[AKS] az aks upgrade: Skip Machines mode agent pools during node image and Kubernetes version upgrade#33693
[AKS] az aks upgrade: Skip Machines mode agent pools during node image and Kubernetes version upgrade#33693xuexu6666 wants to merge 2 commits into
az aks upgrade: Skip Machines mode agent pools during node image and Kubernetes version upgrade#33693Conversation
Port Azure/azure-cli-extensions#9916 into the core acs module: az aks upgrade now skips Machines mode agent pools during --node-image-only and Kubernetes version upgrade (they do not support these operations at the agent pool level), instead of surfacing the raw RP OperationNotAllowed error. Adds unit tests and a HISTORY entry.
️✔️AzureCLI-FullTest
|
️✔️AzureCLI-BreakingChangeTest
|
There was a problem hiding this comment.
Pull request overview
Ports the AKS upgrade fix from aks-preview into the core acs module so az aks upgrade avoids RP OperationNotAllowed errors by skipping Machines-mode agent pools during node-image-only and Kubernetes version upgrades.
Changes:
- Skip Machines-mode agent pools during
az aks upgrade --node-image-only, logging a warning instead of calling node image upgrade on unsupported pools. - Skip Machines-mode agent pools during “upgrade all nodepools” Kubernetes version upgrades, logging a warning instead of setting
orchestrator_version. - Add unit tests covering both skip paths, and document the behavior in
HISTORY.rst.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| src/azure-cli/HISTORY.rst | Documents the new skip behavior for az aks upgrade. |
| src/azure-cli/azure/cli/command_modules/acs/custom.py | Implements Machines-mode pool skipping for node-image-only and Kubernetes version upgrades with warnings. |
| src/azure-cli/azure/cli/command_modules/acs/_consts.py | Introduces a constant for the Machines nodepool mode string. |
| src/azure-cli/azure/cli/command_modules/acs/tests/latest/test_custom.py | Adds unit tests to ensure Machines-mode pools are not upgraded in either path. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
AKS |
|
|
||
| **AKS** | ||
|
|
||
| * `az aks upgrade`: Skip Machines mode agent pools during `--node-image-only` and Kubernetes version upgrade, which do not support these operations, instead of surfacing the raw RP OperationNotAllowed error |
There was a problem hiding this comment.
Please avoid adding release history here manually, it will automatically use the PR title or description as the history note.
|
Please also follow the guidance https://github.com/Azure/azure-cli/tree/dev/doc/authoring_command_modules#submitting-pull-requests to update your PR title, use |
… HISTORY - Make the Machines-mode comparison case-insensitive and None-safe in both the --node-image-only and Kubernetes version upgrade loops (per reviewer). - Remove the manually-added HISTORY.rst entry; the release note is generated from the PR title/description.
az aks upgrade: Skip Machines mode agent pools during node image and Kubernetes version upgrade
Related command
az aks upgradeDescription
Port of Azure/azure-cli-extensions#9916 (already merged for
aks-preview) into the coreacsmodule, so the GAaz aksCLI gets the same fix.az aks upgradenow skips Machines mode agent pools during both--node-image-onlyand Kubernetes version upgrade, logging a warning, instead of surfacing the raw RP error:Machines mode pools (e.g. the hidden
aksmanagedappool on NAP / Automatic clusters) are containers of individual machines whose lifecycle is managed via the machine API; they do not support pool-level node-image or Kubernetes version upgrade.Why the GA CLI is affected
Machinesis a preview-only agent-pool mode, butmodeismodelAsString, so the RP still returns theaksmanagedappool withmode: "Machines"even on stable/GA api-versions. The GAaz aks upgrade --node-image-onlyloop therefore iterates it and callsupgradeNodeImageVersion, which the RP rejects. This client-side skip prevents that. (Reproduced against a live Automatic + Machine-API cluster.)Scope
This changes only the cluster-level
az aks upgrade, which fans out across every node pool and should not fail the whole command because of a Machines pool. The single-nodepoolaz aks nodepool upgradepath is intentionally left unchanged: when a user explicitly targets a Machines mode agent pool, rejecting the pool-level upgrade is the expected behavior (machine lifecycle is managed through the machine API).Testing
Added unit tests (
test_aks_upgrade_node_image_only_skips_machines_mode_pool,test_aks_upgrade_kubernetes_version_skips_machines_mode_pool); the--node-image-onlyskip was also verified end-to-end on a real Automatic cluster.