Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AKS managed NAT gateway nat_gateway_profile is missing the zone parameter #27289

Closed
1 task done
zioproto opened this issue Sep 5, 2024 · 3 comments
Closed
1 task done

AKS managed NAT gateway nat_gateway_profile is missing the zone parameter #27289

zioproto opened this issue Sep 5, 2024 · 3 comments
Labels
enhancement service/kubernetes-cluster v/4.x

Comments

@zioproto
Copy link
Contributor

zioproto commented Sep 5, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.95

AzureRM Provider Version

4.0.1

Affected Resource(s)/Data Source(s)

azurerm_kubernetes_cluster

Terraform Configuration Files

n/a

Debug Output/Panic Output

N/A

Expected Behaviour

The nat_gateway_profile block implementation done in 2021 in PR #14142
missed the "zone" parameter in the API.

Product documentation:
https://learn.microsoft.com/en-us/azure/aks/nat-gateway

Actual Behaviour

No response

Steps to Reproduce

No response

Important Factoids

No response

References

No response
@github-actions github-actions bot added the v/4.x label Sep 5, 2024
@zioproto
Copy link
Contributor Author

zioproto commented Sep 5, 2024

Especially for clusters created in 1 specific zone, you want to be able to control that the managed NAT Gateway is created in the same zone as well. Otherwise you are increasing the risk of an incident, in case the either the zone of the NAT Gateway or the zone of the AKS cluster has an issue.

@rlaveycal rlaveycal mentioned this issue Sep 5, 2024
Closed
1 task
@zioproto
Copy link
Contributor Author

zioproto commented Sep 5, 2024

It might be the documentation that is misleading:
https://learn.microsoft.com/en-us/azure/aks/nat-gateway#create-an-aks-cluster-with-a-managed-nat-gateway

Screenshot 2024-09-05 at 18 08 07

This --zones parameter seems to do not exist in the ManagedClusterNATGatewayProfile. So probably it is referring to the cluster zones ? But what happens then when we pass --zones 1 2 3 ?

https://github.com/Azure/azure-rest-api-specs-pr/blob/bd2d190bc2aad1e8b30c1ffa8aea94f2d4715b76/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-07-01/managedClusters.json#L4402-L4426

@zioproto
Copy link
Contributor Author

zioproto commented Sep 9, 2024

Closing this one because it is not actionable on the Terraform side, given the API limitation. I will be following up with the AKS product team to double check the documentation of the product.

@zioproto zioproto closed this as completed Sep 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement service/kubernetes-cluster v/4.x
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zioproto @mybayern1974