Added kata tests.

Author: Bickor

src/azure-cli/azure/cli/command_modules/acs/_consts.py

@@ -250,8 +250,9 @@
 # node provisioning default pools
 CONST_NODE_PROVISIONING_DEFAULT_POOLS_NONE = "None"
 CONST_NODE_PROVISIONING_DEFAULT_POOLS_AUTO = "Auto"
+
 # consts for workloadruntime
-CONST_KATA_VM_ISOLATION = "KataVmIsolation"
+CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION = "KataVmIsolation"
 
 
 # consts for decorator pattern

src/azure-cli/azure/cli/command_modules/acs/_help.py

@@ -709,8 +709,6 @@
     text: az aks create -g MyResourceGroup -n MyManagedCluster --node-provisioning-mode Auto
   - name: Create a kubernetes cluster with auto node provisioning and no default pools.
     text: az aks create -g MyResourceGroup -n MyManagedCluster --node-provisioning-mode Auto --node-provisioning-default-pools None
-  - name: Create a kubernetes cluster with KataMshvVmIsolation enabled.
-    text: az aks create -g MyResourceGroup -n MyManagedCluster --os-sku AzureLinux --vm-size Standard_D4s_v3 --workload-runtime KataMshvVmIsolation --node-count 1
   - name: Create a kubernetes cluster with KataVmIsolation enabled.
     text: az aks create -g MyResourceGroup -n MyManagedCluster --os-sku AzureLinux --vm-size Standard_D4s_v3 --workload-runtime KataVmIsolation --node-count 1
 """
@@ -1845,8 +1843,6 @@
     text: az aks nodepool add -g MyResourceGroup -n nodepool1 --cluster-name MyManagedCluster  --os-sku Ubuntu --pod-subnet-id /subscriptions/SubID/resourceGroups/AnotherResourceGroup/providers/Microsoft.Network/virtualNetworks/MyVnet/subnets/MySubnet --pod-ip-allocation-mode StaticBlock
   - name: create a nodepool of type VirtualMachines
     text: az aks nodepool add -g MyResourceGroup -n MyNodePool --cluster-name MyMC --vm-set-type VirtualMachines --vm-sizes "VMSize1,VMSize2" --node-count 3
-  - name: Create a kubernetes cluster with KataMshvVmIsolation enabled.
-    text: az aks nodepool add -g MyResourceGroup -n MyManagedCluster --os-sku AzureLinux --vm-size Standard_D4s_v3 --workload-runtime KataMshvVmIsolation --node-count 1
   - name: Create a kubernetes cluster with KataVmIsolation enabled.
     text: az aks nodepool add -g MyResourceGroup -n MyManagedCluster --os-sku AzureLinux --vm-size Standard_D4s_v3 --workload-runtime KataVmIsolation --node-count 1
 """

src/azure-cli/azure/cli/command_modules/acs/_params.py

@@ -65,7 +65,8 @@
     CONST_NODE_PROVISIONING_MODE_MANUAL,
     CONST_NODE_PROVISIONING_MODE_AUTO,
     CONST_NODE_PROVISIONING_DEFAULT_POOLS_NONE,
-    CONST_NODE_PROVISIONING_DEFAULT_POOLS_AUTO)
+    CONST_NODE_PROVISIONING_DEFAULT_POOLS_AUTO,
+    CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION)
 from azure.cli.command_modules.acs.azurecontainerstorage._consts import (
     CONST_ACSTOR_ALL,
     CONST_DISK_TYPE_EPHEMERAL_VOLUME_ONLY,
@@ -329,7 +330,7 @@
 ]
 
 workload_runtime_types = [
-    CONST_KATA_VM_ISOLATION,
+    CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION,
 ]
 
 

src/azure-cli/azure/cli/command_modules/acs/agentpool_decorator.py

@@ -1685,6 +1685,22 @@ def get_gateway_prefix_size(self) -> Union[int, None]:
         """
         return self.raw_param.get('gateway_prefix_size')
 
+    def get_workload_runtime(self) -> Union[str, None]:
+        """Obtain the value of workload_runtime, default value is None.
+
+        :return: string or None
+        """
+        # read the original value passed by the command
+        workload_runtime = self.raw_param.get("workload_runtime", None)
+        # try to read the property value corresponding to the parameter from the `mc` object
+        if self.agentpool and self.agentpool.workload_runtime is not None:
+            workload_runtime = self.agentpool.workload_runtime
+
+        # this parameter does not need dynamic completion
+        # this parameter does not need validation
+        return workload_runtime
+
+
 
 class AKSAgentPoolAddDecorator:
     def __init__(

src/azure-cli/azure/cli/command_modules/acs/tests/latest/test_agentpool_decorator.py

@@ -26,6 +26,7 @@
     CONST_VIRTUAL_MACHINES,
     CONST_NETWORK_POD_IP_ALLOCATION_MODE_DYNAMIC_INDIVIDUAL,
     CONST_NETWORK_POD_IP_ALLOCATION_MODE_STATIC_BLOCK,
+    CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION,
     AgentPoolDecoratorMode,
     DecoratorEarlyExitException,
     DecoratorMode,
@@ -1749,6 +1750,21 @@ def get_if_none_match(self):
         )
         self.assertEqual(ctx_3.get_if_none_match(), "")
 
+    def common_get_enable_kata_image(self):
+        # testing new kata naming convention
+        ctx_1 = AKSAgentPoolContext(
+            self.cmd,
+            AKSAgentPoolParamDict({
+                "workload_runtime": CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION,
+            }),
+            self.models,
+            DecoratorMode.CREATE,
+            self.agentpool_decorator_mode,
+        )
+        agentpool_1 = self.create_initialized_agentpool_instance(workload_runtime=CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION)
+        ctx_1.attach_agentpool(agentpool_1)
+        self.assertEqual(ctx_1.get_workload_runtime(), CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION)
+
 class AKSAgentPoolContextStandaloneModeTestCase(AKSAgentPoolContextCommonTestCase):
     def setUp(self):
         self.cli_ctx = MockCLI()
@@ -1968,6 +1984,9 @@ def test_get_gpu_driver(self):
     def test_get_gateway_prefix_size(self):
         self.common_get_gateway_prefix_size()
 
+    def test_common_get_enable_kata_image(self):
+        self.common_get_enable_kata_image()
+
 class AKSAgentPoolContextManagedClusterModeTestCase(AKSAgentPoolContextCommonTestCase):
     def setUp(self):
         self.cli_ctx = MockCLI()
@@ -2154,6 +2173,9 @@ def test_get_if_match(self):
 
     def test_get_if_none_match(self):
         self.get_if_none_match()
+
+    def test_common_get_enable_kata_image(self):
+        self.common_get_enable_kata_image()
 
 class AKSAgentPoolAddDecoratorCommonTestCase(unittest.TestCase):
     def _remove_defaults_in_agentpool(self, agentpool):

src/azure-cli/azure/cli/command_modules/acs/tests/latest/test_aks_commands.py

@@ -28,6 +28,8 @@
 from azure.cli.command_modules.acs.tests.latest.data.certs import CUSTOM_CA_TEST_CERT_STR
 from azure.cli.command_modules.acs.tests.latest.recording_processors import \
     KeyReplacer
+
+from azure.cli.command_modules.acs._consts import CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION
 from azure.cli.command_modules.acs.tests.latest.utils import get_test_data_file_path
 from azure.cli.core.azclierror import ClientRequestError, CLIInternalError
 from azure.cli.testsdk import ScenarioTest, live_only
@@ -2729,124 +2731,98 @@ def test_aks_create_update_fips_flow(self, resource_group, resource_group_locati
             checks=[self.is_empty()],
         )
 
-    # TODO(mheberling): Add kata tests
     @AllowLargeResponse()
     @AKSCustomResourceGroupPreparer(
-        random_name_length=17, name_prefix="clitest", location="westcentralus"
+        random_name_length=17, name_prefix="clitest", location="westus2"
     )
-    def test_aks_create_kata_flow(self, resource_group, resource_group_location):
+    def test_aks_cluster_kata(
+        self, resource_group, resource_group_location
+    ):
         # reset the count so in replay mode the random names will start with 0
         self.test_resources_count = 0
+        # kwargs for string formatting
         aks_name = self.create_random_name("cliakstest", 16)
-        node_pool_name = self.create_random_name("c", 6)
-        # node_pool_name_second = self.create_random_name("c", 6)
         self.kwargs.update(
             {
                 "resource_group": resource_group,
                 "name": aks_name,
                 "dns_name_prefix": self.create_random_name("cliaksdns", 16),
                 "location": resource_group_location,
                 "resource_type": "Microsoft.ContainerService/ManagedClusters",
-                "node_pool_name": node_pool_name,
-                # "node_pool_name_second": node_pool_name_second,
-                # "ssh_key_value": self.generate_ssh_keys(),
+                "workload_runtime": CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION,
+                "ssh_key_value": self.generate_ssh_keys(),
             }
         )
 
-        # 1. create
+        # create
         create_cmd = (
             "aks create --resource-group={resource_group} --name={name} --location={location} "
-            "--nodepool-name {node_pool_name} --os-sku AzureLinux --node-count 1 --workload-runtime KataVmIsolation "
-            "--vm-size Standard_D4s_v3"
-            # "--ssh-key-value={ssh_key_value} "
-            # '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/MutableFipsPreview '
-            # "--enable-fips-image"
+            "--os-sku AzureLinux --workload-runtime {workload_runtime} --node-count 1 "
+            "--ssh-key-value={ssh_key_value} --node-vm-size Standard_D4s_v3"
         )
         self.cmd(
             create_cmd,
             checks=[
+                self.exists("fqdn"),
+                self.exists("nodeResourceGroup"),
                 self.check("provisioningState", "Succeeded"),
-                self.check("agentPoolProfiles[0].enableFips", True),
-            ],
-        )
-
-        # verify no flag no change
-        self.cmd(
-            "aks nodepool update --resource-group={resource_group} --cluster-name={name} --name={node_pool_name} "
-            '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/MutableFipsPreview',
-            checks=[
-                self.check("provisioningState", "Succeeded"),
-                self.check("enableFips", True),
-            ],
-        )
-
-        # verify same update no change
-        self.cmd(
-            "aks nodepool update --resource-group={resource_group} --cluster-name={name} --name={node_pool_name} "
-            '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/MutableFipsPreview '
-            "--enable-fips-image",
-            checks=[
-                self.check("provisioningState", "Succeeded"),
-                self.check("enableFips", True),
+                self.check("agentPoolProfiles[0].workloadRuntime", CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION),
             ],
         )
 
-        # update nodepool1 to disable
+        # delete
         self.cmd(
-            "aks nodepool update --resource-group={resource_group} --cluster-name={name} --name={node_pool_name} "
-            '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/MutableFipsPreview '
-            "--disable-fips-image",
-            checks=[
-                self.check("provisioningState", "Succeeded"),
-                self.check("enableFips", False),
-            ],
+            "aks delete -g {resource_group} -n {name} --yes --no-wait",
+            checks=[self.is_empty()],
         )
 
-        # 2. add nodepool2
-        self.cmd(
-            "aks nodepool add "
-            "--resource-group={resource_group} "
-            "--cluster-name={name} "
-            "--name={node_pool_name_second} "
-            "--os-type Linux "
-            '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/MutableFipsPreview ',
-            checks=[
-                self.check("provisioningState", "Succeeded"),
-                self.check("enableFips", False),
-            ],
+    @AllowLargeResponse()
+    @AKSCustomResourceGroupPreparer(
+        random_name_length=17, name_prefix="clitest", location="westus2"
+    )
+    def test_aks_nodepool_add_with_kata(
+        self, resource_group, resource_group_location
+    ):
+        # reset the count so in replay mode the random names will start with 0
+        self.test_resources_count = 0
+        # kwargs for string formatting
+        aks_name = self.create_random_name("cliakstest", 16)
+        node_pool_name = self.create_random_name('c', 6)
+        node_pool_name_second = self.create_random_name('c', 6)
+        self.kwargs.update(
+            {
+                "resource_group": resource_group,
+                "name": aks_name,
+                "node_pool_name": node_pool_name,
+                "node_pool_name_second": node_pool_name_second,
+                "location": resource_group_location,
+                "resource_type": "Microsoft.ContainerService/ManagedClusters",
+                "workload_runtime": CONST_WORKLOAD_RUNTIME_KATA_VM_ISOLATION,
+                "ssh_key_value": self.generate_ssh_keys(),
+            }
         )
 
-        # verify no flag no change
-        self.cmd(
-            "aks nodepool update --resource-group={resource_group} --cluster-name={name} --name={node_pool_name_second} "
-            '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/MutableFipsPreview',
-            checks=[
-                self.check("provisioningState", "Succeeded"),
-                self.check("enableFips", False),
-            ],
+        # create
+        create_cmd = (
+                "aks create --resource-group={resource_group} --name={name} "
+                "--nodepool-name {node_pool_name} -c 1 --ssh-key-value={ssh_key_value}"
         )
+        self.cmd(create_cmd, checks=[
+            self.check('provisioningState', 'Succeeded'),
+        ])
 
-        # verify same update no change
-        self.cmd(
-            "aks nodepool update --resource-group={resource_group} --cluster-name={name} --name={node_pool_name_second} "
-            '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/MutableFipsPreview '
-            "--disable-fips-image",
-            checks=[
-                self.check("provisioningState", "Succeeded"),
-                self.check("enableFips", False),
-            ],
+        # nodepool update with kata
+        update_cmd = (
+                "aks nodepool add --cluster-name={name} --resource-group={resource_group} "
+                "--name={node_pool_name_second} --os-sku AzureLinux "
+                "--workload-runtime KataVmIsolation --node-vm-size Standard_D4s_v3"
         )
 
-        # update nodepool2 to enable
         self.cmd(
-            "aks nodepool update --resource-group={resource_group} --cluster-name={name} --name={node_pool_name_second} "
-            "--nodepool-name {node_pool_name} --os-sku AzureLinux --node-count 1 --workload-runtime KataVmIsolation "
-            "--vm-size Standard_D4s_v3"
-            # '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/MutableFipsPreview '
-            # "--enable-fips-image",
+            update_cmd,
             checks=[
                 self.check("provisioningState", "Succeeded"),
-                self.check("enableFips", True),
+                self.check("workloadRuntime", "KataVmIsolation"),
             ],
         )
 

src/azure-cli/azure/cli/command_modules/acs/tests/latest/test_managed_cluster_decorator.py

@@ -6291,7 +6291,6 @@ def test_set_up_agentpool_profile(self):
                 "enable_encryption_at_host": True,
                 "enable_ultra_ssd": True,
                 "enable_fips_image": True,
-                # TODO(mheberling): Add kata?
                 "message_of_the_day": get_test_data_file_path("invalidconfig.json"),
                 "kubelet_config": None,
                 "linux_os_config": None,