AKS: NetworkProfile / Advanced Networking

azurerm/data_source_kubernetes_cluster.go

@@ -161,6 +161,39 @@ func dataSourceArmKubernetesCluster() *schema.Resource {
 				},
 			},
 
+			"network_profile": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"network_plugin": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+
+						"service_cidr": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+
+						"dns_service_ip": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+
+						"docker_bridge_cidr": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+
+						"pod_cidr": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+
 			"tags": tagsForDataSourceSchema(),
 		},
 	}
@@ -217,6 +250,12 @@ func dataSourceArmKubernetesClusterRead(d *schema.ResourceData, meta interface{}
 		}
 	}
 
+	networkProfile := flattenKubernetesClusterDataSourceNetworkProfile(resp.NetworkProfile)
+
+	if err := d.Set("network_profile", networkProfile); err != nil {
+		return fmt.Errorf("Error setting `network_profile`: %+v", err)
+	}
+
 	kubeConfigRaw, kubeConfig := flattenKubernetesClusterDataSourceAccessProfile(&profile)
 	d.Set("kube_config_raw", kubeConfigRaw)
 
@@ -350,3 +389,27 @@ func flattenKubernetesClusterDataSourceKubeConfig(config kubernetes.KubeConfig)
 
 	return []interface{}{values}
 }
+
+func flattenKubernetesClusterDataSourceNetworkProfile(profile *containerservice.NetworkProfile) []interface{} {
+	values := make(map[string]interface{})
+
+	values["network_plugin"] = profile.NetworkPlugin
+
+	if profile.ServiceCidr != nil {
+		values["service_cidr"] = *profile.ServiceCidr
+	}
+
+	if profile.DNSServiceIP != nil {
+		values["dns_service_ip"] = *profile.DNSServiceIP
+	}
+
+	if profile.DockerBridgeCidr != nil {
+		values["docker_bridge_cidr"] = *profile.DockerBridgeCidr
+	}
+
+	if profile.PodCidr != nil {
+		values["pod_cidr"] = *profile.PodCidr
+	}
+
+	return []interface{}{values}
+}

azurerm/data_source_kubernetes_cluster_test.go

@@ -62,6 +62,34 @@ func TestAccDataSourceAzureRMKubernetesCluster_internalNetwork(t *testing.T) {
 	})
 }
 
+func TestAccDataSourceAzureRMKubernetesCluster_advancedNetworking(t *testing.T) {
+	dataSourceName := "data.azurerm_kubernetes_cluster.test"
+	ri := acctest.RandInt()
+	clientId := os.Getenv("ARM_CLIENT_ID")
+	clientSecret := os.Getenv("ARM_CLIENT_SECRET")
+	location := testLocation()
+	config := testAccDataSourceAzureRMKubernetesCluster_advancedNetworking(ri, clientId, clientSecret, location)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testCheckAzureRMKubernetesClusterDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: config,
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMKubernetesClusterExists(dataSourceName),
+					resource.TestCheckResourceAttrSet(dataSourceName, "agent_pool_profile.0.vnet_subnet_id"),
+					resource.TestCheckResourceAttrSet(dataSourceName, "network_profile.0.network_plugin"),
+					resource.TestCheckResourceAttrSet(dataSourceName, "network_profile.0.dns_service_ip"),
+					resource.TestCheckResourceAttrSet(dataSourceName, "network_profile.0.docker_bridge_cidr"),
+					resource.TestCheckResourceAttrSet(dataSourceName, "network_profile.0.service_cidr"),
+				),
+			},
+		},
+	})
+}
+
 func testAccDataSourceAzureRMKubernetesCluster_basic(rInt int, clientId string, clientSecret string, location string) string {
 	resource := testAccAzureRMKubernetesCluster_basic(rInt, clientId, clientSecret, location)
 	return fmt.Sprintf(`
@@ -85,3 +113,15 @@ data "azurerm_kubernetes_cluster" "test" {
 }
 `, resource)
 }
+
+func testAccDataSourceAzureRMKubernetesCluster_advancedNetworking(rInt int, clientId string, clientSecret string, location string) string {
+	resource := testAccAzureRMKubernetesCluster_advancedNetworking(rInt, clientId, clientSecret, location)
+	return fmt.Sprintf(`
+%s
+
+data "azurerm_kubernetes_cluster" "test" {
+  name                = "${azurerm_kubernetes_cluster.test.name}"
+  resource_group_name = "${azurerm_kubernetes_cluster.test.resource_group_name}"
+}
+`, resource)
+}

azurerm/resource_arm_kubernetes_cluster.go

@@ -209,6 +209,48 @@ func resourceArmKubernetesCluster() *schema.Resource {
 				Set: resourceAzureRMKubernetesClusterServicePrincipalProfileHash,
 			},
 
+			"network_profile": {
+				Type:     schema.TypeList,
+				Optional: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+
+						"network_plugin": {
+							Type:     schema.TypeString,
+							Default:  "azure",
+							Optional: true,
+							ForceNew: true,
+						},
+
+						"service_cidr": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+
+						"dns_service_ip": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+
+						"docker_bridge_cidr": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+
+						"pod_cidr": {
+							Type:     schema.TypeString,
+							Default:  "10.244.0.0/24",
+							Optional: true,
+							ForceNew: true,
+						},
+					},
+				},
+			},
+
 			"tags": tagsSchema(),
 		},
 	}
@@ -229,6 +271,7 @@ func resourceArmKubernetesClusterCreate(d *schema.ResourceData, meta interface{}
 	linuxProfile := expandAzureRmKubernetesClusterLinuxProfile(d)
 	agentProfiles := expandAzureRmKubernetesClusterAgentProfiles(d)
 	servicePrincipalProfile := expandAzureRmKubernetesClusterServicePrincipal(d)
+	networkProfile := expandAzureRmKubernetesClusterNetworkProfile(d)
 
 	tags := d.Get("tags").(map[string]interface{})
 
@@ -241,6 +284,7 @@ func resourceArmKubernetesClusterCreate(d *schema.ResourceData, meta interface{}
 			KubernetesVersion:       &kubernetesVersion,
 			LinuxProfile:            &linuxProfile,
 			ServicePrincipalProfile: servicePrincipalProfile,
+			NetworkProfile:          networkProfile,
 		},
 		Tags: expandTags(tags),
 	}
@@ -324,6 +368,12 @@ func resourceArmKubernetesClusterRead(d *schema.ResourceData, meta interface{})
 		}
 	}
 
+	networkProfile := flattenKubernetesClusterDataSourceNetworkProfile(resp.NetworkProfile)
+
+	if err := d.Set("network_profile", networkProfile); err != nil {
+		return fmt.Errorf("Error setting `network_profile`: %+v", err)
+	}
+
 	kubeConfigRaw, kubeConfig := flattenAzureRmKubernetesClusterAccessProfile(&profile)
 	d.Set("kube_config_raw", kubeConfigRaw)
 
@@ -469,6 +519,30 @@ func flattenAzureRmKubernetesClusterAccessProfile(profile *containerservice.Mana
 	return nil, []interface{}{}
 }
 
+func flattenAzureRmKubernetesClusterNetworkProfile(profile *containerservice.NetworkProfile) []interface{} {
+	values := make(map[string]interface{})
+
+	values["network_plugin"] = profile.NetworkPlugin
+
+	if profile.ServiceCidr != nil {
+		values["service_cidr"] = *profile.ServiceCidr
+	}
+
+	if profile.DNSServiceIP != nil {
+		values["dns_service_ip"] = *profile.DNSServiceIP
+	}
+
+	if profile.DockerBridgeCidr != nil {
+		values["docker_bridge_cidr"] = *profile.DockerBridgeCidr
+	}
+
+	if profile.PodCidr != nil {
+		values["pod_cidr"] = *profile.PodCidr
+	}
+
+	return []interface{}{values}
+}
+
 func flattenKubernetesClusterKubeConfig(config kubernetes.KubeConfig) []interface{} {
 	values := make(map[string]interface{})
 
@@ -566,6 +640,31 @@ func expandAzureRmKubernetesClusterAgentProfiles(d *schema.ResourceData) []conta
 	return profiles
 }
 
+func expandAzureRmKubernetesClusterNetworkProfile(d *schema.ResourceData) *containerservice.NetworkProfile {
+	configs := d.Get("network_profile").([]interface{})
+	if len(configs) == 0 {
+		return nil
+	}
+
+	config := configs[0].(map[string]interface{})
+
+	dnsServiceIP := config["dns_service_ip"].(string)
+	dockerBridgeCidr := config["docker_bridge_cidr"].(string)
+	networkPlugin := config["network_plugin"].(string)
+	podCidr := config["pod_cidr"].(string)
+	serviceCidr := config["service_cidr"].(string)
+
+	networkProfile := containerservice.NetworkProfile{
+		DNSServiceIP:     utils.String(dnsServiceIP),
+		DockerBridgeCidr: utils.String(dockerBridgeCidr),
+		NetworkPlugin:    containerservice.NetworkPlugin(networkPlugin),
+		PodCidr:          utils.String(podCidr),
+		ServiceCidr:      utils.String(serviceCidr),
+	}
+
+	return &networkProfile
+}
+
 func resourceAzureRMKubernetesClusterServicePrincipalProfileHash(v interface{}) int {
 	var buf bytes.Buffer