Add BYO CNI cluster automation to hack/aks/Makefile #3846
Conversation
Co-authored-by: vipul-21 <[email protected]>
Co-authored-by: vipul-21 <[email protected]>
| CNS_VERSION=v1.6.0 \ | ||
| CILIUM_DIR=1.16 \ | ||
| CILIUM_VERSION_TAG=v1.16.5 \ | ||
| CILIUM_IMAGE_REGISTRY=mcr.microsoft.com/containernetworking |
There was a problem hiding this comment.
add node vm sku as parameter
There was a problem hiding this comment.
Added VM_SIZE as a configurable parameter for BYO CNI cluster automation. It's now documented in the configuration section and included in the customization examples. Commit 7269168
hack/aks/README.md
Outdated
|
|
||
| ### Available Configuration | ||
|
|
||
| - `CNI_TYPE`: cilium (default) - Future CNI types can be added |
There was a problem hiding this comment.
add option for azurecni. if azurecni specified, network-plugin should be azure and should remove network-dataplane cilium field
There was a problem hiding this comment.
Added azurecni as a supported CNI_TYPE option. When azurecni is specified, the automation uses overlay-up target which creates clusters with --network-plugin azure (without the cilium dataplane). Updated validation logic and documentation with examples. Commit 7269168
| - `CNI_TYPE`: cilium (default) - Future CNI types can be added | ||
| - `CNS_VERSION`: CNS version to deploy (default: v1.5.38) | ||
| - `AZURE_IPAM_VERSION`: Azure IPAM version (default: v0.3.0) | ||
| - `CNS_IMAGE_REPO`: CNS image repository - MCR or ACR (default: MCR) |
There was a problem hiding this comment.
based on image repo, can cns/cilium image path be constructed
There was a problem hiding this comment.
Enhanced documentation to clarify the relationship between image repositories and image paths. Added examples showing different registry configurations (MCR vs ACR vs custom) and improved the variable display to show how CNS_IMAGE_REPO affects CNS image paths while CILIUM_IMAGE_REGISTRY controls Cilium images. Commit 7269168
…documentation Co-authored-by: tamilmani1989 <[email protected]>
There was a problem hiding this comment.
Pull Request Overview
This PR adds comprehensive automation for creating BYO (Bring Your Own) CNI clusters with Azure CNS deployment to the existing hack/aks/Makefile. The implementation provides a streamlined workflow for setting up complete clusters with either Cilium or Azure CNI configurations.
Key changes include:
- New orchestrator target
byocni-cluster-upthat automates the complete 3-step workflow - Comprehensive configuration variables with sensible defaults for CNS and Cilium deployment
- Support for both Cilium and Azure CNI deployment paths with validation
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| hack/aks/Makefile | Adds new make targets for BYO CNI cluster automation with configuration variables and deployment logic |
| hack/aks/README.md | Updated documentation with usage examples, configuration options, and workflow descriptions |
| else | ||
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-config/cilium-config.yaml | ||
| endif | ||
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-operator/files |
There was a problem hiding this comment.
The path 'cilium-operator/files' appears to be a directory being applied as a file. This should likely be 'cilium-operator/files/' with trailing slash or use '-f' with '--recursive' flag, or specify individual YAML files.
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-operator/files | |
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-operator/files/ |
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-operator/files | ||
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-agent/files |
There was a problem hiding this comment.
The path 'cilium-agent/files' appears to be a directory being applied as a file. This should likely be 'cilium-agent/files/' with trailing slash or use '-f' with '--recursive' flag, or specify individual YAML files.
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-operator/files | |
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-agent/files | |
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-operator/files --recursive | |
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-agent/files --recursive |
| endif | ||
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-operator/files | ||
| kubectl apply -f $(REPO_ROOT)/test/integration/manifests/cilium/v$(CILIUM_DIR)/cilium-agent/files | ||
| @export CILIUM_VERSION_TAG=$(CILIUM_VERSION_TAG) && \ |
There was a problem hiding this comment.
[nitpick] The complex multi-line export and envsubst command should be broken into separate variables or a shell script for better readability and maintainability. Consider defining the environment variables at the target level or using a helper script.
| Create a BYO CNI cluster with Azure CNI: | ||
| ```bash | ||
| make byocni-cluster-up CLUSTER=my-cluster SUB=<subscription-id> CNI_TYPE=azurecni |
There was a problem hiding this comment.
The example for Azure CNI deployment is misleading. Based on the Makefile logic, Azure CNI uses the 'overlay-up' target which creates a cluster with Azure CNI pre-configured, but the example suggests it's a BYO CNI setup like Cilium.
| Create a BYO CNI cluster with Azure CNI: | |
| ```bash | |
| make byocni-cluster-up CLUSTER=my-cluster SUB=<subscription-id> CNI_TYPE=azurecni | |
| Create a cluster with Azure CNI pre-configured: | |
| ```bash | |
| make overlay-up CLUSTER=my-cluster SUB=<subscription-id> |
This PR adds comprehensive automation for creating BYO (Bring Your Own) CNI clusters with Azure CNS deployment to the existing
hack/aks/Makefile, addressing the need for streamlined cluster setup workflows.Overview
The implementation adds new make targets that orchestrate the complete 3-step workflow:
overlay-byocni-nokubeproxy-uptargettest-loadtarget with CNS-specific parameterstest/integration/manifests/cilium/with template substitutionNew Make Targets
byocni-cluster-up: Main orchestrator that automates complete cluster setupdeploy-cns: Deploy CNS usingsudo -E env "PATH=$PATH" make test-load CNS_ONLY=true ...deploy-cilium: Deploy Cilium using manifests withenvsubsttemplate substitutionbyocni-cluster-vars: Display all configuration variables with examplesvalidate-cni-type: Validate CNI type before cluster creationConfiguration Variables
All parameters are configurable with sensible defaults:
CNI_TYPE: cilium (default), extensible for future CNI typesCNS_VERSION: v1.5.38 (default)AZURE_IPAM_VERSION: v0.3.0 (default)CNS_IMAGE_REPO: MCR (default)CILIUM_DIR: 1.14 (default), supports 1.12, 1.13, 1.14, 1.16, 1.17CILIUM_VERSION_TAG: v1.14.8 (default)CILIUM_IMAGE_REGISTRY: acnpublic.azurecr.io (default)IPV6_HP_BPF_VERSION: v0.0.3 (default)DUALSTACK: false (default), enables dual-stack Cilium configurationUsage Examples
Basic usage:
Custom configuration:
make byocni-cluster-up \ CLUSTER=my-cilium-cluster \ SUB=<subscription-id> \ CNS_VERSION=v1.6.0 \ CILIUM_DIR=1.16 \ CILIUM_VERSION_TAG=v1.16.5 \ DUALSTACK=trueView configuration:
Key Features
envsubstImplementation Approach
This implementation follows the feedback to update the existing Makefile rather than creating a new script, providing:
Files Modified
hack/aks/Makefile: Added new targets and configuration variableshack/aks/README.md: Updated documentation with usage examples and configuration detailsFixes #3773.
💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.