key",
"rootCertObjectName": "root-cert",
"certChainObjectName": "cert-chain"
}
}
}
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.IstioCertificateAuthority;
import com.azure.resourcemanager.containerservice.models.IstioComponents;
import com.azure.resourcemanager.containerservice.models.IstioEgressGateway;
import com.azure.resourcemanager.containerservice.models.IstioIngressGateway;
import com.azure.resourcemanager.containerservice.models.IstioIngressGatewayMode;
import com.azure.resourcemanager.containerservice.models.IstioPluginCertificateAuthority;
import com.azure.resourcemanager.containerservice.models.IstioServiceMesh;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAddonProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ServiceMeshMode;
import com.azure.resourcemanager.containerservice.models.ServiceMeshProfile;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_AzureServiceMesh.json
*/
/**
* Sample code: Create/Update Managed Cluster with Azure Service Mesh.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createUpdateManagedClusterWithAzureServiceMesh(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf("azureKeyvaultSecretsProvider",
new ManagedClusterAddonProfile().withEnabled(true).withConfig(
mapOf("enableSecretRotation", "fakeTokenPlaceholder", "rotationPollInterval", "2m"))))
.withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des")
.withServiceMeshProfile(
new ServiceMeshProfile().withMode(ServiceMeshMode.ISTIO)
.withIstio(new IstioServiceMesh()
.withComponents(new IstioComponents()
.withIngressGateways(Arrays.asList(new IstioIngressGateway()
.withMode(IstioIngressGatewayMode.INTERNAL).withEnabled(true)))
.withEgressGateways(Arrays.asList(new IstioEgressGateway().withEnabled(true))))
.withCertificateAuthority(new IstioCertificateAuthority()
.withPlugin(new IstioPluginCertificateAuthority().withKeyVaultId("fakeTokenPlaceholder")
.withCertObjectName("ca-cert").withKeyObjectName("fakeTokenPlaceholder")
.withRootCertObjectName("root-cert").withCertChainObjectName("cert-chain"))))),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_azure_service_mesh.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"config": {"enableSecretRotation": "true", "rotationPollInterval": "2m"},
"enabled": True,
}
},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"serviceMeshProfile": {
"istio": {
"certificateAuthority": {
"plugin": {
"certChainObjectName": "cert-chain",
"certObjectName": "ca-cert",
"keyObjectName": "ca-key",
"keyVaultId": "/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
"rootCertObjectName": "root-cert",
}
},
"components": {
"egressGateways": [{"enabled": True}],
"ingressGateways": [{"enabled": True, "mode": "Internal"}],
},
},
"mode": "Istio",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureServiceMesh.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureServiceMesh.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedClusterWithAzureServiceMesh() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{
"azureKeyvaultSecretsProvider": {
Config: map[string]*string{
"enableSecretRotation": to.Ptr("true"),
"rotationPollInterval": to.Ptr("2m"),
},
Enabled: to.Ptr(true),
},
},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServiceMeshProfile: &armcontainerservice.ServiceMeshProfile{
Istio: &armcontainerservice.IstioServiceMesh{
CertificateAuthority: &armcontainerservice.IstioCertificateAuthority{
Plugin: &armcontainerservice.IstioPluginCertificateAuthority{
CertChainObjectName: to.Ptr("cert-chain"),
CertObjectName: to.Ptr("ca-cert"),
KeyObjectName: to.Ptr("ca-key"),
KeyVaultID: to.Ptr("/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv"),
RootCertObjectName: to.Ptr("root-cert"),
},
},
Components: &armcontainerservice.IstioComponents{
EgressGateways: []*armcontainerservice.IstioEgressGateway{
{
Enabled: to.Ptr(true),
}},
IngressGateways: []*armcontainerservice.IstioIngressGateway{
{
Enabled: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.IstioIngressGatewayModeInternal),
}},
},
},
Mode: to.Ptr(armcontainerservice.ServiceMeshModeIstio),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{
// "azureKeyvaultSecretsProvider": &armcontainerservice.ManagedClusterAddonProfile{
// Config: map[string]*string{
// "enableSecretRotation": to.Ptr("true"),
// "rotationPollInterval": to.Ptr("2m"),
// },
// Enabled: to.Ptr(true),
// },
// },
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServiceMeshProfile: &armcontainerservice.ServiceMeshProfile{
// Istio: &armcontainerservice.IstioServiceMesh{
// CertificateAuthority: &armcontainerservice.IstioCertificateAuthority{
// Plugin: &armcontainerservice.IstioPluginCertificateAuthority{
// CertChainObjectName: to.Ptr("cert-chain"),
// CertObjectName: to.Ptr("ca-cert"),
// KeyObjectName: to.Ptr("ca-key"),
// KeyVaultID: to.Ptr("/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv"),
// RootCertObjectName: to.Ptr("root-cert"),
// },
// },
// Components: &armcontainerservice.IstioComponents{
// EgressGateways: []*armcontainerservice.IstioEgressGateway{
// {
// Enabled: to.Ptr(true),
// }},
// IngressGateways: []*armcontainerservice.IstioIngressGateway{
// {
// Enabled: to.Ptr(true),
// Mode: to.Ptr(armcontainerservice.IstioIngressGatewayModeInternal),
// }},
// },
// Revisions: []*string{
// to.Ptr("asm-1-17")},
// },
// Mode: to.Ptr(armcontainerservice.ServiceMeshModeIstio),
// },
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureServiceMesh.json
*/
async function createOrUpdateManagedClusterWithAzureServiceMesh() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {
azureKeyvaultSecretsProvider: {
config: { enableSecretRotation: "true", rotationPollInterval: "2m" },
enabled: true,
},
},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
serviceMeshProfile: {
istio: {
certificateAuthority: {
plugin: {
certChainObjectName: "cert-chain",
certObjectName: "ca-cert",
keyObjectName: "ca-key",
keyVaultId:
"/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
rootCertObjectName: "root-cert",
},
},
components: {
egressGateways: [{ enabled: true }],
ingressGateways: [{ enabled: true, mode: "Internal" }],
},
},
mode: "Istio",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"serviceMeshProfile": {
"mode": "Istio",
"istio": {
"components": {
"ingressGateways": [
{
"enabled": true,
"mode": "Internal"
}
],
"egressGateways": [
{
"enabled": true
}
]
},
"certificateAuthority": {
"plugin": {
"keyVaultId": "/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
"certObjectName": "ca-cert",
"keyObjectName": "ca-key",
"rootCertObjectName": "root-cert",
"certChainObjectName": "cert-chain"
}
},
"revisions": [
"asm-1-17"
]
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"serviceMeshProfile": {
"mode": "Istio",
"istio": {
"components": {
"ingressGateways": [
{
"enabled": true,
"mode": "Internal"
}
],
"egressGateways": [
{
"enabled": true
}
]
},
"certificateAuthority": {
"plugin": {
"keyVaultId": "/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
"certObjectName": "ca-cert",
"keyObjectName": "ca-key",
"rootCertObjectName": "root-cert",
"certChainObjectName": "cert-chain"
}
},
"revisions": [
"asm-1-17"
]
}
}
}
}
Create/Update Managed Cluster with dual-stack networking
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
},
"ipFamilies": [
"IPv4",
"IPv6"
]
},
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.Expander;
import com.azure.resourcemanager.containerservice.models.IpFamily;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.ManagedServiceIdentityUserAssignedIdentitiesValue;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import com.azure.resourcemanager.containerservice.models.ScaleDownMode;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_DualStackNetworking.json
*/
/**
* Sample code: Create/Update Managed Cluster with dual-stack networking.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createUpdateManagedClusterWithDualStackNetworking(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku().withName(ManagedClusterSkuName.fromString("Basic"))
.withTier(ManagedClusterSkuTier.FREE))
.withIdentity(new ManagedClusterIdentity().withType(ResourceIdentityType.USER_ASSIGNED)
.withUserAssignedIdentities(mapOf(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1",
new ManagedServiceIdentityUserAssignedIdentitiesValue())))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS1_v2").withOsType(OSType.LINUX).withScaleDownMode(ScaleDownMode.DEALLOCATE)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withAvailabilityZones(Arrays.asList("1", "2", "3")).withEnableNodePublicIp(true)
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile()
.withManagedOutboundIPs(new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2)))
.withIpFamilies(Arrays.asList(IpFamily.IPV4, IpFamily.IPV6)))
.withAutoScalerProfile(
new ManagedClusterPropertiesAutoScalerProfile().withBalanceSimilarNodeGroups("true")
.withExpander(Expander.PRIORITY).withMaxNodeProvisionTime("15m").withNewPodScaleUpDelay("1m")
.withScanInterval("20s").withScaleDownDelayAfterAdd("15m").withSkipNodesWithSystemPods("false"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_dual_stack_networking.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
},
},
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"scaleDownMode": "Deallocate",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false",
},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"ipFamilies": ["IPv4", "IPv6"],
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DualStackNetworking.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DualStackNetworking.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedClusterWithDualStackNetworking() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Identity: &armcontainerservice.ManagedClusterIdentity{
Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {},
},
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
ScaleDownMode: to.Ptr(armcontainerservice.ScaleDownModeDeallocate),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
BalanceSimilarNodeGroups: to.Ptr("true"),
Expander: to.Ptr(armcontainerservice.ExpanderPriority),
MaxNodeProvisionTime: to.Ptr("15m"),
NewPodScaleUpDelay: to.Ptr("1m"),
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
SkipNodesWithSystemPods: to.Ptr("false"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
IPFamilies: []*armcontainerservice.IPFamily{
to.Ptr(armcontainerservice.IPFamilyIPv4),
to.Ptr(armcontainerservice.IPFamilyIPv6)},
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Identity: &armcontainerservice.ManagedClusterIdentity{
// Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": &armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// ClientID: to.Ptr("clientId1"),
// PrincipalID: to.Ptr("principalId1"),
// },
// },
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.22.1"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.22.1"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// ScaleDownMode: to.Ptr(armcontainerservice.ScaleDownModeDeallocate),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// BalanceSimilarNodeGroups: to.Ptr("true"),
// Expander: to.Ptr(armcontainerservice.ExpanderPriority),
// MaxNodeProvisionTime: to.Ptr("15m"),
// NewPodScaleUpDelay: to.Ptr("1m"),
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// SkipNodesWithSystemPods: to.Ptr("false"),
// },
// CurrentKubernetesVersion: to.Ptr("1.22.1"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.22.1"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4),
// to.Ptr(armcontainerservice.IPFamilyIPv6)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip3-ipv6"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// CountIPv6: to.Ptr[int32](1),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16"),
// to.Ptr("fd11:1234::/64")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16"),
// to.Ptr("fd00:1234::/108")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DualStackNetworking.json
*/
async function createOrUpdateManagedClusterWithDualStackNetworking() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
scaleDownMode: "Deallocate",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: {
balanceSimilarNodeGroups: "true",
expander: "priority",
maxNodeProvisionTime: "15m",
newPodScaleUpDelay: "1m",
scaleDownDelayAfterAdd: "15m",
scanInterval: "20s",
skipNodesWithSystemPods: "false",
},
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/00000000000000000000000000000000/resourcegroups/rgName1/providers/MicrosoftManagedIdentity/userAssignedIdentities/identity1":
{},
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
ipFamilies: ["IPv4", "IPv6"],
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.22.1",
"currentKubernetesVersion": "1.22.1",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.22.1",
"currentOrchestratorVersion": "1.22.1",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16",
"fd11:1234::/64"
],
"serviceCidrs": [
"10.0.0.0/16",
"fd00:1234::/108"
],
"ipFamilies": [
"IPv4",
"IPv6"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2,
"countIPv6": 1
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip3-ipv6"
}
]
}
},
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.22.1",
"currentKubernetesVersion": "1.22.1",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.22.1",
"currentOrchestratorVersion": "1.22.1",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16",
"fd11:1234::/64"
],
"serviceCidrs": [
"10.0.0.0/16",
"fd00:1234::/108"
],
"ipFamilies": [
"IPv4",
"IPv6"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2,
"countIPv6": 1
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip3-ipv6"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
Create/Update Managed Cluster with EnableAHUB
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$",
"licenseType": "Windows_Server"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LicenseType;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.ManagedServiceIdentityUserAssignedIdentitiesValue;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_UpdateWithAHUB.json
*/
/**
* Sample code: Create/Update Managed Cluster with EnableAHUB.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createUpdateManagedClusterWithEnableAHUB(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku().withName(ManagedClusterSkuName.fromString("Basic"))
.withTier(ManagedClusterSkuTier.FREE))
.withIdentity(new ManagedClusterIdentity().withType(ResourceIdentityType.USER_ASSIGNED)
.withUserAssignedIdentities(mapOf(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1",
new ManagedServiceIdentityUserAssignedIdentitiesValue())))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS1_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withAvailabilityZones(Arrays.asList("1", "2", "3"))
.withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder").withLicenseType(LicenseType.WINDOWS_SERVER))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_update_with_ahub.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
},
},
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {
"adminPassword": "replacePassword1234$",
"adminUsername": "azureuser",
"licenseType": "Windows_Server",
},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithAHUB.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithAHUB.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedClusterWithEnableAhub() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Identity: &armcontainerservice.ManagedClusterIdentity{
Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {},
},
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
LicenseType: to.Ptr(armcontainerservice.LicenseTypeWindowsServer),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Identity: &armcontainerservice.ManagedClusterIdentity{
// Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": &armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// ClientID: to.Ptr("clientId1"),
// PrincipalID: to.Ptr("principalId1"),
// },
// },
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// LicenseType: to.Ptr(armcontainerservice.LicenseTypeWindowsServer),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithAHUB.json
*/
async function createOrUpdateManagedClusterWithEnableAhub() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/00000000000000000000000000000000/resourcegroups/rgName1/providers/MicrosoftManagedIdentity/userAssignedIdentities/identity1":
{},
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
licenseType: "Windows_Server",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser",
"licenseType": "Windows_Server"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser",
"licenseType": "Windows_Server"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
Create/Update Managed Cluster with Windows gMSA enabled
Ukázkový požadavek
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$",
"gmsaProfile": {
"enabled": true
}
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.ManagedServiceIdentityUserAssignedIdentitiesValue;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import com.azure.resourcemanager.containerservice.models.WindowsGmsaProfile;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_UpdateWindowsGmsa.json
*/
/**
* Sample code: Create/Update Managed Cluster with Windows gMSA enabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createUpdateManagedClusterWithWindowsGMSAEnabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku().withName(ManagedClusterSkuName.fromString("Basic"))
.withTier(ManagedClusterSkuTier.FREE))
.withIdentity(new ManagedClusterIdentity().withType(ResourceIdentityType.USER_ASSIGNED)
.withUserAssignedIdentities(mapOf(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1",
new ManagedServiceIdentityUserAssignedIdentitiesValue())))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS1_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withAvailabilityZones(Arrays.asList("1", "2", "3"))
.withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder")
.withGmsaProfile(new WindowsGmsaProfile().withEnabled(true)))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_update_windows_gmsa.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
},
},
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {
"adminPassword": "replacePassword1234$",
"adminUsername": "azureuser",
"gmsaProfile": {"enabled": True},
},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedClusterWithWindowsGMsaEnabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Identity: &armcontainerservice.ManagedClusterIdentity{
Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {},
},
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
GmsaProfile: &armcontainerservice.WindowsGmsaProfile{
Enabled: to.Ptr(true),
},
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Identity: &armcontainerservice.ManagedClusterIdentity{
// Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": &armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// ClientID: to.Ptr("clientId1"),
// PrincipalID: to.Ptr("principalId1"),
// },
// },
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// GmsaProfile: &armcontainerservice.WindowsGmsaProfile{
// Enabled: to.Ptr(true),
// },
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json
*/
async function createOrUpdateManagedClusterWithWindowsGMsaEnabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/00000000000000000000000000000000/resourcegroups/rgName1/providers/MicrosoftManagedIdentity/userAssignedIdentities/identity1":
{},
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
gmsaProfile: { enabled: true },
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Ukázková odpověď
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser",
"gmsaProfile": {
"enabled": true
}
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser",
"gmsaProfile": {
"enabled": true
}
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
Definice
| Name |
Description |
|
AdvancedNetworking
|
Rozšířený profil sítě pro povolení pozorovatelnosti a sady funkcí zabezpečení v clusteru Další informace najdete v aka.ms/aksadvancednetworking.
|
|
AdvancedNetworkingObservability
|
Profil pozorovatelnosti umožňující pokročilé metriky sítě a protokoly toků s historickými kontexty
|
|
AdvancedNetworkingSecurity
|
Profil zabezpečení umožňující funkce zabezpečení v clusteru založeném na ciliu.
|
|
AgentPoolMode
|
Režim fondu agentů.
|
|
AgentPoolNetworkProfile
|
Nastavení sítě fondu agentů
|
|
AgentPoolSecurityProfile
|
Nastavení zabezpečení fondu agentů.
|
|
AgentPoolType
|
Typ fondu agentů.
|
|
AgentPoolUpgradeSettings
|
Nastavení pro upgrade fondu agentů
|
|
AgentPoolWindowsProfile
|
Profil konkrétního fondu agentů Windows.
|
|
AutoScalerProfile
|
Parametry, které se mají použít u automatického škálování clusteru, když je povoleno
|
|
AzureKeyVaultKms
|
Nastavení služby správy klíčů služby Azure Key Vault pro profil zabezpečení
|
|
BackendPoolType
|
Typ spravovaného back-endového fondu služby Load Balancer pro příchozí provoz.
|
|
CloudError
|
Odpověď na chybu ze služby Container Service
|
|
CloudErrorBody
|
Odpověď na chybu ze služby Container Service
|
|
ClusterUpgradeSettings
|
Nastavení pro upgrade clusteru
|
|
code
|
Určuje, jestli je cluster spuštěný nebo zastavený.
|
|
ContainerServiceLinuxProfile
|
Profil pro virtuální počítače s Linuxem v clusteru služby kontejneru
|
|
ContainerServiceNetworkProfile
|
Profil konfigurace sítě
|
|
ContainerServiceSshConfiguration
|
Konfigurace SSH pro virtuální počítače s Linuxem spuštěné v Azure
|
|
ContainerServiceSshPublicKey
|
Obsahuje informace o datech veřejného klíče certifikátu SSH.
|
|
createdByType
|
Typ identity, která prostředek vytvořila.
|
|
CreationData
|
Data používaná při vytváření cílového prostředku ze zdrojového prostředku
|
|
DelegatedResource
|
Delegované vlastnosti prostředků – pouze interní použití
|
|
expander
|
Rozšíření, které se má použít při vertikálním navýšení kapacity
|
|
ExtendedLocation
|
Komplexní typ rozšířeného umístění.
|
|
ExtendedLocationTypes
|
Typ rozšířeného umístění.
|
|
GPUInstanceProfile
|
GPUInstanceProfile, který se má použít k určení profilu instance GPU MIG pro podporovanou skladovou položku virtuálního počítače GPU.
|
|
Identity
|
Identita prostředku
|
|
ipFamily
|
Rodiny IP adres používané k určení verzí IP adres dostupných pro cluster.
|
|
IPTag
|
Obsahuje IPTag přidružený k objektu.
|
|
IstioCertificateAuthority
|
Konfigurace certifikační autority (CA) istio Service Mesh Prozatím podporujeme pouze certifikáty modulů plug-in, jak je popsáno tady https://aka.ms/asm-plugin-ca
|
|
IstioComponents
|
Konfigurace komponent Istio
|
|
IstioEgressGateway
|
Konfigurace brány výchozího přenosu dat Istio
|
|
IstioIngressGateway
|
Konfigurace brány příchozího přenosu dat Istio Prozatím podporujeme až jednu externí bránu příchozího přenosu dat s názvem aks-istio-ingressgateway-external a jednu interní bránu příchozího přenosu dat s názvem aks-istio-ingressgateway-internal.
|
|
IstioIngressGatewayMode
|
Režim brány příchozího přenosu dat
|
|
IstioPluginCertificateAuthority
|
Informace o certifikátech modulů plug-in pro Service Mesh
|
|
IstioServiceMesh
|
Konfigurace sítě služby Istio
|
|
KeyVaultNetworkAccessTypes
|
Síťový přístup trezoru klíčů
|
|
KubeletConfig
|
Konfigurace kubeletu uzlů agenta
|
|
KubeletDiskType
|
Určuje umístění prázdných svazkůDir, kořen dat modulu runtime kontejneru a dočasné úložiště Kubelet.
|
|
KubernetesSupportPlan
|
Různé úrovně podpory pro clustery spravované službou AKS
|
|
licenseType
|
Typ licence, který se má použít pro virtuální počítače s Windows. Další podrobnosti najdete v tématu výhody hybridního uživatele Azure.
|
|
LinuxOSConfig
|
Konfigurace operačního systému uzlů agenta Linuxu
|
|
loadBalancerSku
|
Skladová položka nástroje pro vyrovnávání zatížení pro spravovaný cluster.
|
|
ManagedCluster
|
Spravovaný cluster
|
|
ManagedClusterAADProfile
|
AADProfile určuje atributy pro integraci Azure Active Directory.
|
|
ManagedClusterAddonProfile
|
Profil doplňku Kubernetes pro spravovaný cluster
|
|
ManagedClusterAgentPoolProfile
|
Profil pro fond agentů služby kontejneru
|
|
ManagedClusterAPIServerAccessProfile
|
Přístupový profil pro server rozhraní API spravovaného clusteru
|
|
ManagedClusterAutoUpgradeProfile
|
Profil automatického upgradu spravovaného clusteru
|
|
ManagedClusterAzureMonitorProfile
|
Profily doplňků služby Azure Monitor pro monitorování spravovaného clusteru
|
|
ManagedClusterAzureMonitorProfileKubeStateMetrics
|
Profil metrik stavu Kube pro doplněk Azure Managed Prometheus Tato volitelná nastavení jsou určená pro pod kube-state-metrics nasazený s doplňkem. Podrobnosti najdete v aka.ms/AzureManagedPrometheus-optional-parameters.
|
|
ManagedClusterAzureMonitorProfileMetrics
|
Profil metrik pro spravovanou službu Azure Monitor pro doplněk Prometheus Shromážděte předkonfigurované metriky infrastruktury Kubernetes pro odesílání do pracovního prostoru služby Azure Monitor a nakonfigurujte další výstřižky pro vlastní cíle. Přehled najdete v aka.ms/AzureManagedPrometheus.
|
|
ManagedClusterCostAnalysis
|
Konfigurace analýzy nákladů pro cluster
|
|
ManagedClusterHTTPProxyConfig
|
Konfigurace proxy serveru HTTP clusteru
|
|
ManagedClusterIdentity
|
Identita spravovaného clusteru
|
|
ManagedClusterIngressProfile
|
Profil příchozího přenosu dat pro cluster služby kontejneru.
|
|
ManagedClusterIngressProfileWebAppRouting
|
Nastavení doplňku Směrování aplikací pro profil příchozího přenosu dat.
|
|
ManagedClusterLoadBalancerProfile
|
Profil nástroje pro vyrovnávání zatížení spravovaného clusteru
|
|
ManagedClusterManagedOutboundIPProfile
|
Profil spravovaných prostředků odchozíCH IP adres spravovaného clusteru
|
|
ManagedClusterMetricsProfile
|
Profil metrik pro ManagedCluster.
|
|
ManagedClusterNATGatewayProfile
|
Profil služby NAT Gateway spravovaného clusteru
|
|
ManagedClusterNodeResourceGroupProfile
|
Profil uzamčení skupiny prostředků uzlu pro spravovaný cluster
|
|
ManagedClusterOIDCIssuerProfile
|
Profil vystavitele OIDC spravovaného clusteru.
|
|
ManagedClusterPodIdentity
|
Podrobnosti o identitě podu přiřazené ke spravovanému clusteru
|
|
ManagedClusterPodIdentityException
|
Výjimka identity podu, která umožňuje podům s určitými popisky přistupovat ke koncovému bodu služby Azure Instance Metadata Service (IMDS), aniž by je zachycoval server NMI (Node-Managed Identity).
|
|
ManagedClusterPodIdentityProfile
|
Profil identity podu spravovaného clusteru.
|
|
ManagedClusterPodIdentityProvisioningError
|
Odpověď na chybu při zřizování identity podu.
|
|
ManagedClusterPodIdentityProvisioningErrorBody
|
Odpověď na chybu při zřizování identity podu.
|
|
ManagedClusterPodIdentityProvisioningState
|
Aktuální stav zřizování identity podu.
|
|
ManagedClusterSecurityProfile
|
Profil zabezpečení pro cluster služby kontejneru
|
|
ManagedClusterSecurityProfileDefender
|
Nastavení Programu Microsoft Defender pro profil zabezpečení.
|
|
ManagedClusterSecurityProfileDefenderSecurityMonitoring
|
Nastavení Programu Microsoft Defender pro detekci hrozeb v profilu zabezpečení
|
|
ManagedClusterSecurityProfileImageCleaner
|
Nástroj Image Cleaner odebere nepoužívané image z uzlů, uvolní místo na disku a pomáhá snížit prostor pro útoky. Tady jsou nastavení profilu zabezpečení.
|
|
ManagedClusterSecurityProfileWorkloadIdentity
|
Nastavení identity úlohy pro profil zabezpečení
|
|
ManagedClusterServicePrincipalProfile
|
Informace o identitě instančního objektu pro cluster, který se má použít pro manipulaci s rozhraními API Azure.
|
|
ManagedClusterSKU
|
Skladová položka spravovaného clusteru.
|
|
ManagedClusterSKUName
|
Název skladové položky spravovaného clusteru
|
|
ManagedClusterSKUTier
|
Úroveň skladové položky spravovaného clusteru.
|
|
ManagedClusterStorageProfile
|
Profil úložiště pro cluster služby kontejneru.
|
|
ManagedClusterStorageProfileBlobCSIDriver
|
Nastavení ovladače CSI pro AzureBlob pro profil úložiště.
|
|
ManagedClusterStorageProfileDiskCSIDriver
|
Nastavení ovladače CSI disku Azure pro profil úložiště.
|
|
ManagedClusterStorageProfileFileCSIDriver
|
Nastavení ovladače CSI služby AzureFile pro profil úložiště.
|
|
ManagedClusterStorageProfileSnapshotController
|
Nastavení snapshot Controlleru pro profil úložiště.
|
|
ManagedClusterWindowsProfile
|
Profil pro virtuální počítače s Windows ve spravovaném clusteru
|
|
ManagedClusterWorkloadAutoScalerProfile
|
Profil automatického škálování úloh pro spravovaný cluster
|
|
ManagedClusterWorkloadAutoScalerProfileKeda
|
Nastavení automatického škálování řízeného událostmi Kubernetes pro profil automatického škálování úloh
|
|
ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler
|
Nastavení VPA (Vertical Pod Autoscaler) pro profil automatického škálování úloh
|
|
ManagedOutboundIPs
|
Požadované spravované odchozí IP adresy pro nástroj pro vyrovnávání zatížení clusteru
|
|
networkDataplane
|
Síťová rovina dat použitá v clusteru Kubernetes.
|
|
networkMode
|
Síťový režim Azure CNI je nakonfigurovaný.
|
|
NetworkPlugin
|
Síťový modul plug-in používaný k vytváření sítě Kubernetes.
|
|
NetworkPluginMode
|
Režim síťového modulu plug-in by měl být použit.
|
|
NetworkPolicy
|
Zásady sítě používané k vytváření sítě Kubernetes.
|
|
nodeOSUpgradeChannel
|
Kanál upgradu operačního systému uzlu
|
|
OSDiskType
|
Typ disku s operačním systémem, který se má použít pro počítače ve fondu agentů.
|
|
OSSKU
|
Určuje skladovou položku operačního systému používanou fondem agentů. Výchozí hodnota je Ubuntu, pokud je OSType Linux. Výchozí hodnota je Windows2019, když Kubernetes <= 1.24 nebo Windows2022, když Kubernetes >= 1.25, pokud je OSType Windows.
|
|
OSType
|
Typ operačního systému. Výchozí hodnota je Linux.
|
|
OutboundIPPrefixes
|
Požadované prostředky předpony odchozíCH IP adres pro nástroj pro vyrovnávání zatížení clusteru
|
|
OutboundIPs
|
Požadované odchozí prostředky IP adresy pro nástroj pro vyrovnávání zatížení clusteru
|
|
outboundType
|
Metoda směrování odchozích přenosů (odchozích přenosů).
|
|
PortRange
|
Rozsah portů.
|
|
PowerState
|
Popisuje stav napájení clusteru.
|
|
PrivateLinkResource
|
Prostředek privátního propojení
|
|
Protocol
|
Síťový protokol portu.
|
|
ProvisioningInfo
|
|
|
PublicNetworkAccess
|
PublicNetworkAccess spravovanéhoclusteru
|
|
ResourceIdentityType
|
Typ identity používané pro spravovaný cluster.
|
|
ResourceReference
|
Odkaz na prostředek Azure
|
|
RestrictionLevel
|
Úroveň omezení použitá pro skupinu prostředků uzlu clusteru. Pokud není zadáno, je výchozí hodnota Unrestricted (Bez omezení).
|
|
ScaleDownMode
|
Popisuje, jak se virtuální počítače přidávají nebo odebírají z fondů agentů. Viz stavy fakturace.
|
|
ScaleSetEvictionPolicy
|
Zásady vyřazení škálovací sady virtuálních počítačů
|
|
ScaleSetPriority
|
Priorita škálovací sady virtuálních počítačů
|
|
ServiceMeshMode
|
Režim sítě služeb
|
|
ServiceMeshProfile
|
Profil sítě služeb pro spravovaný cluster
|
|
SysctlConfig
|
Nastavení sysctl pro uzly agenta Linuxu.
|
|
systemData
|
Metadata týkající se vytvoření a poslední změny prostředku.
|
|
upgradeChannel
|
Kanál upgradu pro automatický upgrade. Výchozí hodnota je žádná.
|
|
UpgradeOverrideSettings
|
Nastavení přepsání při upgradu clusteru
|
|
UserAssignedIdentities
|
Identita uživatele přidružená ke spravovanému clusteru. Tato identita se použije v řídicí rovině. Je povolena pouze jedna identita přiřazená uživatelem.
|
|
UserAssignedIdentity
|
Podrobnosti o identitě přiřazené uživatelem
|
|
WindowsGmsaProfile
|
Profil gMSA windows ve spravovaném clusteru.
|
|
WorkloadRuntime
|
Určuje typ úlohy, který může uzel spustit.
|
AdvancedNetworking
Rozšířený profil sítě pro povolení pozorovatelnosti a sady funkcí zabezpečení v clusteru Další informace najdete v aka.ms/aksadvancednetworking.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Označuje povolení pokročilých síťových funkcí pozorovatelnosti a zabezpečení v clusterech AKS. Pokud je tato možnost nastavená na hodnotu true, budou všechny pozorovatelnosti a funkce zabezpečení nastaveny tak, aby byly povoleny, pokud nejsou explicitně zakázané. Pokud není zadáno, výchozí hodnota je false.
|
|
observability
|
AdvancedNetworkingObservability
|
Profil pozorovatelnosti umožňující pokročilé metriky sítě a protokoly toků s historickými kontexty
|
|
security
|
AdvancedNetworkingSecurity
|
Profil zabezpečení umožňující funkce zabezpečení v clusteru založeném na ciliu.
|
AdvancedNetworkingObservability
Profil pozorovatelnosti umožňující pokročilé metriky sítě a protokoly toků s historickými kontexty
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Označuje povolení pokročilých funkcí pozorovatelnosti sítě v clusterech.
|
AdvancedNetworkingSecurity
Profil zabezpečení umožňující funkce zabezpečení v clusteru založeném na ciliu.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Tato funkce umožňuje uživatelům konfigurovat zásady sítě na základě názvů DNS (FQDN). Je možné ho povolit pouze na clusterech založených na ciliu. Pokud není zadáno, výchozí hodnota je false.
|
AgentPoolMode
Režim fondu agentů.
| Name |
Typ |
Description |
|
System
|
string
|
Fondy systémových agentů jsou primárně určené pro hostování důležitých podů systému, jako jsou CoreDNS a server metrik. Systémové fondy agentů osType musí být Linux. Skladová položka virtuálního počítače s fondy systémových agentů musí mít alespoň 2vCPU a 4 GB paměti.
|
|
User
|
string
|
Fondy uživatelských agentů jsou primárně určené pro hostování podů aplikací.
|
AgentPoolNetworkProfile
Nastavení sítě fondu agentů
| Name |
Typ |
Description |
|
allowedHostPorts
|
PortRange[]
|
Rozsahy portů, ke kterým má povolený přístup. Zadané oblasti se mohou překrývat.
|
|
applicationSecurityGroups
|
string[]
|
ID skupin zabezpečení aplikace, které fond agentů přidruží při vytváření.
|
|
nodePublicIPTags
|
IPTag[]
|
IPTagy veřejných IP adres na úrovni instance
|
AgentPoolSecurityProfile
Nastavení zabezpečení fondu agentů.
| Name |
Typ |
Description |
|
enableSecureBoot
|
boolean
|
Zabezpečené spouštění je funkce důvěryhodného spuštění, která zajišťuje, že se můžou spouštět jenom podepsané operační systémy a ovladače. Další podrobnosti najdete v tématu aka.ms/aks/trustedlaunch. Pokud není zadáno, výchozí hodnota je false.
|
|
enableVTPM
|
boolean
|
vTPM je funkce Trusted Launch pro konfiguraci vyhrazeného zabezpečeného trezoru pro klíče a měření uložená místně na uzlu. Další podrobnosti najdete v tématu aka.ms/aks/trustedlaunch. Pokud není zadáno, výchozí hodnota je false.
|
AgentPoolType
Typ fondu agentů.
| Name |
Typ |
Description |
|
AvailabilitySet
|
string
|
Toto použití se důrazně nedoporučuje.
|
|
VirtualMachineScaleSets
|
string
|
Vytvořte fond agentů zálohovaný škálovací sadou virtuálních počítačů.
|
AgentPoolUpgradeSettings
Nastavení pro upgrade fondu agentů
| Name |
Typ |
Description |
|
drainTimeoutInMinutes
|
integer
|
Časový limit vyprázdnění uzlu
Doba (v minutách) čekání na vyřazení podů a řádné ukončení na uzel. Tato doba čekání na vyřazení respektuje čekání na rozpočty přerušení podů. Pokud dojde k překročení této doby, upgrade se nezdaří. Pokud není zadáno, výchozí hodnota je 30 minut.
|
|
maxSurge
|
string
|
Maximální početneboch
Můžete ho nastavit buď na celé číslo (např. 5), nebo procento (např. 50%). Pokud je zadáno procento, jedná se o procento celkové velikosti fondu agentů v době upgradu. V procentech se desetinné uzly zaokrouhlují nahoru. Pokud není zadáno, výchozí hodnota je 1. Další informace, včetně osvědčených postupů, najdete v tématu: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade
|
|
nodeSoakDurationInMinutes
|
integer
|
Doba trvání namočení uzlu
Doba (v minutách) čekání po vyprázdnění uzlu a před opětovným obnovením a přechodem na další uzel. Pokud není zadáno, výchozí hodnota je 0 minut.
|
AgentPoolWindowsProfile
Profil konkrétního fondu agentů Windows.
| Name |
Typ |
Description |
|
disableOutboundNat
|
boolean
|
Určuje, jestli se má v uzlech Windows zakázat odchozí připojeníNAT.
Výchozí hodnota je false. Odchozí překlad adres (NAT) je možné zakázat pouze v případě, že odchozí typ clusteru je NAT Gateway a fond agentů Windows nemá povolenou veřejnou IP adresu uzlu.
|
AutoScalerProfile
Parametry, které se mají použít u automatického škálování clusteru, když je povoleno
| Name |
Typ |
Description |
|
balance-similar-node-groups
|
string
|
Detekuje podobné fondy uzlů a vyrovnává počet uzlů mezi nimi.
Platné hodnoty jsou true a false.
|
|
daemonset-eviction-for-empty-nodes
|
boolean
|
Pody DaemonSet budou řádně ukončeny z prázdných uzlů.
Pokud je nastavená hodnota true, všechny pody démona na prázdných uzlech se před odstraněním uzlu vyřadí. Pokud pod démona nelze vyřadit jiný uzel, bude zvolen pro škálování. Pokud je nastavená hodnota false, uzel se odstraní, aniž by se zajistilo odstranění nebo vyřazení podů démona.
|
|
daemonset-eviction-for-occupied-nodes
|
boolean
|
Pody DaemonSet budou řádně ukončeny z neprázdných uzlů.
Pokud je nastavená hodnota true, všechny pody démona na obsazených uzlech se před odstraněním uzlu vyřadí. Pokud pod démona nelze vyřadit jiný uzel, bude zvolen pro škálování. Pokud je nastavená hodnota false, uzel se odstraní, aniž by se zajistilo odstranění nebo vyřazení podů démona.
|
|
expander
|
expander
|
Rozšíření, které se má použít při vertikálním navýšení kapacity
Pokud není zadáno, výchozí hodnota je náhodná. Další informace najdete v rozbalovacích.
|
|
ignore-daemonsets-utilization
|
boolean
|
Pokud certifikační autorita při výpočtu využití prostředků pro vertikální snížení kapacity ignoruje pody daemonSet
Pokud je nastavená hodnota true, při rozhodování o vertikálním snížení kapacity se zohlední prostředky používané procesem démona.
|
|
max-empty-bulk-delete
|
string
|
Maximální počet prázdných uzlů, které lze odstranit současně. Musí to být kladné celé číslo.
Výchozí hodnota je 10.
|
|
max-graceful-termination-sec
|
string
|
Maximální počet sekund, po které automatické škálování clusteru čeká na ukončení podu při pokusu o vertikální snížení kapacity uzlu.
Výchozí hodnota je 600.
|
|
max-node-provision-time
|
string
|
Maximální doba čekání automatického škálování na zřízení uzlu.
Výchozí hodnota je 15 min. Hodnoty musí být celé číslo následované 'm'. Nepodporuje se žádná jednotka času kromě minut (m).
|
|
max-total-unready-percentage
|
string
|
Maximální procento nepřečtených uzlů v clusteru Po překročení tohoto procenta automatické škálování clusteru zastaví operace.
Výchozí hodnota je 45. Maximum je 100 a minimum je 0.
|
|
new-pod-scale-up-delay
|
string
|
Ignorovat neplánované pody před určitým věkem.
Ve scénářích, jako je nárazové nebo dávkové škálování, kdy nechcete, aby certifikační autorita fungovala před tím, než plánovač Kubernetes může naplánovat všechny pody, můžete certifikační autoritě říct, aby před určitým věkem ignorovala neplánované pody. Výchozí hodnota je 0s. Hodnoty musí být celé číslo následované jednotkou (po sekundách, "m" pro minuty, "h" pro hodiny atd.).
|
|
ok-total-unready-count
|
string
|
Počet povolených nepřečtených uzlů bez ohledu na maximální celkové nepřečtené procento.
Musí to být celé číslo. Výchozí hodnota je 3.
|
|
scale-down-delay-after-add
|
string
|
Jak dlouho po vertikálním navýšení kapacity se obnoví vyhodnocení vertikálního snížení kapacity
Výchozí hodnota je 10 m. Hodnoty musí být celé číslo následované 'm'. Nepodporuje se žádná jednotka času kromě minut (m).
|
|
scale-down-delay-after-delete
|
string
|
Jak dlouho po odstranění uzlu se obnoví vyhodnocení vertikálního snížení kapacity.
Výchozí hodnota je interval kontroly. Hodnoty musí být celé číslo následované 'm'. Nepodporuje se žádná jednotka času kromě minut (m).
|
|
scale-down-delay-after-failure
|
string
|
Jak dlouho po selhání vertikálního snížení kapacity se obnoví vyhodnocení vertikálního snížení kapacity.
Výchozí hodnota je 3 min. Hodnoty musí být celé číslo následované 'm'. Nepodporuje se žádná jednotka času kromě minut (m).
|
|
scale-down-unneeded-time
|
string
|
Jak dlouho by měl být uzel nepotřebný, než má nárok na vertikální snížení kapacity.
Výchozí hodnota je 10 m. Hodnoty musí být celé číslo následované 'm'. Nepodporuje se žádná jednotka času kromě minut (m).
|
|
scale-down-unready-time
|
string
|
Jak dlouho má být nepřečtený uzel nepotřebný, než bude mít nárok na vertikální snížení kapacity
Výchozí hodnota je 20 min. Hodnoty musí být celé číslo následované 'm'. Nepodporuje se žádná jednotka času kromě minut (m).
|
|
scale-down-utilization-threshold
|
string
|
Úroveň využití uzlu definovaná jako součet požadovaných prostředků rozdělených kapacitou, pod kterou lze uzel považovat za vertikální snížení kapacity.
Výchozí hodnota je 0,5.
|
|
scan-interval
|
string
|
Jak často se cluster znovu vyhodnocuje pro vertikální navýšení nebo snížení kapacity.
Výchozí hodnota je 10. Hodnoty musí být celočíselné číslo sekund.
|
|
skip-nodes-with-local-storage
|
string
|
Pokud automatické škálování clusteru přeskočí odstraňování uzlů s pody s místním úložištěm, například EmptyDir nebo HostPath.
Výchozí hodnota je true.
|
|
skip-nodes-with-system-pods
|
string
|
Pokud automatické škálování clusteru přeskočí odstranění uzlů s pody ze systému kube-system (s výjimkou démonů nebo zrcadlových podů)
Výchozí hodnota je true.
|
AzureKeyVaultKms
Nastavení služby správy klíčů služby Azure Key Vault pro profil zabezpečení
| Name |
Typ |
Default value |
Description |
|
enabled
|
boolean
|
|
Určuje, jestli chcete povolit službu správy klíčů služby Azure Key Vault. Výchozí hodnota je false.
|
|
keyId
|
string
|
|
Identifikátor klíče služby Azure Key Vault. Další podrobnosti najdete v formátu identifikátoru klíče. Pokud je povolená služba správy klíčů služby Azure Key Vault, je toto pole povinné a musí se jednat o platný identifikátor klíče. Pokud je služba správy klíčů azure Key Vault zakázaná, ponechte pole prázdné.
|
|
keyVaultNetworkAccess
|
KeyVaultNetworkAccessTypes
|
Public
|
Síťový přístup trezoru klíčů
Síťový přístup trezoru klíčů. Možné hodnoty jsou Public a Private.
Public znamená, že trezor klíčů umožňuje veřejný přístup ze všech sítí.
Private znamená, že trezor klíčů zakáže veřejný přístup a povolí privátní propojení. Výchozí hodnota je Public.
|
|
keyVaultResourceId
|
string
|
|
ID prostředku trezoru klíčů Pokud je keyVaultNetworkAccess Private, je toto pole povinné a musí se jednat o platné ID prostředku. Když je keyVaultNetworkAccess Public, ponechte pole prázdné.
|
BackendPoolType
Typ spravovaného back-endového fondu služby Load Balancer pro příchozí provoz.
CloudError
Odpověď na chybu ze služby Container Service
CloudErrorBody
Odpověď na chybu ze služby Container Service
| Name |
Typ |
Description |
|
code
|
string
|
Identifikátor chyby. Kódy jsou invariantní a mají být využity programově.
|
|
details
|
CloudErrorBody[]
|
Seznam dalších podrobností o chybě
|
|
message
|
string
|
Zpráva popisující chybu, která má být vhodná pro zobrazení v uživatelském rozhraní.
|
|
target
|
string
|
Cíl konkrétní chyby. Například název vlastnosti v chybě.
|
ClusterUpgradeSettings
Nastavení pro upgrade clusteru
code
Určuje, jestli je cluster spuštěný nebo zastavený.
| Name |
Typ |
Description |
|
Running
|
string
|
Cluster je spuštěný.
|
|
Stopped
|
string
|
Cluster je zastavený.
|
ContainerServiceLinuxProfile
Profil pro virtuální počítače s Linuxem v clusteru služby kontejneru
| Name |
Typ |
Description |
|
adminUsername
|
string
|
Uživatelské jméno správce, které se má použít pro virtuální počítače s Linuxem.
|
|
ssh
|
ContainerServiceSshConfiguration
|
Konfigurace SSH pro virtuální počítače s Linuxem spuštěné v Azure.
|
ContainerServiceNetworkProfile
Profil konfigurace sítě
| Name |
Typ |
Default value |
Description |
|
advancedNetworking
|
AdvancedNetworking
|
|
Rozšířený profil sítě pro povolení pozorovatelnosti a sady funkcí zabezpečení v clusteru Další informace najdete v aka.ms/aksadvancednetworking.
|
|
dnsServiceIP
|
string
|
10.0.0.10
|
IP adresa přiřazená službě DNS Kubernetes. Musí být v rozsahu adres služby Kubernetes zadaném v serviceCidr.
|
|
ipFamilies
|
ipFamily[]
|
|
Rodiny IP adres používané k určení verzí IP adres dostupných pro cluster.
Rodiny IP adres se používají k určení clusterů s jedním stackem nebo duálním zásobníkem. U jednoho zásobníku je očekávaná hodnota IPv4. U duálního zásobníku jsou očekávané hodnoty IPv4 a IPv6.
|
|
loadBalancerProfile
|
ManagedClusterLoadBalancerProfile
|
|
Profil nástroje pro vyrovnávání zatížení clusteru
|
|
loadBalancerSku
|
loadBalancerSku
|
|
Skladová položka nástroje pro vyrovnávání zatížení pro spravovaný cluster.
Výchozí hodnota je standard. Další informace o rozdílech mezi skladovými jednotkami nástroje pro vyrovnávání zatížení najdete v tématu skladových položek Azure Load Balanceru.
|
|
natGatewayProfile
|
ManagedClusterNATGatewayProfile
|
|
Profil služby CLUSTER NAT Gateway
|
|
networkDataplane
|
networkDataplane
|
|
Síťová rovina dat použitá v clusteru Kubernetes.
|
|
networkMode
|
networkMode
|
|
Síťový režim Azure CNI je nakonfigurovaný.
Tuto možnost nelze zadat, pokud je networkPlugin cokoli jiného než azure.
|
|
networkPlugin
|
NetworkPlugin
|
|
Síťový modul plug-in používaný k vytváření sítě Kubernetes.
|
|
networkPluginMode
|
NetworkPluginMode
|
|
Režim síťového modulu plug-in by měl být použit.
|
|
networkPolicy
|
NetworkPolicy
|
|
Zásady sítě používané k vytváření sítě Kubernetes.
|
|
outboundType
|
outboundType
|
loadBalancer
|
Metoda směrování odchozích přenosů (odchozích přenosů).
Tuto možnost je možné nastavit pouze při vytváření clusteru a později ji nelze změnit. Další informace naleznete v tématu odchozí typ odchozího přenosu.
|
|
podCidr
|
string
|
10.244.0.0/16
|
Rozsah IP adres zápisu CIDR, ze kterého se při použití kubenetu přiřazují IP adresy podů.
|
|
podCidrs
|
string[]
|
|
IP adresa notace CIDR, ze které se mají přiřazovat IP adresy podů.
U sítí s jedním zásobníkem se očekává jedna ciDR IPv4. U sítí s duálním zásobníkem se očekává dva identifikátoryCIDr, jedna pro každou řadu IP adres (IPv4/IPv6).
|
|
serviceCidr
|
string
|
10.0.0.0/16
|
Rozsah IP adres zápisu CIDR, ze kterého se mají přiřazovat IP adresy clusteru služeb. Nesmí se překrývat s žádnými rozsahy IP adres podsítě.
|
|
serviceCidrs
|
string[]
|
|
IP adresa zápisu CIDR, ze které se mají přiřazovat IP adresy clusteru služeb.
U sítí s jedním zásobníkem se očekává jedna ciDR IPv4. U sítí s duálním zásobníkem se očekává dva identifikátoryCIDr, jedna pro každou řadu IP adres (IPv4/IPv6). Nesmí se překrývat s žádnými rozsahy IP adres podsítě.
|
ContainerServiceSshConfiguration
Konfigurace SSH pro virtuální počítače s Linuxem spuštěné v Azure
| Name |
Typ |
Description |
|
publicKeys
|
ContainerServiceSshPublicKey[]
|
Seznam veřejných klíčů SSH, které se používají k ověřování pomocí virtuálních počítačů s Linuxem. Je možné zadat maximálně 1 klíč.
|
ContainerServiceSshPublicKey
Obsahuje informace o datech veřejného klíče certifikátu SSH.
| Name |
Typ |
Description |
|
keyData
|
string
|
Veřejný klíč certifikátu používaný k ověření s virtuálními počítači přes SSH. Certifikát musí být ve formátu PEM s hlavičkami nebo bez.
|
createdByType
Typ identity, která prostředek vytvořila.
| Name |
Typ |
Description |
|
Application
|
string
|
|
|
Key
|
string
|
|
|
ManagedIdentity
|
string
|
|
|
User
|
string
|
|
CreationData
Data používaná při vytváření cílového prostředku ze zdrojového prostředku
| Name |
Typ |
Description |
|
sourceResourceId
|
string
|
Toto je ID ARM zdrojového objektu, které se má použít k vytvoření cílového objektu.
|
DelegatedResource
Delegované vlastnosti prostředků – pouze interní použití
| Name |
Typ |
Description |
|
location
|
string
|
Umístění zdrojového prostředku – pouze interní použití.
|
|
referralResource
|
string
|
ID delegování delegování referenčního seznamu (volitelné) – pouze interní použití.
|
|
resourceId
|
string
|
ID prostředku ARM delegovaného prostředku – pouze interní použití.
|
|
tenantId
|
string
|
ID tenanta delegovaného prostředku – pouze interní použití.
|
expander
Rozšíření, které se má použít při vertikálním navýšení kapacity
| Name |
Typ |
Description |
|
least-waste
|
string
|
Vybere skupinu uzlů, která bude mít po vertikálním navýšení kapacity nejméně nečinný procesor (pokud je svázaný, nevyužitá paměť). To je užitečné v případě, že máte různé třídy uzlů, například vysoké využití procesoru nebo vysokého využití paměti a chcete je rozšířit jenom v případě, že existují čekající pody, které potřebují velké množství těchto prostředků.
|
|
most-pods
|
string
|
Vybere skupinu uzlů, která by při vertikálním navýšení kapacity mohla naplánovat nejvíce podů. To je užitečné, když používáte nodeSelector k zajištění toho, aby určité pody přistály na určitých uzlech. Všimněte si, že to nezpůsobí, že automatické škálování vybere větší a menší uzly, protože může přidat více menších uzlů najednou.
|
|
priority
|
string
|
Vybere skupinu uzlů, která má nejvyšší prioritu přiřazenou uživatelem. Konfigurace je popsána v dalších podrobnostech zde.
|
|
random
|
string
|
Používá se, když nemáte konkrétní potřebu skupin uzlů škálovat jinak.
|
ExtendedLocation
Komplexní typ rozšířeného umístění.
| Name |
Typ |
Description |
|
name
|
string
|
Název rozšířeného umístění.
|
|
type
|
ExtendedLocationTypes
|
Typ rozšířeného umístění.
|
ExtendedLocationTypes
Typ rozšířeného umístění.
| Name |
Typ |
Description |
|
EdgeZone
|
string
|
|
GPUInstanceProfile
GPUInstanceProfile, který se má použít k určení profilu instance GPU MIG pro podporovanou skladovou položku virtuálního počítače GPU.
| Name |
Typ |
Description |
|
MIG1g
|
string
|
|
|
MIG2g
|
string
|
|
|
MIG3g
|
string
|
|
|
MIG4g
|
string
|
|
|
MIG7g
|
string
|
|
Identity
Identita prostředku
| Name |
Typ |
Description |
|
principalId
|
string
|
ID objektu zabezpečení identity prostředku. Hodnota musí být UUID.
|
|
tenantId
|
string
|
ID tenanta prostředku. Hodnota musí být UUID.
|
|
type
|
ResourceIdentityType
|
Typ identity.
|
ipFamily
Rodiny IP adres používané k určení verzí IP adres dostupných pro cluster.
| Name |
Typ |
Description |
|
IPv4
|
string
|
|
|
IPv6
|
string
|
|
IPTag
Obsahuje IPTag přidružený k objektu.
| Name |
Typ |
Description |
|
ipTagType
|
string
|
Typ značky IP. Příklad: RoutingPreference.
|
|
tag
|
string
|
Hodnota značky IP přidružené k veřejné IP adrese. Příklad: Internet.
|
IstioCertificateAuthority
Konfigurace certifikační autority (CA) istio Service Mesh Prozatím podporujeme pouze certifikáty modulů plug-in, jak je popsáno tady https://aka.ms/asm-plugin-ca
IstioComponents
Konfigurace komponent Istio
IstioEgressGateway
Konfigurace brány výchozího přenosu dat Istio
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Určuje, jestli se má brána výchozího přenosu dat povolit.
|
IstioIngressGateway
Konfigurace brány příchozího přenosu dat Istio Prozatím podporujeme až jednu externí bránu příchozího přenosu dat s názvem aks-istio-ingressgateway-external a jednu interní bránu příchozího přenosu dat s názvem aks-istio-ingressgateway-internal.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Určuje, jestli se má brána příchozího přenosu dat povolit.
|
|
mode
|
IstioIngressGatewayMode
|
Režim brány příchozího přenosu dat
|
IstioIngressGatewayMode
Režim brány příchozího přenosu dat
| Name |
Typ |
Description |
|
External
|
string
|
Brána příchozího přenosu dat má přiřazenou veřejnou IP adresu a je veřejně přístupná.
|
|
Internal
|
string
|
Brána příchozího přenosu dat má přiřazenou interní IP adresu a nemůže k němu přistupovat veřejně.
|
IstioPluginCertificateAuthority
Informace o certifikátech modulů plug-in pro Service Mesh
| Name |
Typ |
Description |
|
certChainObjectName
|
string
|
Název objektu řetězu certifikátů ve službě Azure Key Vault
|
|
certObjectName
|
string
|
Zprostředkující název objektu certifikátu ve službě Azure Key Vault
|
|
keyObjectName
|
string
|
Název objektu privátního klíče zprostředkujícího certifikátu ve službě Azure Key Vault
|
|
keyVaultId
|
string
|
ID prostředku služby Key Vault.
|
|
rootCertObjectName
|
string
|
Název kořenového objektu certifikátu ve službě Azure Key Vault
|
IstioServiceMesh
Konfigurace sítě služby Istio
KeyVaultNetworkAccessTypes
Síťový přístup trezoru klíčů
| Name |
Typ |
Description |
|
Private
|
string
|
|
|
Public
|
string
|
|
KubeletConfig
Konfigurace kubeletu uzlů agenta
| Name |
Typ |
Description |
|
allowedUnsafeSysctls
|
string[]
|
Povolený seznam nebezpečných vzorů sysctl nebo nebezpečných vzorů sysctl (končících na *).
|
|
containerLogMaxFiles
|
integer
|
Maximální počet souborů protokolu kontejneru, které mohou být přítomné pro kontejner. Číslo musí být ≥ 2.
|
|
containerLogMaxSizeMB
|
integer
|
Maximální velikost souboru protokolu kontejneru (např. 10Mi) před otočením.
|
|
cpuCfsQuota
|
boolean
|
Pokud je pro kontejnery, které určují limity procesoru, povolená kvóta CFS procesoru.
Výchozí hodnota je true.
|
|
cpuCfsQuotaPeriod
|
string
|
Hodnota období kvóty CPU CFS.
Výchozí hodnota je 100 ms. Platné hodnoty jsou posloupnost desetinných čísel s volitelným zlomkem a příponou jednotky. Příklad: 300ms, 2h45m. Podporované jednotky jsou ns, us, ms, s, m a h.
|
|
cpuManagerPolicy
|
string
|
Zásady správce procesoru, které se mají použít.
Výchozí hodnota je žádná. Další informace najdete v tématu zásad správy procesoru Kubernetes. Povolené hodnoty jsou none a static.
|
|
failSwapOn
|
boolean
|
Pokud je nastavená hodnota true, kubelet se nepodaří spustit, pokud je na uzlu povoleno prohození.
|
|
imageGcHighThreshold
|
integer
|
Procento využití disku, po kterém se vždy spustí uvolňování paměti image.
Pokud chcete zakázat uvolňování paměti image, nastavte hodnotu 100. Výchozí hodnota je 85%
|
|
imageGcLowThreshold
|
integer
|
Procento využití disku, před kterým se nikdy nespustí uvolňování paměti image.
Nelze nastavit vyšší než imageGcHighThreshold. Výchozí hodnota je 80%
|
|
podMaxPids
|
integer
|
Maximální počet procesů na pod.
|
|
topologyManagerPolicy
|
string
|
Zásady Správce topologie, které se mají použít.
Další informace naleznete v tématu Správce topologie Kubernetes. Výchozí hodnota je žádná. Povolené hodnoty jsou none, best-effort, restricted a single-numa-node.
|
KubeletDiskType
Určuje umístění prázdných svazkůDir, kořen dat modulu runtime kontejneru a dočasné úložiště Kubelet.
| Name |
Typ |
Description |
|
OS
|
string
|
Kubelet použije disk s operačním systémem pro svá data.
|
|
Temporary
|
string
|
Kubelet použije dočasný disk pro svá data.
|
KubernetesSupportPlan
Různé úrovně podpory pro clustery spravované službou AKS
| Name |
Typ |
Description |
|
AKSLongTermSupport
|
string
|
Podpora pro verzi rozšířenou o 1 rok za podporu KubernetesOfficial. AKS pokračuje v opravách CVE na dalších 1 rok, celkem po dobu 2 let podpory.
|
|
KubernetesOfficial
|
string
|
Podpora verze je stejná jako u opensourcové nabídky Kubernetes. Oficiální verze podpory opensourcové komunity Kubernetes po dobu 1 roku po vydání.
|
licenseType
Typ licence, který se má použít pro virtuální počítače s Windows. Další podrobnosti najdete v tématu výhody hybridního uživatele Azure.
| Name |
Typ |
Description |
|
None
|
string
|
Nepoužijí se žádné další licence.
|
|
Windows_Server
|
string
|
Umožňuje výhody hybridního uživatele Azure pro virtuální počítače s Windows.
|
LinuxOSConfig
Konfigurace operačního systému uzlů agenta Linuxu
| Name |
Typ |
Description |
|
swapFileSizeMB
|
integer
|
Velikost v MB prohození souboru, který se vytvoří na každém uzlu.
|
|
sysctls
|
SysctlConfig
|
Nastavení sysctl pro uzly agenta Linuxu.
|
|
transparentHugePageDefrag
|
string
|
Zda by jádro mělo agresivně využívat komprimace paměti, aby bylo k dispozici více obrovských stránek.
Platné hodnoty jsou 'always', 'defer', 'defer+madvise', 'madvise' a 'never'. Výchozí hodnota je madvise. Další informace naleznete v tématu Transparent Hugepages.
|
|
transparentHugePageEnabled
|
string
|
Jestli jsou povolené průhledné obrovské stránky.
Platné hodnoty jsou 'always', 'madvise' a 'never'. Výchozí hodnota je vždy. Další informace naleznete v tématu Transparent Hugepages.
|
loadBalancerSku
Skladová položka nástroje pro vyrovnávání zatížení pro spravovaný cluster.
| Name |
Typ |
Description |
|
basic
|
string
|
Použijte Load Balancer úrovně Basic s omezenými funkcemi.
|
|
standard
|
string
|
Použijte standardní Load Balancer. Toto je doporučená skladová položka Load Balanceru. Další informace o práci s nástrojem pro vyrovnávání zatížení ve spravovaném clusteru najdete v článku load Balanceru úrovně Standard.
|
ManagedCluster
Spravovaný cluster
| Name |
Typ |
Description |
|
eTag
|
string
|
Jedinečný řetězec jen pro čtení, který se používá k implementaci optimistické souběžnosti. Hodnota eTag se změní při aktualizaci prostředku. Zadejte hlavičku if-match nebo if-none-match s hodnotou eTag pro následný požadavek, aby se povolila optimistická souběžnost podle normální konvence značky etag.
|
|
extendedLocation
|
ExtendedLocation
|
Rozšířené umístění virtuálního počítače.
|
|
id
|
string
|
Plně kvalifikované ID prostředku pro prostředek. Například /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
|
|
identity
|
ManagedClusterIdentity
|
Identita spravovaného clusteru, pokud je nakonfigurovaná.
|
|
location
|
string
|
Geografické umístění, ve kterém se nachází zdroj
|
|
name
|
string
|
Název prostředku
|
|
properties.aadProfile
|
ManagedClusterAADProfile
|
AADProfile určuje atributy pro integraci Azure Active Directory.
Konfigurace Azure Active Directory.
|
|
properties.addonProfiles
|
<string,
ManagedClusterAddonProfile>
|
Profil doplňku spravovaného clusteru
|
|
properties.agentPoolProfiles
|
ManagedClusterAgentPoolProfile[]
|
Vlastnosti fondu agentů.
|
|
properties.apiServerAccessProfile
|
ManagedClusterAPIServerAccessProfile
|
Přístupový profil pro server rozhraní API spravovaného clusteru.
|
|
properties.autoScalerProfile
|
AutoScalerProfile
|
Parametry, které se mají použít u automatického škálování clusteru, když je povoleno
|
|
properties.autoUpgradeProfile
|
ManagedClusterAutoUpgradeProfile
|
Konfigurace automatického upgradu.
|
|
properties.azureMonitorProfile
|
ManagedClusterAzureMonitorProfile
|
Profily doplňků služby Azure Monitor pro monitorování spravovaného clusteru
|
|
properties.azurePortalFQDN
|
string
|
Speciální plně kvalifikovaný název domény používaný webem Azure Portal pro přístup ke spravovanému clusteru. Tento plně kvalifikovaný název domény se používá jenom na webu Azure Portal a neměl by ho používat jiní klienti.
Azure Portal vyžaduje, aby se v některých odpovědích odesílaly určité hlavičky CORS (Cross-Origin Resource Sharing), které Kubernetes APIServer ve výchozím nastavení nezpracuje. Tento speciální plně kvalifikovaný název domény podporuje CORS, což umožňuje správné fungování webu Azure Portal.
|
|
properties.currentKubernetesVersion
|
string
|
Verze Kubernetes, na které je spravovaný cluster spuštěný.
Pokud byl kubernetesVersion plně zadanou verzí <major.minor.patch>, bude toto pole přesně stejné. Pokud byl kubernetesVersion <major.minor>, bude toto pole obsahovat úplnou verzi <major.minor.patch>.
|
|
properties.disableLocalAccounts
|
boolean
|
Pokud by místní účty měly být ve spravovaném clusteru zakázané.
Pokud je nastavená hodnota true, získání statických přihlašovacích údajů bude pro tento cluster zakázané. Tato možnost se musí používat jenom u spravovaných clusterů, které jsou povolené službou AAD. Další podrobnosti najdete v tématu zakázání místních účtů.
|
|
properties.diskEncryptionSetID
|
string
|
ID prostředku pro šifrování disku nastavené pro povolení šifrování neaktivních uložených dat.
Toto je formulář: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}.
|
|
properties.dnsPrefix
|
string
|
Předpona DNS spravovaného clusteru.
Po vytvoření spravovaného clusteru to nejde aktualizovat.
|
|
properties.enablePodSecurityPolicy
|
boolean
|
(ZASTARALÉ) Jestli chcete povolit zásady zabezpečení podů Kubernetes (Preview). PodSecurityPolicy byl v Kubernetes verze 1.21 vyřazen a odebrán z Kubernetes ve verzi 1.25. Další informace najdete v https://aka.ms/k8s/psp a https://aka.ms/aks/psp.
|
|
properties.enableRBAC
|
boolean
|
Jestli chcete povolit Kubernetes Role-Based řízení přístupu.
|
|
properties.fqdn
|
string
|
Plně kvalifikovaný název domény hlavního fondu.
|
|
properties.fqdnSubdomain
|
string
|
Subdoména plně kvalifikovaného názvu domény privátního clusteru s vlastní zónou privátního dns.
Po vytvoření spravovaného clusteru to nejde aktualizovat.
|
|
properties.httpProxyConfig
|
ManagedClusterHTTPProxyConfig
|
Konfigurace pro zřizování clusteru pomocí proxy serverů HTTP.
|
|
properties.identityProfile
|
<string,
UserAssignedIdentity>
|
Identita uživatele přidružená ke spravovanému clusteru. Tuto identitu bude používat kubelet. Je povolena pouze jedna identita přiřazená uživatelem. Jediný akceptovaný klíč je kubeletidentity s hodnotou resourceId: "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}".
|
|
properties.ingressProfile
|
ManagedClusterIngressProfile
|
Profil příchozího přenosu dat pro spravovaný cluster
|
|
properties.kubernetesVersion
|
string
|
Verze Kubernetes určená uživatelem
Podporují se obě verze opravy <major.minor.patch> (např. 1.20.13) a <major.minor> (např. 1.20). Při <major.minor> je zvolena nejnovější podporovaná verze opravy GA automaticky. Aktualizace clusteru se stejným <major.minor> po vytvoření (např. 1.14.x –> 1.14) neaktivuje upgrade, i když je k dispozici novější verze opravy. Při upgradu podporovaného clusteru AKS není možné přeskočit podverze Kubernetes. Všechny upgrady se musí provádět postupně podle čísla hlavní verze. Například upgrady mezi verzemi 1.14.x –> 1.15.x nebo 1.15.x -> 1.16.x jsou povolené, ale verze 1.14.x –> 1.16.x není povolená. Další podrobnosti najdete v upgradu clusteru AKS.
|
|
properties.linuxProfile
|
ContainerServiceLinuxProfile
|
Profil virtuálních počítačů s Linuxem ve spravovaném clusteru.
|
|
properties.maxAgentPools
|
integer
|
Maximální počet fondů agentů pro spravovaný cluster
|
|
properties.metricsProfile
|
ManagedClusterMetricsProfile
|
Volitelná konfigurace metrik clusteru
|
|
properties.networkProfile
|
ContainerServiceNetworkProfile
|
Profil konfigurace sítě.
|
|
properties.nodeResourceGroup
|
string
|
Název skupiny prostředků obsahující uzly fondu agentů.
|
|
properties.nodeResourceGroupProfile
|
ManagedClusterNodeResourceGroupProfile
|
Profil konfigurace skupiny prostředků uzlu
|
|
properties.oidcIssuerProfile
|
ManagedClusterOIDCIssuerProfile
|
Profil vystavitele OIDC spravovaného clusteru.
|
|
properties.podIdentityProfile
|
ManagedClusterPodIdentityProfile
|
Profil identity podu spravovaného clusteru.
Další podrobnosti o integraci identit podů AAD najdete v tématu použití identity podu AAD.
|
|
properties.powerState
|
PowerState
|
Stav napájení clusteru.
|
|
properties.privateFQDN
|
string
|
Plně kvalifikovaný název domény privátního clusteru.
|
|
properties.privateLinkResources
|
PrivateLinkResource[]
|
Prostředky privátního propojení přidružené ke clusteru
|
|
properties.provisioningState
|
string
|
Aktuální stav zřizování.
|
|
properties.publicNetworkAccess
|
PublicNetworkAccess
|
PublicNetworkAccess spravovanéhoclusteru
Povolení nebo odepření přístupu k veřejné síti pro AKS
|
|
properties.resourceUID
|
string
|
Identifikátor resourceUID jednoznačně identifikuje ManagedClusters, které znovu používají ID prostředků ARM (tj. vytvoření, odstranění, vytvoření sekvence).
|
|
properties.securityProfile
|
ManagedClusterSecurityProfile
|
Profil zabezpečení spravovaného clusteru
|
|
properties.serviceMeshProfile
|
ServiceMeshProfile
|
Profil sítě služeb pro spravovaný cluster
|
|
properties.servicePrincipalProfile
|
ManagedClusterServicePrincipalProfile
|
Informace o identitě instančního objektu pro cluster, který se má použít pro manipulaci s rozhraními API Azure.
|
|
properties.storageProfile
|
ManagedClusterStorageProfile
|
Profil úložiště pro spravovaný cluster
|
|
properties.supportPlan
|
KubernetesSupportPlan
|
Plán podpory pro spravovaný cluster. Pokud není zadáno, výchozí hodnota je KubernetesOfficial.
|
|
properties.upgradeSettings
|
ClusterUpgradeSettings
|
Nastavení pro upgrade clusteru
|
|
properties.windowsProfile
|
ManagedClusterWindowsProfile
|
Profil pro virtuální počítače s Windows ve spravovaném clusteru.
|
|
properties.workloadAutoScalerProfile
|
ManagedClusterWorkloadAutoScalerProfile
|
Profil automatického škálování úloh pro spravovaný cluster
|
|
sku
|
ManagedClusterSKU
|
Skladová položka spravovaného clusteru.
|
|
systemData
|
systemData
|
Metadata Azure Resource Manageru obsahující informace createdBy a modifiedBy
|
|
tags
|
object
|
Značky prostředků
|
|
type
|
string
|
Typ prostředku. Například Microsoft.Compute/virtualMachines nebo Microsoft.Storage/storageAccounts
|
ManagedClusterAADProfile
AADProfile určuje atributy pro integraci Azure Active Directory.
| Name |
Typ |
Description |
|
adminGroupObjectIDs
|
string[]
|
Seznam ID objektů skupiny AAD, které budou mít roli správce clusteru.
|
|
clientAppID
|
string
|
(ZASTARALÉ) ID aplikace AAD klienta. Další informace najdete v https://aka.ms/aks/aad-legacy.
|
|
enableAzureRBAC
|
boolean
|
Určuje, jestli chcete povolit Azure RBAC pro autorizaci Kubernetes.
|
|
managed
|
boolean
|
Jestli chcete povolit spravovanou službu AAD.
|
|
serverAppID
|
string
|
(ZASTARALÉ) ID aplikace AAD serveru. Další informace najdete v https://aka.ms/aks/aad-legacy.
|
|
serverAppSecret
|
string
|
(ZASTARALÉ) Tajný klíč aplikace AAD serveru. Další informace najdete v https://aka.ms/aks/aad-legacy.
|
|
tenantID
|
string
|
ID tenanta AAD, které se má použít k ověřování. Pokud není zadaný, použije tenanta předplatného nasazení.
|
ManagedClusterAddonProfile
Profil doplňku Kubernetes pro spravovaný cluster
| Name |
Typ |
Description |
|
config
|
object
|
Páry klíč-hodnota pro konfiguraci doplňku
|
|
enabled
|
boolean
|
Jestli je doplněk povolený, nebo ne.
|
|
identity
|
Identity
|
Informace o identitě přiřazené uživatelem používané tímto doplňkem
|
ManagedClusterAgentPoolProfile
Profil pro fond agentů služby kontejneru
| Name |
Typ |
Default value |
Description |
|
availabilityZones
|
string[]
|
|
Seznam zón dostupnosti, které se mají použít pro uzly. Tuto vlastnost lze zadat pouze v případě, že vlastnost AgentPoolType je VirtualMachineScaleSets.
|
|
capacityReservationGroupID
|
string
|
|
Plně kvalifikované ID prostředku skupiny rezervací kapacity pro poskytování virtuálních počítačů z rezervované skupiny virtuálních počítačů.
AKS přidruží zadaný fond agentů ke skupině rezervace kapacity.
|
|
count
|
integer
|
|
Počet agentů (virtuálních počítačů) pro hostování kontejnerů Dockeru Povolené hodnoty musí být v rozsahu od 0 do 1 000 (včetně) pro fondy uživatelů a v rozsahu od 1 do 1 000 (včetně) pro systémové fondy. Výchozí hodnota je 1.
|
|
creationData
|
CreationData
|
|
CreationData, která se použije k určení ID zdrojového snímku, pokud se fond uzlů vytvoří nebo upgraduje pomocí snímku.
|
|
currentOrchestratorVersion
|
string
|
|
Verze Kubernetes, na které je fond agentů spuštěný.
Pokud je orchestratorVersion plně zadanou verzí <major.minor.patch>, bude toto pole přesně stejné. Pokud je orchestratorVersion <major.minor>, bude toto pole obsahovat úplnou verzi <major.minor.patch> verzi.
|
|
eTag
|
string
|
|
Jedinečný řetězec jen pro čtení, který se používá k implementaci optimistické souběžnosti. Hodnota eTag se změní při aktualizaci prostředku. Zadejte hlavičku if-match nebo if-none-match s hodnotou eTag pro následný požadavek, aby se povolila optimistická souběžnost podle normální konvence značky etag.
|
|
enableAutoScaling
|
boolean
|
|
Povolení automatického škálování
|
|
enableEncryptionAtHost
|
boolean
|
|
Jestli chcete povolit šifrování operačního systému založeného na hostiteli a datové jednotky.
To se podporuje jenom u určitých velikostí virtuálních počítačů a v určitých oblastech Azure. Další informace najdete v tématu: https://docs.microsoft.com/azure/aks/enable-host-encryption
|
|
enableFIPS
|
boolean
|
|
Určuje, jestli se má použít operační systém s podporou FIPS.
Další podrobnosti najdete v tématu Přidání fondu uzlů s podporou FIPS.
|
|
enableNodePublicIP
|
boolean
|
|
Určuje, jestli je každému uzlu přidělena vlastní veřejná IP adresa.
Některé scénáře můžou vyžadovat, aby uzly ve fondu uzlů přijímaly vlastní vyhrazené veřejné IP adresy. Běžným scénářem jsou úlohy hraní her, kdy konzola potřebuje vytvořit přímé připojení ke cloudovému virtuálnímu počítači, aby se minimalizovaly segmenty směrování. Další informace najdete v tématu přiřazení veřejné IP adresy na uzel. Výchozí hodnota je false.
|
|
enableUltraSSD
|
boolean
|
|
Zda povolit UltraSSD
|
|
gpuInstanceProfile
|
GPUInstanceProfile
|
|
GPUInstanceProfile, který se má použít k určení profilu instance GPU MIG pro podporovanou skladovou položku virtuálního počítače GPU.
|
|
hostGroupID
|
string
|
|
Plně kvalifikované ID prostředku vyhrazené skupiny hostitelů pro zřizování virtuálních počítačů, které se používají pouze ve scénáři vytváření, a ne povolené změny po nastavení.
Toto je formulář: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. Další informace najdete v tématu vyhrazených hostitelů Azure.
|
|
kubeletConfig
|
KubeletConfig
|
|
Konfigurace kubeletu uzlů agenta
Konfigurace Kubeletu na uzlech fondu agentů.
|
|
kubeletDiskType
|
KubeletDiskType
|
|
Určuje umístění prázdných svazkůDir, kořen dat modulu runtime kontejneru a dočasné úložiště Kubelet.
|
|
linuxOSConfig
|
LinuxOSConfig
|
|
Konfigurace operačního systému uzlů agenta Linuxu
Konfigurace operačního systému uzlů agenta Linuxu.
|
|
maxCount
|
integer
|
|
Maximální počet uzlů pro automatické škálování
|
|
maxPods
|
integer
|
|
Maximální počet podů, které se dají spustit na uzlu.
|
|
minCount
|
integer
|
|
Minimální počet uzlů pro automatické škálování
|
|
mode
|
AgentPoolMode
|
|
Režim fondu agentů.
Cluster musí mít vždy alespoň jeden fond agentů systému. Další informace o omezeních fondu agentů a osvědčených postupech najdete v tématu: https://docs.microsoft.com/azure/aks/use-system-pools
|
|
name
|
string
|
|
Jedinečný název profilu fondu agentů v kontextu předplatného a skupiny prostředků.
Názvy fondů agentů Systému Windows musí mít 6 znaků nebo méně.
|
|
networkProfile
|
AgentPoolNetworkProfile
|
|
Nastavení fondu agentů souvisejících se sítí
|
|
nodeImageVersion
|
string
|
|
Verze image uzlu
|
|
nodeLabels
|
object
|
|
Popisky uzlů, které se mají uchovávat ve všech uzlech ve fondu agentů.
|
|
nodePublicIPPrefixID
|
string
|
|
ID předpony veřejné IP adresy, ze kterých mají uzly virtuálních počítačů používat IP adresy.
Toto je formulář: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}
|
|
nodeTaints
|
string[]
|
|
Tainty přidané do nových uzlů během vytváření a škálování fondu uzlů Například key=value:NoSchedule.
|
|
orchestratorVersion
|
string
|
|
Verze Kubernetes určená uživatelem
Podporují se obě verze opravy <major.minor.patch> (např. 1.20.13) a <major.minor> (např. 1.20). Při <major.minor> je zvolena nejnovější podporovaná verze opravy GA automaticky. Aktualizace clusteru se stejným <major.minor> po vytvoření (např. 1.14.x –> 1.14) neaktivuje upgrade, i když je k dispozici novější verze opravy. Osvědčeným postupem je upgradovat všechny fondy uzlů v clusteru AKS na stejnou verzi Kubernetes. Verze fondu uzlů musí mít stejnou hlavní verzi jako řídicí rovina. Podverze fondu uzlů musí být ve dvou podverzi verze řídicí roviny. Verze fondu uzlů nemůže být větší než verze řídicí roviny. Další informace najdete v tématu upgradu fondu uzlů.
|
|
osDiskSizeGB
|
integer
|
|
Velikost disku operačního systému v GB, která se má použít k určení velikosti disku pro každý počítač v hlavním fondu nebo fondu agentů. Pokud zadáte hodnotu 0, použije se výchozí velikost disku osDisk podle zadané hodnoty vmSize.
|
|
osDiskType
|
OSDiskType
|
|
Typ disku s operačním systémem, který se má použít pro počítače ve fondu agentů.
Výchozí hodnota je dočasný, pokud virtuální počítač podporuje a má disk mezipaměti větší než požadovaný disk OSDiskSizeGB. V opačném případě se ve výchozím nastavení nastaví spravovaný. Po vytvoření se nemusí změnit. Další informace naleznete v tématu dočasný operační systém.
|
|
osSKU
|
OSSKU
|
|
Určuje skladovou položku operačního systému používanou fondem agentů. Výchozí hodnota je Ubuntu, pokud je OSType Linux. Výchozí hodnota je Windows2019, když Kubernetes <= 1.24 nebo Windows2022, když Kubernetes >= 1.25, pokud je OSType Windows.
|
|
osType
|
OSType
|
Linux
|
Typ operačního systému. Výchozí hodnota je Linux.
|
|
podSubnetID
|
string
|
|
ID podsítě, ke které se pody připojí při spuštění.
Pokud tento parametr vynecháte, IP adresy podů se staticky přiřazují v podsíti uzlu (další podrobnosti najdete v tématu vnetSubnetID). Toto je formulář: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}
|
|
powerState
|
PowerState
|
|
Bez ohledu na to, jestli je fond agentů spuštěný nebo zastavený.
Při prvním vytvoření fondu agentů je spuštěný. Fond agentů lze zastavit nastavením tohoto pole na Zastaveno. Zastavený fond agentů zastaví všechny své virtuální počítače a nenabíhá poplatky za fakturaci. Fond agentů lze zastavit pouze v případě, že je spuštěný a stav zřizování je úspěšný.
|
|
provisioningState
|
string
|
|
Aktuální stav nasazení nebo zřizování.
|
|
proximityPlacementGroupID
|
string
|
|
ID skupiny umístění bezkontaktní komunikace.
|
|
scaleDownMode
|
ScaleDownMode
|
|
Režim vertikálního snížení kapacity, který se použije při škálování fondu agentů.
To také ovlivňuje chování automatického škálování clusteru. Pokud není zadáno, ve výchozím nastavení se odstraní.
|
|
scaleSetEvictionPolicy
|
ScaleSetEvictionPolicy
|
Delete
|
Zásady vyřazení škálovací sady virtuálních počítačů, které se mají použít.
Tuto hodnotu nelze zadat, pokud není scaleSetPriority spot. Pokud není zadáno, výchozí hodnota je Odstranit.
|
|
scaleSetPriority
|
ScaleSetPriority
|
Regular
|
Priorita škálovací sady virtuálních počítačů Pokud není zadáno, výchozí hodnota je Normální.
|
|
securityProfile
|
AgentPoolSecurityProfile
|
|
Nastavení zabezpečení fondu agentů.
|
|
spotMaxPrice
|
number
|
-1
|
Maximální cena (v amerických dolarech) jste ochotni zaplatit za spotové instance. Možné hodnoty jsou desetinná hodnota větší než nula nebo -1 označující výchozí cenu, která má být up-to na vyžádání.
Možné hodnoty jsou desetinná hodnota větší než nula nebo -1, což značí ochotu zaplatit jakoukoli cenu na vyžádání. Další podrobnosti o spotových cenách najdete v tématu cenových spotových virtuálních počítačů.
|
|
tags
|
object
|
|
Značky, které se mají uchovávat ve škálovací sadě virtuálních počítačů fondu agentů.
|
|
type
|
AgentPoolType
|
|
Typ fondu agentů.
|
|
upgradeSettings
|
AgentPoolUpgradeSettings
|
|
Nastavení pro upgrade fondu agentů
|
|
vmSize
|
string
|
|
Velikost virtuálních počítačů fondu agentů.
Dostupnost velikosti virtuálního počítače se liší podle oblasti. Pokud uzel obsahuje nedostatečné výpočetní prostředky (paměť, procesor atd.), nemusí se pody správně spustit. Další podrobnosti o omezených velikostech virtuálních počítačů najdete v tématu: https://docs.microsoft.com/azure/aks/quotas-skus-regions
|
|
vnetSubnetID
|
string
|
|
ID podsítě, ke které se uzly fondu agentů a volitelně pody připojí při spuštění.
Pokud tento parametr nezadáte, vygeneruje a použije se virtuální síť a podsíť. Pokud není zadán žádný podSubnetID, platí to pro uzly a pody, jinak se vztahuje pouze na uzly. Toto je formulář: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}
|
|
windowsProfile
|
AgentPoolWindowsProfile
|
|
Profil konkrétního fondu agentů Windows.
|
|
workloadRuntime
|
WorkloadRuntime
|
|
Určuje typ úlohy, který může uzel spustit.
|
ManagedClusterAPIServerAccessProfile
Přístupový profil pro server rozhraní API spravovaného clusteru
| Name |
Typ |
Description |
|
authorizedIPRanges
|
string[]
|
Rozsahy IP adres autorizovaných pro přístup k serveru rozhraní API Kubernetes.
Rozsahy IP adres jsou zadané ve formátu CIDR, např. 137.117.106.88/29. Tato funkce není kompatibilní s clustery, které používají veřejnou IP adresu na uzel nebo clustery, které používají Load Balancer úrovně Basic. Další informace najdete v tématu rozsahy IP adres autorizovaných serverem rozhraní API.
|
|
disableRunCommand
|
boolean
|
Určuje, jestli chcete zakázat příkaz spustit pro cluster, nebo ne.
|
|
enablePrivateCluster
|
boolean
|
Ať už chcete cluster vytvořit jako privátní cluster, nebo ne.
Další podrobnosti najdete v tématu Vytvoření privátního clusteru AKS.
|
|
enablePrivateClusterPublicFQDN
|
boolean
|
Jestli chcete vytvořit další veřejný plně kvalifikovaný název domény pro privátní cluster, nebo ne.
|
|
privateDNSZone
|
string
|
Režim privátní zóny DNS pro cluster.
Výchozí hodnota je System. Další podrobnosti najdete v tématu konfiguraceprivátní zóny DNS . Povolené hodnoty jsou "system" a "none".
|
ManagedClusterAutoUpgradeProfile
Profil automatického upgradu spravovaného clusteru
ManagedClusterAzureMonitorProfile
Profily doplňků služby Azure Monitor pro monitorování spravovaného clusteru
| Name |
Typ |
Description |
|
metrics
|
ManagedClusterAzureMonitorProfileMetrics
|
Profil metrik pro spravovanou službu Azure Monitor pro doplněk Prometheus Shromážděte předkonfigurované metriky infrastruktury Kubernetes pro odesílání do pracovního prostoru služby Azure Monitor a nakonfigurujte další výstřižky pro vlastní cíle. Přehled najdete v aka.ms/AzureManagedPrometheus.
|
ManagedClusterAzureMonitorProfileKubeStateMetrics
Profil metrik stavu Kube pro doplněk Azure Managed Prometheus Tato volitelná nastavení jsou určená pro pod kube-state-metrics nasazený s doplňkem. Podrobnosti najdete v aka.ms/AzureManagedPrometheus-optional-parameters.
| Name |
Typ |
Description |
|
metricAnnotationsAllowList
|
string
|
Čárkami oddělený seznam klíčů poznámek Kubernetes, které se použijí v metrikě popisků prostředku (příklad: namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],..."). Ve výchozím nastavení metrika obsahuje pouze název prostředku a popisky oboru názvů.
|
|
metricLabelsAllowlist
|
string
|
Čárkami oddělený seznam dalších klíčů popisků Kubernetes, které se použijí v metrice popisků prostředku (příklad: namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). Ve výchozím nastavení metrika obsahuje pouze název prostředku a popisky oboru názvů.
|
ManagedClusterAzureMonitorProfileMetrics
Profil metrik pro spravovanou službu Azure Monitor pro doplněk Prometheus Shromážděte předkonfigurované metriky infrastruktury Kubernetes pro odesílání do pracovního prostoru služby Azure Monitor a nakonfigurujte další výstřižky pro vlastní cíle. Přehled najdete v aka.ms/AzureManagedPrometheus.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Jestli chcete povolit nebo zakázat doplněk Azure Managed Prometheus pro monitorování Prometheus. Podrobnosti o povolení a zakázání najdete v aka.ms/AzureManagedPrometheus-aks-enable.
|
|
kubeStateMetrics
|
ManagedClusterAzureMonitorProfileKubeStateMetrics
|
Profil metrik stavu Kube pro doplněk Azure Managed Prometheus Tato volitelná nastavení jsou určená pro pod kube-state-metrics nasazený s doplňkem. Podrobnosti najdete v aka.ms/AzureManagedPrometheus-optional-parameters.
|
ManagedClusterCostAnalysis
Konfigurace analýzy nákladů pro cluster
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Zda povolit analýzu nákladů
Aby bylo možné tuto funkci povolit, musí být úroveň Spravovaný cluster nastavená na Standard nebo Premium. Povolením této možnosti přidáte podrobnosti o oboru názvů a nasazení Kubernetes do zobrazení analýzy nákladů na webu Azure Portal. Pokud není zadáno, výchozí hodnota je false. Další informace najdete v tématu aka.ms/aks/docs/cost-analysis.
|
ManagedClusterHTTPProxyConfig
Konfigurace proxy serveru HTTP clusteru
| Name |
Typ |
Description |
|
httpProxy
|
string
|
Koncový bod proxy serveru HTTP, který se má použít.
|
|
httpsProxy
|
string
|
Koncový bod proxy serveru HTTPS, který se má použít.
|
|
noProxy
|
string[]
|
Koncové body, které by neměly procházet proxy serverem.
|
|
trustedCa
|
string
|
Alternativní certifikát certifikační autority, který se má použít pro připojení k proxy serverům.
|
ManagedClusterIdentity
Identita spravovaného clusteru
| Name |
Typ |
Description |
|
delegatedResources
|
<string,
DelegatedResource>
|
Prostředky delegovaných identit přiřazené k tomuto spravovanému clusteru. To může nastavit jenom jiný poskytovatel prostředků Azure a spravovaný cluster přijímá pouze jeden delegovaný prostředek identity. Pouze interní použití.
|
|
principalId
|
string
|
ID objektu zabezpečení přiřazené identitou systému, která je používána hlavními komponentami.
|
|
tenantId
|
string
|
ID tenanta identity přiřazené systémem, která je používána hlavními komponentami.
|
|
type
|
ResourceIdentityType
|
Typ identity používané pro spravovaný cluster.
Další informace najdete v tématu použití spravovaných identit v AKS.
|
|
userAssignedIdentities
|
UserAssignedIdentities
|
Identita uživatele přidružená ke spravovanému clusteru. Tato identita se použije v řídicí rovině. Je povolena pouze jedna identita přiřazená uživatelem.
Klíče musí být ID prostředků ARM ve formuláři: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}.
|
ManagedClusterIngressProfile
Profil příchozího přenosu dat pro cluster služby kontejneru.
ManagedClusterIngressProfileWebAppRouting
Nastavení doplňku Směrování aplikací pro profil příchozího přenosu dat.
| Name |
Typ |
Description |
|
dnsZoneResourceIds
|
string[]
|
ID prostředků zón DNS, které se mají přidružit k doplňku Směrování aplikací. Používá se jenom v případech, kdy je povolený doplněk Směrování aplikací. Veřejné a privátní zóny DNS můžou být v různých skupinách prostředků, ale všechny veřejné zóny DNS musí být ve stejné skupině prostředků a všechny privátní zóny DNS musí být ve stejné skupině prostředků.
|
|
enabled
|
boolean
|
Určuje, jestli chcete povolit doplněk Směrování aplikací.
|
|
identity
|
UserAssignedIdentity
|
Spravovaná identita doplňku Směrování aplikací Jedná se o identitu, která by měla mít udělená oprávnění, například ke správě přidruženého prostředku Azure DNS a získání certifikátů ze služby Azure Key Vault. Další pokyny najdete v tomto přehledu doplňku.
|
ManagedClusterLoadBalancerProfile
Profil nástroje pro vyrovnávání zatížení spravovaného clusteru
| Name |
Typ |
Default value |
Description |
|
allocatedOutboundPorts
|
integer
|
0
|
Požadovaný počet přidělených portů SNAT na virtuální počítač. Povolené hodnoty jsou v rozsahu 0 až 64000 (včetně). Výchozí hodnota je 0, což vede k dynamickému přidělování portů v Azure.
|
|
backendPoolType
|
BackendPoolType
|
NodeIPConfiguration
|
Typ spravovaného back-endového fondu služby Load Balancer pro příchozí provoz.
|
|
effectiveOutboundIPs
|
ResourceReference[]
|
|
Efektivní odchozí IP prostředky nástroje pro vyrovnávání zatížení clusteru.
|
|
enableMultipleStandardLoadBalancers
|
boolean
|
|
Povolte více standardních nástrojů pro vyrovnávání zatížení na cluster AKS nebo ne.
|
|
idleTimeoutInMinutes
|
integer
|
30
|
Požadovaný časový limit nečinnosti odchozího toku v minutách Povolené hodnoty jsou v rozsahu 4 až 120 (včetně). Výchozí hodnota je 30 minut.
|
|
managedOutboundIPs
|
ManagedOutboundIPs
|
|
Požadované spravované odchozí IP adresy pro nástroj pro vyrovnávání zatížení clusteru
|
|
outboundIPPrefixes
|
OutboundIPPrefixes
|
|
Požadované prostředky předpony odchozíCH IP adres pro nástroj pro vyrovnávání zatížení clusteru
|
|
outboundIPs
|
OutboundIPs
|
|
Požadované odchozí prostředky IP adresy pro nástroj pro vyrovnávání zatížení clusteru
|
ManagedClusterManagedOutboundIPProfile
Profil spravovaných prostředků odchozíCH IP adres spravovaného clusteru
| Name |
Typ |
Default value |
Description |
|
count
|
integer
|
1
|
Požadovaný počet odchozích IP adres vytvořených nebo spravovaných Azure. Povolené hodnoty musí být v rozsahu od 1 do 16 (včetně). Výchozí hodnota je 1.
|
ManagedClusterMetricsProfile
Profil metrik pro ManagedCluster.
| Name |
Typ |
Description |
|
costAnalysis
|
ManagedClusterCostAnalysis
|
Konfigurace pro podrobnou analýzu nákladů na prostředky Kubernetes
Konfigurace analýzy nákladů pro cluster
|
ManagedClusterNATGatewayProfile
Profil služby NAT Gateway spravovaného clusteru
| Name |
Typ |
Default value |
Description |
|
effectiveOutboundIPs
|
ResourceReference[]
|
|
Efektivní odchozí IP prostředky clusteru NAT Gateway.
|
|
idleTimeoutInMinutes
|
integer
|
4
|
Požadovaný časový limit nečinnosti odchozího toku v minutách Povolené hodnoty jsou v rozsahu 4 až 120 (včetně). Výchozí hodnota je 4 minuty.
|
|
managedOutboundIPProfile
|
ManagedClusterManagedOutboundIPProfile
|
|
Profil spravovaných odchozích IP prostředků služby Cluster NAT Gateway
|
ManagedClusterNodeResourceGroupProfile
Profil uzamčení skupiny prostředků uzlu pro spravovaný cluster
| Name |
Typ |
Description |
|
restrictionLevel
|
RestrictionLevel
|
Úroveň omezení použitá pro skupinu prostředků uzlu clusteru. Pokud není zadáno, je výchozí hodnota Unrestricted (Bez omezení).
|
ManagedClusterOIDCIssuerProfile
Profil vystavitele OIDC spravovaného clusteru.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Určuje, jestli je povolený vystavitel OIDC.
|
|
issuerURL
|
string
|
Adresa URL vystavitele OIDC spravovaného clusteru.
|
ManagedClusterPodIdentity
Podrobnosti o identitě podu přiřazené ke spravovanému clusteru
| Name |
Typ |
Description |
|
bindingSelector
|
string
|
Selektor vazeb, který se má použít pro prostředek AzureIdentityBinding.
|
|
identity
|
UserAssignedIdentity
|
Podrobnosti o identitě přiřazené uživatelem
|
|
name
|
string
|
Název identity podu.
|
|
namespace
|
string
|
Obor názvů identity podu.
|
|
provisioningInfo
|
ProvisioningInfo
|
|
|
provisioningState
|
ManagedClusterPodIdentityProvisioningState
|
Aktuální stav zřizování identity podu.
|
ManagedClusterPodIdentityException
Výjimka identity podu, která umožňuje podům s určitými popisky přistupovat ke koncovému bodu služby Azure Instance Metadata Service (IMDS), aniž by je zachycoval server NMI (Node-Managed Identity).
| Name |
Typ |
Description |
|
name
|
string
|
Název výjimky identity podu.
|
|
namespace
|
string
|
Obor názvů výjimky identity podu.
|
|
podLabels
|
object
|
Popisky podů, které se mají shodovat.
|
ManagedClusterPodIdentityProfile
Profil identity podu spravovaného clusteru.
| Name |
Typ |
Description |
|
allowNetworkPluginKubenet
|
boolean
|
Určuje, jestli se identita podu může spouštět v clusterech se sítěmi Kubenet.
Spuštění ve službě Kubenet je ve výchozím nastavení zakázané kvůli povaze zabezpečení související s identitou podu AAD a rizikům falšování identity IP adres. Další informace najdete v tématu použití síťového modulu plug-in Kubenet s identitou podu AAD.
|
|
enabled
|
boolean
|
Určuje, jestli je povolený doplněk identity podu.
|
|
userAssignedIdentities
|
ManagedClusterPodIdentity[]
|
Identity podů, které se mají použít v clusteru.
|
|
userAssignedIdentityExceptions
|
ManagedClusterPodIdentityException[]
|
Výjimky identity podu, které se mají povolit.
|
ManagedClusterPodIdentityProvisioningError
Odpověď na chybu při zřizování identity podu.
ManagedClusterPodIdentityProvisioningErrorBody
Odpověď na chybu při zřizování identity podu.
| Name |
Typ |
Description |
|
code
|
string
|
Identifikátor chyby. Kódy jsou invariantní a mají být využity programově.
|
|
details
|
ManagedClusterPodIdentityProvisioningErrorBody[]
|
Seznam dalších podrobností o chybě
|
|
message
|
string
|
Zpráva popisující chybu, která má být vhodná pro zobrazení v uživatelském rozhraní.
|
|
target
|
string
|
Cíl konkrétní chyby. Například název vlastnosti v chybě.
|
ManagedClusterPodIdentityProvisioningState
Aktuální stav zřizování identity podu.
| Name |
Typ |
Description |
|
Assigned
|
string
|
|
|
Canceled
|
string
|
|
|
Deleting
|
string
|
|
|
Failed
|
string
|
|
|
Succeeded
|
string
|
|
|
Updating
|
string
|
|
ManagedClusterSecurityProfile
Profil zabezpečení pro cluster služby kontejneru
ManagedClusterSecurityProfileDefender
Nastavení Programu Microsoft Defender pro profil zabezpečení.
| Name |
Typ |
Description |
|
logAnalyticsWorkspaceResourceId
|
string
|
ID prostředku pracovního prostoru služby Log Analytics, který se má přidružit k Programu Microsoft Defender. Pokud je povolený Program Microsoft Defender, je toto pole povinné a musí se jednat o platné ID prostředku pracovního prostoru. Pokud je Program Microsoft Defender zakázaný, nechte pole prázdné.
|
|
securityMonitoring
|
ManagedClusterSecurityProfileDefenderSecurityMonitoring
|
Detekce hrozeb v programu Microsoft Defender pro nastavení cloudu pro profil zabezpečení
|
ManagedClusterSecurityProfileDefenderSecurityMonitoring
Nastavení Programu Microsoft Defender pro detekci hrozeb v profilu zabezpečení
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Jestli povolit detekci hrozeb v defenderu
|
ManagedClusterSecurityProfileImageCleaner
Nástroj Image Cleaner odebere nepoužívané image z uzlů, uvolní místo na disku a pomáhá snížit prostor pro útoky. Tady jsou nastavení profilu zabezpečení.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Zda povolit Nástroj Image Cleaner v clusteru AKS
|
|
intervalHours
|
integer
|
Interval skenování čističe obrázků v hodinách
|
ManagedClusterSecurityProfileWorkloadIdentity
Nastavení identity úlohy pro profil zabezpečení
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Určuje, jestli se má povolit identita úloh.
|
ManagedClusterServicePrincipalProfile
Informace o identitě instančního objektu pro cluster, který se má použít pro manipulaci s rozhraními API Azure.
| Name |
Typ |
Description |
|
clientId
|
string
|
ID instančního objektu.
|
|
secret
|
string
|
Tajné heslo přidružené k instančnímu objektu ve formátu prostého textu.
|
ManagedClusterSKU
Skladová položka spravovaného clusteru.
ManagedClusterSKUName
Název skladové položky spravovaného clusteru
| Name |
Typ |
Description |
|
Base
|
string
|
Základní možnost řídicí roviny AKS
|
ManagedClusterSKUTier
Úroveň skladové položky spravovaného clusteru.
| Name |
Typ |
Description |
|
Free
|
string
|
Správa clusteru je bezplatná, ale účtuje se za využití virtuálních počítačů, úložiště a sítí. Nejvhodnější pro experimentování, učení, jednoduché testování nebo úlohy s méně než 10 uzly. Nedoporučuje se pro případy použití v produkčním prostředí.
|
|
Premium
|
string
|
Cluster má kromě všech funkcí, které jsou součástí standardu, prémiové funkce. Premium umožňuje výběr longTermSupport (aka.ms/aks/lts) pro určité verze Kubernetes.
|
|
Standard
|
string
|
Doporučeno pro klíčové a produkční úlohy. Zahrnuje automatické škálování řídicí roviny Kubernetes, testování náročné na úlohy a až 5 000 uzlů na cluster. Zaručuje 99,95% dostupnost koncového bodu serveru rozhraní Kubernetes API pro clustery, které používají zóny dostupnosti a 99,9% dostupnosti pro clustery, které nepoužívají zóny dostupnosti.
|
ManagedClusterStorageProfile
Profil úložiště pro cluster služby kontejneru.
ManagedClusterStorageProfileBlobCSIDriver
Nastavení ovladače CSI pro AzureBlob pro profil úložiště.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Určuje, jestli chcete povolit ovladač CSI pro AzureBlob. Výchozí hodnota je false.
|
ManagedClusterStorageProfileDiskCSIDriver
Nastavení ovladače CSI disku Azure pro profil úložiště.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Určuje, jestli se má povolit ovladač CSI disku Azure. Výchozí hodnota je true.
|
ManagedClusterStorageProfileFileCSIDriver
Nastavení ovladače CSI služby AzureFile pro profil úložiště.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Určuje, jestli chcete povolit ovladač CSI služby AzureFile. Výchozí hodnota je true.
|
ManagedClusterStorageProfileSnapshotController
Nastavení snapshot Controlleru pro profil úložiště.
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Určuje, jestli chcete povolit snapshot Controller. Výchozí hodnota je true.
|
ManagedClusterWindowsProfile
Profil pro virtuální počítače s Windows ve spravovaném clusteru
| Name |
Typ |
Description |
|
adminPassword
|
string
|
Určuje heslo účtu správce.
Minimální délka: 8 znaků
maximální délka: 123 znaků
požadavky na složitost : 3 z následujících 4 podmínek je potřeba splnit.
Má menší znaky.
Obsahuje horní znaky.
Má číslici.
Má speciální znak (shoda regulárních výrazů [\W_])
nepovolené hodnoty: "abc@123", "P@$$w 0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"
|
|
adminUsername
|
string
|
Určuje název účtu správce.
omezení : Nemůže končit na ""
Nepovolené hodnoty: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5".
minimální délka: 1 znak
maximální délka: 20 znaků
|
|
enableCSIProxy
|
boolean
|
Zda se má povolit proxy rozhraní CSI.
Další podrobnosti o proxy serveru CSI najdete vproxy serveru CSI na GitHubu.
|
|
gmsaProfile
|
WindowsGmsaProfile
|
Profil GMSA windows ve spravovaném clusteru.
|
|
licenseType
|
licenseType
|
Typ licence, který se má použít pro virtuální počítače s Windows. Další podrobnosti najdete v tématu výhody hybridního uživatele Azure.
|
ManagedClusterWorkloadAutoScalerProfile
Profil automatického škálování úloh pro spravovaný cluster
ManagedClusterWorkloadAutoScalerProfileKeda
Nastavení automatického škálování řízeného událostmi Kubernetes pro profil automatického škálování úloh
| Name |
Typ |
Description |
|
enabled
|
boolean
|
Zda se má povolit KEDA.
|
ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler
Nastavení VPA (Vertical Pod Autoscaler) pro profil automatického škálování úloh
| Name |
Typ |
Default value |
Description |
|
enabled
|
boolean
|
False
|
Určuje, jestli se má povolit analyzátor VPA. Výchozí hodnota je false.
|
ManagedOutboundIPs
Požadované spravované odchozí IP adresy pro nástroj pro vyrovnávání zatížení clusteru
| Name |
Typ |
Default value |
Description |
|
count
|
integer
|
1
|
Požadovaný počet odchozích IP adres IPv4 vytvořených nebo spravovaných Azure pro nástroj pro vyrovnávání zatížení clusteru. Povolené hodnoty musí být v rozsahu od 1 do 100 (včetně). Výchozí hodnota je 1.
|
|
countIPv6
|
integer
|
0
|
Požadovaný počet odchozích IP adres IPv6 vytvořených nebo spravovaných Azure pro nástroj pro vyrovnávání zatížení clusteru Povolené hodnoty musí být v rozsahu od 1 do 100 (včetně). Výchozí hodnota je 0 pro jednoskládání a 1 pro duální zásobník.
|
networkDataplane
Síťová rovina dat použitá v clusteru Kubernetes.
| Name |
Typ |
Description |
|
azure
|
string
|
Použijte datové roviny sítě Azure.
|
|
cilium
|
string
|
Použijte datové roviny sítě Cilium. Další informace najdete v tématu Azure CNI Powered by Cilium.
|
networkMode
Síťový režim Azure CNI je nakonfigurovaný.
| Name |
Typ |
Description |
|
bridge
|
string
|
Tato funkce se už nepodporuje.
|
|
transparent
|
string
|
Není vytvořen žádný most. Intra-VM komunikace podu do podu probíhá prostřednictvím tras IP adres vytvořených azure CNI. Další informace najdete v tématu transparentního režimu.
|
NetworkPlugin
Síťový modul plug-in používaný k vytváření sítě Kubernetes.
| Name |
Typ |
Description |
|
azure
|
string
|
Použijte síťový modul plug-in Azure CNI. Další informace najdete v tématu sítě Azure CNI (pokročilé).
|
|
kubenet
|
string
|
Použijte modul plug-in sítě Kubenet. Další informace najdete v tématu sítě Kubenet (basic).
|
|
none
|
string
|
Není předinstalovaný žádný modul plug-in CNI. Další informace najdete v tématu BYO CNI.
|
NetworkPluginMode
Režim síťového modulu plug-in by měl být použit.
| Name |
Typ |
Description |
|
overlay
|
string
|
Používá se s networkPlugin=azure, pody se přidělují IP adresy z adresního prostoru PodCIDR, ale místo metody směrovacích tabulek kubenet používají domény směrování Azure. Další informace naleznete v https://aka.ms/aks/azure-cni-overlay.
|
NetworkPolicy
Zásady sítě používané k vytváření sítě Kubernetes.
| Name |
Typ |
Description |
|
azure
|
string
|
Použijte zásady sítě Azure. Další informace najdete v rozdílech mezi zásadami Azure a Calico.
|
|
calico
|
string
|
Použijte zásady sítě Calico. Další informace najdete v rozdílech mezi zásadami Azure a Calico.
|
|
cilium
|
string
|
Pomocí Cilium vynucujte zásady sítě. To vyžaduje, aby síťDataplane byla cilium.
|
|
none
|
string
|
Zásady sítě nebudou vynuceny. Toto je výchozí hodnota, pokud není zadána hodnota NetworkPolicy.
|
nodeOSUpgradeChannel
Kanál upgradu operačního systému uzlu
| Name |
Typ |
Description |
|
NodeImage
|
string
|
AKS aktualizuje uzly pomocí nově opraveného virtuálního pevného disku obsahujícího opravy zabezpečení a opravy chyb v týdenním tempu. Díky aktualizačním počítačům virtuálního pevného disku se po nastavení údržby a přepětí obnoví image tohoto virtuálního pevného disku. Při výběru této možnosti jako hostitele imagí se neúčtují žádné další náklady na virtuální pevný disk.
|
|
None
|
string
|
Žádný pokus o aktualizaci operačního systému počítačů nebude proveden operačním systémem nebo virtuálními pevnými disky. To znamená, že zodpovídáte za aktualizace zabezpečení.
|
|
SecurityPatch
|
string
|
AKS stáhne a aktualizuje uzly otestovanými aktualizacemi zabezpečení. Tyto aktualizace dodržují nastavení časového období údržby a vytvářejí nový virtuální pevný disk, který se používá na nových uzlech. V některých případech není možné instalovat aktualizace na místě, v takových případech budou stávající uzly také znovu image nově vytvořeného virtuálního pevného disku, aby se změny použily. Tato možnost představuje dodatečné náklady na hostování nových virtuálních pevných disků oprav zabezpečení ve vaší skupině prostředků za pouhých určitou dobu.
|
|
Unmanaged
|
string
|
Aktualizace operačního systému se použijí automaticky prostřednictvím integrované infrastruktury oprav operačního systému. Nově škálované počítače se na začátku nepatchují a v určitém okamžiku se opraví infrastrukturou operačního systému. Chování této možnosti závisí na příslušném operačním systému. Ubuntu a Mariner používají opravy zabezpečení prostřednictvím bezobslužného upgradu zhruba jednou denně kolem 06:00 UTC. Systém Windows nepoužívá opravy zabezpečení automaticky, takže pro ně je tato možnost ekvivalentní žádné, dokud si nebudete moct všimnout.
|
OSDiskType
Typ disku s operačním systémem, který se má použít pro počítače ve fondu agentů.
| Name |
Typ |
Description |
|
Ephemeral
|
string
|
Dočasné disky s operačním systémem se ukládají jenom na hostitelském počítači, stejně jako dočasný disk. To poskytuje nižší latenci čtení a zápisu spolu s rychlejším škálováním uzlů a upgrady clusteru.
|
|
Managed
|
string
|
Azure replikuje disk operačního systému pro virtuální počítač do úložiště Azure, aby se zabránilo ztrátě dat, pokud je potřeba virtuální počítač přemístit na jiného hostitele. Vzhledem k tomu, že kontejnery nejsou navržené tak, aby měly trvalý místní stav, nabízí toto chování omezenou hodnotu a zároveň poskytuje určité nevýhody, včetně pomalejšího zřizování uzlů a vyšší latence čtení a zápisu.
|
OSSKU
Určuje skladovou položku operačního systému používanou fondem agentů. Výchozí hodnota je Ubuntu, pokud je OSType Linux. Výchozí hodnota je Windows2019, když Kubernetes <= 1.24 nebo Windows2022, když Kubernetes >= 1.25, pokud je OSType Windows.
| Name |
Typ |
Description |
|
AzureLinux
|
string
|
Jako operační systém pro image uzlů použijte AzureLinux. Azure Linux je distribuce Linuxu optimalizovaná pro kontejnery vytvořená Microsoftem. Další informace najdete v https://aka.ms/azurelinux.
|
|
CBLMariner
|
string
|
Zastaralá jednotka OSSKU. Microsoft doporučuje, aby nová nasazení zvolila místo toho AzureLinux.
|
|
Ubuntu
|
string
|
Jako operační systém použijte Ubuntu pro image uzlů.
|
|
Windows2019
|
string
|
Jako operační systém pro image uzlů použijte Windows2019. Nepodporované fondy systémových uzlů. Windows2019 podporuje pouze kontejnery Windows2019; Nemůže spouštět kontejnery Windows2022 a naopak.
|
|
Windows2022
|
string
|
Jako operační systém pro image uzlů použijte Windows2022. Nepodporované fondy systémových uzlů. Windows2022 podporuje pouze kontejnery Windows2022; Nemůže spouštět kontejnery Windows2019 a naopak.
|
OSType
Typ operačního systému. Výchozí hodnota je Linux.
| Name |
Typ |
Description |
|
Linux
|
string
|
Použijte Linux.
|
|
Windows
|
string
|
Používejte Windows.
|
OutboundIPPrefixes
Požadované prostředky předpony odchozíCH IP adres pro nástroj pro vyrovnávání zatížení clusteru
| Name |
Typ |
Description |
|
publicIPPrefixes
|
ResourceReference[]
|
Seznam prostředků předpon veřejné IP adresy
|
OutboundIPs
Požadované odchozí prostředky IP adresy pro nástroj pro vyrovnávání zatížení clusteru
| Name |
Typ |
Description |
|
publicIPs
|
ResourceReference[]
|
Seznam prostředků veřejné IP adresy
|
outboundType
Metoda směrování odchozích přenosů (odchozích přenosů).
| Name |
Typ |
Description |
|
loadBalancer
|
string
|
Nástroj pro vyrovnávání zatížení se používá pro výchozí přenos dat prostřednictvím veřejné IP adresy přiřazené službou AKS. To podporuje služby Kubernetes typu loadBalancer. Další informace najdete v tématu vyrovnávání zatížení odchozího typu.
|
|
managedNATGateway
|
string
|
Pro výchozí přenos dat se používá brána NAT spravovaná službou AKS.
|
|
userAssignedNATGateway
|
string
|
Pro výchozí přenos dat se používá brána NAT přiřazená uživatelem přidružená k podsíti clusteru. Jedná se o pokročilý scénář a vyžaduje správnou konfiguraci sítě.
|
|
userDefinedRouting
|
string
|
Cesty výchozího přenosu dat musí být definovány uživatelem. Jedná se o pokročilý scénář a vyžaduje správnou konfiguraci sítě. Další informace naleznete v tématu typ odchozího typu userDefinedRouting.
|
PortRange
Rozsah portů.
| Name |
Typ |
Description |
|
portEnd
|
integer
|
Maximální port, který je součástí rozsahu. Měla by být v rozsahu od 1 do 65535 a měla by být větší nebo rovna portuStart.
|
|
portStart
|
integer
|
Minimální port, který je součástí rozsahu. Měla by být v rozsahu od 1 do 65535 a měla by být menší nebo rovna portuEnd.
|
|
protocol
|
Protocol
|
Síťový protokol portu.
|
PowerState
Popisuje stav napájení clusteru.
| Name |
Typ |
Description |
|
code
|
code
|
Určuje, jestli je cluster spuštěný nebo zastavený.
|
PrivateLinkResource
Prostředek privátního propojení
| Name |
Typ |
Description |
|
groupId
|
string
|
ID skupiny prostředku.
|
|
id
|
string
|
ID prostředku privátního propojení.
|
|
name
|
string
|
Název prostředku privátního propojení.
|
|
privateLinkServiceID
|
string
|
ID služby private link prostředku, toto pole je vystaveno pouze internímu protokolu NRP.
|
|
requiredMembers
|
string[]
|
RequiredMembers prostředku
|
|
type
|
string
|
Typ prostředku.
|
Protocol
Síťový protokol portu.
| Name |
Typ |
Description |
|
TCP
|
string
|
Protokol TCP.
|
|
UDP
|
string
|
Protokol UDP.
|
ProvisioningInfo
PublicNetworkAccess
PublicNetworkAccess spravovanéhoclusteru
| Name |
Typ |
Description |
|
Disabled
|
string
|
|
|
Enabled
|
string
|
|
ResourceIdentityType
Typ identity používané pro spravovaný cluster.
| Name |
Typ |
Description |
|
None
|
string
|
Nepoužívejte spravovanou identitu pro spravovaný cluster, použije se instanční objekt.
|
|
SystemAssigned
|
string
|
Ke správě prostředků clusteru použijte implicitně vytvořenou spravovanou identitu přiřazenou systémem. Hlavní komponenty v řídicí rovině, jako je kube-controller-manager, budou používat spravovanou identitu přiřazenou systémem k manipulaci s prostředky Azure.
|
|
UserAssigned
|
string
|
Ke správě prostředků clusteru použijte identitu zadanou uživatelem. Hlavní komponenty v řídicí rovině, jako je kube-controller-manager, budou používat zadanou spravovanou identitu přiřazenou uživatelem k manipulaci s prostředky Azure.
|
ResourceReference
Odkaz na prostředek Azure
| Name |
Typ |
Description |
|
id
|
string
|
Plně kvalifikované ID prostředku Azure.
|
RestrictionLevel
Úroveň omezení použitá pro skupinu prostředků uzlu clusteru. Pokud není zadáno, je výchozí hodnota Unrestricted (Bez omezení).
| Name |
Typ |
Description |
|
ReadOnly
|
string
|
Oprávnění RBAC povolená pouze pro */čtení ve skupině prostředků spravovaného uzlu
|
|
Unrestricted
|
string
|
Všechna oprávnění RBAC jsou povolená ve skupině prostředků spravovaného uzlu.
|
ScaleDownMode
Popisuje, jak se virtuální počítače přidávají nebo odebírají z fondů agentů. Viz stavy fakturace.
| Name |
Typ |
Description |
|
Deallocate
|
string
|
Pokus o spuštění uvolněných instancí (pokud existují) během vertikálního navýšení kapacity a zrušení přidělení instancí během vertikálního snížení kapacity.
|
|
Delete
|
string
|
Během vertikálního navýšení kapacity můžete vytvářet nové instance a během vertikálního snížení kapacity odebírat instance.
|
ScaleSetEvictionPolicy
Zásady vyřazení škálovací sady virtuálních počítačů
| Name |
Typ |
Description |
|
Deallocate
|
string
|
Uzly v podkladové škálovací sadě fondu uzlů se při vyřazení nastaví na zastavený uvolněný stav. Uzly v zastaveném uvolněném stavu se započítávají do kvóty výpočetních prostředků a můžou způsobovat problémy se škálováním nebo upgradem clusteru.
|
|
Delete
|
string
|
Uzly v podkladové škálovací sadě fondu uzlů se odstraní, když se vyřadí.
|
ScaleSetPriority
Priorita škálovací sady virtuálních počítačů
| Name |
Typ |
Description |
|
Regular
|
string
|
Použijí se běžné virtuální počítače.
|
|
Spot
|
string
|
Použijí se spotové virtuální počítače s prioritou. Pro spotové uzly neexistuje žádná smlouva SLA. Další informace najdete na místě na AKS.
|
ServiceMeshMode
Režim sítě služeb
| Name |
Typ |
Description |
|
Disabled
|
string
|
Síť je zakázaná.
|
|
Istio
|
string
|
Istio nasazený jako doplněk AKS
|
ServiceMeshProfile
Profil sítě služeb pro spravovaný cluster
SysctlConfig
Nastavení sysctl pro uzly agenta Linuxu.
| Name |
Typ |
Description |
|
fsAioMaxNr
|
integer
|
Sysctl setting fs.aio-max-nr.
|
|
fsFileMax
|
integer
|
Sysctl setting fs.file-max.
|
|
fsInotifyMaxUserWatches
|
integer
|
Nastavení sysctl fs.inotify.max_user_watches.
|
|
fsNrOpen
|
integer
|
Nastavení sysctl fs.nr_open.
|
|
kernelThreadsMax
|
integer
|
Sysctl setting kernel.threads-max.
|
|
netCoreNetdevMaxBacklog
|
integer
|
Nastavení sysctl net.core.netdev_max_backlog.
|
|
netCoreOptmemMax
|
integer
|
Nastavení sysctl net.core.optmem_max.
|
|
netCoreRmemDefault
|
integer
|
Nastavení sysctl net.core.rmem_default.
|
|
netCoreRmemMax
|
integer
|
Nastavení sysctl net.core.rmem_max.
|
|
netCoreSomaxconn
|
integer
|
Nastavení sysctl net.core.somaxconn.
|
|
netCoreWmemDefault
|
integer
|
Nastavení sysctl net.core.wmem_default.
|
|
netCoreWmemMax
|
integer
|
Nastavení sysctl net.core.wmem_max.
|
|
netIpv4IpLocalPortRange
|
string
|
Nastavení sysctl net.ipv4.ip_local_port_range.
|
|
netIpv4NeighDefaultGcThresh1
|
integer
|
Nastavení sysctl net.ipv4.neigh.default.gc_thresh1.
|
|
netIpv4NeighDefaultGcThresh2
|
integer
|
Nastavení sysctl net.ipv4.neigh.default.gc_thresh2.
|
|
netIpv4NeighDefaultGcThresh3
|
integer
|
Nastavení sysctl net.ipv4.neigh.default.gc_thresh3.
|
|
netIpv4TcpFinTimeout
|
integer
|
Nastavení sysctl net.ipv4.tcp_fin_timeout.
|
|
netIpv4TcpKeepaliveProbes
|
integer
|
Nastavení sysctl net.ipv4.tcp_keepalive_probes.
|
|
netIpv4TcpKeepaliveTime
|
integer
|
Nastavení sysctl net.ipv4.tcp_keepalive_time.
|
|
netIpv4TcpMaxSynBacklog
|
integer
|
Nastavení sysctl net.ipv4.tcp_max_syn_backlog.
|
|
netIpv4TcpMaxTwBuckets
|
integer
|
Nastavení sysctl net.ipv4.tcp_max_tw_buckets.
|
|
netIpv4TcpTwReuse
|
boolean
|
Nastavení sysctl net.ipv4.tcp_tw_reuse.
|
|
netIpv4TcpkeepaliveIntvl
|
integer
|
Nastavení sysctl net.ipv4.tcp_keepalive_intvl.
|
|
netNetfilterNfConntrackBuckets
|
integer
|
Nastavení sysctl net.netfilter.nf_conntrack_buckets.
|
|
netNetfilterNfConntrackMax
|
integer
|
Nastavení sysctl net.netfilter.nf_conntrack_max.
|
|
vmMaxMapCount
|
integer
|
Nastavení sysctl vm.max_map_count.
|
|
vmSwappiness
|
integer
|
Nastavení sysctl vm.swappiness.
|
|
vmVfsCachePressure
|
integer
|
Nastavení sysctl vm.vfs_cache_pressure.
|
systemData
Metadata týkající se vytvoření a poslední změny prostředku.
| Name |
Typ |
Description |
|
createdAt
|
string
|
Časové razítko vytvoření prostředku (UTC).
|
|
createdBy
|
string
|
Identita, která prostředek vytvořila.
|
|
createdByType
|
createdByType
|
Typ identity, která prostředek vytvořila.
|
|
lastModifiedAt
|
string
|
Časové razítko poslední změny zdroje (UTC)
|
|
lastModifiedBy
|
string
|
Identita, která naposledy změnila prostředek.
|
|
lastModifiedByType
|
createdByType
|
Typ identity, která naposledy změnila prostředek.
|
upgradeChannel
Kanál upgradu pro automatický upgrade. Výchozí hodnota je žádná.
| Name |
Typ |
Description |
|
node-image
|
string
|
Automaticky upgradovat image uzlu na nejnovější dostupnou verzi. Zvažte místo toho použití nodeOSUpgradeChannel, protože umožňuje konfigurovat opravy operačního systému uzlu odděleně od oprav verzí Kubernetes.
|
|
none
|
string
|
Zakáže automatické upgrady a udržuje cluster v aktuální verzi Kubernetes.
|
|
patch
|
string
|
Automaticky upgradujte cluster na nejnovější podporovanou verzi opravy, jakmile bude k dispozici a zachová se stejná podverze. Pokud například cluster používá verzi 1.17.7 a verze 1.17.9, 1.18.4, 1.18.6 a 1.19.1, upgraduje se cluster na verzi 1.17.9.
|
|
rapid
|
string
|
Automaticky upgradujte cluster na nejnovější podporovanou verzi opravy v nejnovější podporované podverzi. V případech, kdy je cluster ve verzi Kubernetes, která je v podverzi N-2, kde N je nejnovější podporovaná podverze, cluster nejprve upgraduje na nejnovější podporovanou verzi opravy v podverzi N-1. Pokud například cluster používá verzi 1.17.7 a verze 1.17.9, 1.18.4, 1.18.6 a 1.19.1, upgraduje se nejprve na verzi 1.18.6 a pak se upgraduje na verzi 1.19.1.
|
|
stable
|
string
|
Automaticky upgradujte cluster na nejnovější podporovanou verzi opravy v podverzi N-1, kde N je nejnovější podporovaná podverze. Pokud například cluster používá verzi 1.17.7 a verze 1.17.9, 1.18.4, 1.18.6 a 1.19.1, upgraduje se cluster na verzi 1.18.6.
|
UpgradeOverrideSettings
Nastavení přepsání při upgradu clusteru
| Name |
Typ |
Description |
|
forceUpgrade
|
boolean
|
Zda chcete vynutit upgrade clusteru. Upozorňujeme, že tato možnost dává operaci upgradu pokyn, aby obešla ochranu upgradu, jako je kontrola zastaralého využití rozhraní API. Tuto možnost povolte pouze s opatrností.
|
|
until
|
string
|
Dokud nebudou přepsání platná. Všimněte si, že to odpovídá pouze počátečnímu času upgradu a efektivita se po spuštění upgradu nezmění ani v případě, že vyprší platnost until v rámci upgradu. Toto pole není ve výchozím nastavení nastavené. Aby se přepsání projevilo, musí být nastavená.
|
UserAssignedIdentities
Identita uživatele přidružená ke spravovanému clusteru. Tato identita se použije v řídicí rovině. Je povolena pouze jedna identita přiřazená uživatelem.
UserAssignedIdentity
Podrobnosti o identitě přiřazené uživatelem
| Name |
Typ |
Description |
|
clientId
|
string
|
ID klienta identity přiřazené uživatelem.
|
|
objectId
|
string
|
ID objektu identity přiřazené uživatelem.
|
|
resourceId
|
string
|
ID prostředku identity přiřazené uživatelem.
|
WindowsGmsaProfile
Profil gMSA windows ve spravovaném clusteru.
| Name |
Typ |
Description |
|
dnsServer
|
string
|
Určuje server DNS pro Systém Windows gMSA.
Pokud jste nakonfigurovali server DNS ve virtuální síti, který se používá k vytvoření spravovaného clusteru, nastavte ho na prázdné.
|
|
enabled
|
boolean
|
Určuje, jestli se má povolit gMSA systému Windows.
Určuje, jestli se má povolit gMSA windows ve spravovaném clusteru.
|
|
rootDomainName
|
string
|
Určuje název kořenové domény pro Windows gMSA.
Pokud jste nakonfigurovali server DNS ve virtuální síti, který se používá k vytvoření spravovaného clusteru, nastavte ho na prázdné.
|
WorkloadRuntime
Určuje typ úlohy, který může uzel spustit.
| Name |
Typ |
Description |
|
OCIContainer
|
string
|
Uzly budou používat Kubelet ke spouštění standardních úloh kontejneru OCI.
|
|
WasmWasi
|
string
|
Uzly budou používat Krustlet ke spouštění úloh WASM pomocí poskytovatele WASI (Preview).
|