Azure · deveshdama · Feb 1, 2024 · Feb 1, 2024 · Feb 2, 2024 · Feb 2, 2024
diff --git a/.github/workflows/AddPRComment.yml b/.github/workflows/AddPRComment.yml
@@ -23,4 +23,5 @@ jobs:
         uses: mshick/add-pr-comment@v2
         with:
           repo-token: ${{ secrets.CLI_BOT }}
+          message-id: prcommentbot
           message: "${{ env.message }}"
diff --git a/.github/workflows/VersionCalPRComment.yml b/.github/workflows/VersionCalPRComment.yml
@@ -127,6 +127,7 @@ jobs:
         uses: mshick/add-pr-comment@v2
         with:
            repo-token: ${{ secrets.AZCLIBOT_PAT }}
+           message-id: versioncommentbot
            message-path: |
             version_update.txt
            message-failure: |

@@ -11,8 +11,14 @@ To release a new version, please select a new version number (usually plus 1 to
 
 Pending
 +++++++
-* Deprecate the alias "-r" of parameter --source-resource-id in `az aks trustedaccess rolebinding create`
+* Vendor new SDK and bump API version to 2023-11-02-preview.
+
+1.0.0b5
++++++++
+* Add `--enable-ai-toolchain-operator` to `az aks create` and `az aks update`.
+* Add `--disable-ai-toolchain-operator` to the `az aks update` command.
 * Refactor azure service mesh related code to meet cli style requirements.
+* Implicitly enable istio when ingress or egress gateway is enabled for Azure Service Mesh.
 
 1.0.0b4
 +++++++
@@ -21,6 +27,7 @@ Pending
 1.0.0b3
 +++++++
 * Change the format for az aks machine commands to separate the ipv4, ipv6 columns
+* Deprecate the alias "-r" of parameter --source-resource-id in `az aks trustedaccess rolebinding create`
 
 1.0.0b2
 +++++++

@@ -113,5 +113,9 @@ Released version and adopted API version
       - 2023-07-02-preview
     * - 0.5.162 ~ 0.5.166
       - 2023-08-02-preview
-    * - 0.5.167 ~ latest
-      - 2023-08-02-preview
+    * - 0.5.167 ~ 0.5.171
+      - 2023-09-02-preview
+    * - 0.5.172 ~ 1.0.0b5?
+      - 2023-10-02-preview
+    * - 1.0.0b6? ~ latest
+      - 2023-11-02-preview
@@ -42,6 +42,10 @@
         ],
         "service mesh, missing feature registration for new resource type": [
             "test_aks_azure_service_mesh_get_revisions"
+        ],
+        "ai toolchain operator, enabled in staging only": [
+            "test_aks_create_with_enable_ai_toolchain_operator",
+            "test_aks_update_with_enable_ai_toolchain_operator"
         ]
     }
-}
+}
@@ -16,7 +16,7 @@ def register_aks_preview_resource_type():
     register_resource_type(
         "latest",
         CUSTOM_MGMT_AKS_PREVIEW,
-        SDKProfile("2023-10-02-preview", {"container_services": "2017-07-01"}),
+        SDKProfile("2023-11-02-preview", {"container_services": "2017-07-01"}),
     )
 
 

@@ -586,6 +586,9 @@
         - name: --enable-app-routing
           type: bool
           short-summary: Enable Application Routing addon.
+        - name: --enable-ai-toolchain-operator
+          type: bool
+          short-summary: Enable AI toolchain operator to the cluster.
     examples:
         - name: Create a Kubernetes cluster with an existing SSH public key.
           text: az aks create -g MyResourceGroup -n MyManagedCluster --ssh-key-value /path/to/publickey
@@ -1133,6 +1136,12 @@
         - name: --node-provisioning-mode
           type: string
           short-summary: Set the node provisioning mode of the cluster. Valid values are "Auto" and "Manual". For more information on "Auto" mode see aka.ms/aks/nap.
+        - name: --enable-ai-toolchain-operator
+          type: bool
+          short-summary: Enable AI toolchain operator to the cluster
+        - name: --disable-ai-toolchain-operator
+          type: bool
+          short-summary: Disable AI toolchain operator.
     examples:
       - name: Reconcile the cluster back to its current state.
         text: az aks update -g MyResourceGroup -n MyManagedCluster

@@ -310,14 +310,14 @@ def check_is_apiserver_vnet_integration_cluster(mc: ManagedCluster) -> bool:
 
 
 def setup_common_guardrails_profile(level, version, excludedNamespaces, mc: ManagedCluster, models) -> ManagedCluster:
-    if (level is not None or version is not None or excludedNamespaces is not None) and mc.guardrails_profile is None:
-        mc.guardrails_profile = models.GuardrailsProfile(
+    if (level is not None or version is not None or excludedNamespaces is not None) and mc.safeguards_profile is None:
+        mc.safeguards_profile = models.SafeguardsProfile(
             level=level,
             version=version
         )
     # replace values with provided values
     if excludedNamespaces is not None:
-        mc.guardrails_profile.excluded_namespaces = extract_comma_separated_string(
+        mc.safeguards_profile.excluded_namespaces = extract_comma_separated_string(
             excludedNamespaces, enable_strip=True, keep_none=True, default_value=[])
 
     return mc
@@ -780,6 +780,7 @@ def load_arguments(self, _):
         c.argument("grafana_resource_id", validator=validate_grafanaresourceid)
         c.argument("enable_windows_recording_rules", action="store_true")
         c.argument("enable_cost_analysis", is_preview=True, action="store_true")
+        c.argument('enable_ai_toolchain_operator', is_preview=True, action='store_true')
         # azure container storage
         c.argument(
             "enable_azure_container_storage",
@@ -1146,6 +1147,8 @@ def load_arguments(self, _):
         )
         c.argument("enable_cost_analysis", is_preview=True, action="store_true")
         c.argument("disable_cost_analysis", is_preview=True, action="store_true")
+        c.argument('enable_ai_toolchain_operator', is_preview=True, action='store_true')
+        c.argument('disable_ai_toolchain_operator', is_preview=True, action='store_true')
         # azure container storage
         c.argument(
             "enable_azure_container_storage",

@@ -606,6 +606,8 @@ def aks_create(
     enable_windows_recording_rules=False,
     # metrics profile
     enable_cost_analysis=False,
+    # AI toolchain operator
+    enable_ai_toolchain_operator=False,
     # azure container storage
     enable_azure_container_storage=None,
     storage_pool_name=None,
@@ -790,6 +792,9 @@ def aks_update(
     # metrics profile
     enable_cost_analysis=False,
     disable_cost_analysis=False,
+    # AI toolchain operator
+    enable_ai_toolchain_operator=False,
+    disable_ai_toolchain_operator=False,
     # azure container storage
     enable_azure_container_storage=None,
     disable_azure_container_storage=False,

@@ -2205,6 +2205,8 @@ def _handle_egress_gateways_asm(self, new_profile: ServiceMeshProfile) -> Tuple[
             # if a gateway is enabled, enable the mesh
             if enable_egress_gateway:
                 new_profile.mode = CONST_AZURE_SERVICE_MESH_MODE_ISTIO
+                if new_profile.istio is None:
+                    new_profile.istio = self.models.IstioServiceMesh()  # pylint: disable=no-member
                 updated = True
 
             # ensure necessary fields
@@ -2259,6 +2261,8 @@ def _handle_ingress_gateways_asm(self, new_profile: ServiceMeshProfile) -> Tuple
             # if an ingress gateway is enabled, enable the mesh
             if enable_ingress_gateway:
                 new_profile.mode = CONST_AZURE_SERVICE_MESH_MODE_ISTIO
+                if new_profile.istio is None:
+                    new_profile.istio = self.models.IstioServiceMesh()  # pylint: disable=no-member
                 updated = True
 
             if not ingress_gateway_type:
@@ -2601,6 +2605,35 @@ def get_node_provisioning_mode(self) -> Union[str, None]:
         """
         return self.raw_param.get("node_provisioning_mode")
 
+    def get_ai_toolchain_operator(self, enable_validation: bool = False) -> bool:
+        """Internal function to obtain the value of enable_ai_toolchain_operator.
+
+        When enabled, if both enable_ai_toolchain_operator and
+        disable_ai_toolchain_operator are specified, raise
+        a MutuallyExclusiveArgumentError.
+
+        :return: bool
+        """
+        enable_ai_toolchain_operator = self.raw_param.get("enable_ai_toolchain_operator")
+        # This parameter does not need dynamic completion.
+        if enable_validation:
+            if enable_ai_toolchain_operator and self.get_disable_ai_toolchain_operator():
+                raise MutuallyExclusiveArgumentError(
+                    "Cannot specify --enable-ai-toolchain-operator and "
+                    "--disable-ai-toolchain-operator at the same time. "
+                )
+
+        return enable_ai_toolchain_operator
+
+    def get_disable_ai_toolchain_operator(self) -> bool:
+        """Obtain the value of disable_ai_toolchain_operator.
+
+        :return: bool
+        """
+        # Note: No need to check for mutually exclusive parameter with enable-ai-toolchain-operator here
+        # because it's already checked in get_ai_toolchain_operator
+        return self.raw_param.get("disable_ai_toolchain_operator")
+
 
 # pylint: disable=too-many-public-methods
 class AKSPreviewManagedClusterCreateDecorator(AKSManagedClusterCreateDecorator):
@@ -3184,6 +3217,18 @@ def set_up_node_provisioning_profile(self, mc: ManagedCluster) -> ManagedCluster
 
         return mc
 
+    def set_up_ai_toolchain_operator(self, mc: ManagedCluster) -> ManagedCluster:
+        self._ensure_mc(mc)
+
+        if self.context.get_ai_toolchain_operator(enable_validation=True):
+            if mc.ai_toolchain_operator_profile is None:
+                mc.ai_toolchain_operator_profile = self.models.ManagedClusterAIToolchainOperatorProfile()  # pylint: disable=no-member
+            # set enabled
+            mc.ai_toolchain_operator_profile.enabled = True
+
+        # Default is disabled so no need to worry about that here
+        return mc
+
     # pylint: disable=unused-argument
     def construct_mc_profile_preview(self, bypass_restore_defaults: bool = False) -> ManagedCluster:
         """The overall controller used to construct the default ManagedCluster profile.
@@ -3236,6 +3281,8 @@ def construct_mc_profile_preview(self, bypass_restore_defaults: bool = False) ->
         mc = self.set_up_azure_monitor_profile(mc)
         # set up metrics profile
         mc = self.set_up_metrics_profile(mc)
+        # set up AI toolchain operator
+        mc = self.set_up_ai_toolchain_operator(mc)
         # set up for azure container storage
         mc = self.set_up_azure_container_storage(mc)
         # set up node provisioning profile
@@ -4209,9 +4256,9 @@ def update_guardrails_profile(self, mc: ManagedCluster) -> ManagedCluster:
         mc = setup_common_guardrails_profile(level, version, excludedNamespaces, mc, self.models)
 
         if level is not None:
-            mc.guardrails_profile.level = level
+            mc.safeguards_profile.level = level
         if version is not None:
-            mc.guardrails_profile.version = version
+            mc.safeguards_profile.version = version
 
         return mc
 
@@ -4497,6 +4544,24 @@ def update_node_provisioning_profile(self, mc: ManagedCluster) -> ManagedCluster
 
         return mc
 
+    def update_ai_toolchain_operator(self, mc: ManagedCluster) -> ManagedCluster:
+        """Updates the aiToolchainOperatorProfile field of the managed cluster
+
+        :return: the ManagedCluster object
+        """
+
+        if self.context.get_ai_toolchain_operator(enable_validation=True):
+            if mc.ai_toolchain_operator_profile is None:
+                mc.ai_toolchain_operator_profile = self.models.ManagedClusterAIToolchainOperatorProfile()  # pylint: disable=no-member
+            mc.ai_toolchain_operator_profile.enabled = True
+
+        if self.context.get_disable_ai_toolchain_operator():
+            if mc.ai_toolchain_operator_profile is None:
+                mc.ai_toolchain_operator_profile = self.models.ManagedClusterAIToolchainOperatorProfile()  # pylint: disable=no-member
+            mc.ai_toolchain_operator_profile.enabled = False
+
+        return mc
+
     def update_mc_profile_preview(self) -> ManagedCluster:
         """The overall controller used to update the preview ManagedCluster profile.
 
@@ -4558,6 +4623,8 @@ def update_mc_profile_preview(self) -> ManagedCluster:
         mc = self.update_k8s_support_plan(mc)
         # update metrics profile
         mc = self.update_metrics_profile(mc)
+        # update AI toolchain operator
+        mc = self.update_ai_toolchain_operator(mc)
         # update azure container storage
         mc = self.update_azure_container_storage(mc)
         # update node provisioning profile