Open Service Mesh AddOn (#200)

* Added basic OSM AddOn capability

Author: Gordon Byers

.github/workflows_dep/regressionparams/openservicemesh.json

@@ -0,0 +1,12 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "resourceName": {
+      "value": "az-k8s-osmd"
+    },
+    "openServiceMeshAddon" : {
+        "value" : true
+    }
+  }
+}

bicep/compiled/main.json

@@ -189,6 +189,9 @@ module dnsZone './dnsZone.bicep' = if (!empty(dnsZoneId)) {
 @description('Installs the AKS KV CSI provider')
 param azureKeyvaultSecretsProvider bool = false
 
+@description('Enables Open Service Mesh')
+param openServiceMeshAddon bool = false
+
 @description('Creates a Key Vault')
 param createKV bool = false
 
@@ -954,62 +957,58 @@ var agentPoolProfiles = JustUseSystemPool ? array(union(systemPoolBase, userPool
 
 var akssku = AksPaidSkuForSLA ? 'Paid' : 'Free'
 
-var aks_addons = {}
-var aks_addons1 = DEPLOY_APPGW_ADDON && ingressApplicationGateway ? union(aks_addons, deployAppGw ? {
-  ingressApplicationGateway: {
-    config: {
-      applicationGatewayId: appgw.id
-    }
-    enabled: true
-  }
-} : {
-  ingressApplicationGateway: {
-    enabled: true
-    config: {
-      applicationGatewayName: appgwName
-      subnetCIDR: appGatewaySubnetAddressPrefix
-    }
-  }
-}) : aks_addons
 
-var aks_addons2 = createLaw && omsagent ? union(aks_addons1, {
+var aks_addons = {
   omsagent: {
-    enabled: true
+    enabled: createLaw && omsagent
     config: {
-      logAnalyticsWorkspaceResourceID: aks_law.id
+      logAnalyticsWorkspaceResourceID: createLaw && omsagent ? aks_law.id : json('null')
     }
   }
-}) : aks_addons1
-
-var aks_addons3 = !empty(gitops) ? union(aks_addons2, {
   gitops: {
     //    config": null,
-    enabled: true
+    enabled: !empty(gitops)
     //    identity: {
     //      clientId: 'xxx',
     //      objectId: 'xxx',
     //      resourceId: '/subscriptions/95efa97a-9b5d-4f74-9f75-a3396e23344d/resourcegroups/xxx/providers/Microsoft.ManagedIdentity/userAssignedIdentities/xxx'
     //    }
   }
-}) : aks_addons2
-
-var aks_addons4 = !empty(azurepolicy) ? union(aks_addons3, {
   azurepolicy: {
     config: {
-      version: 'v2'
+      version: !empty(azurepolicy) ? 'v2' : json('null')
     }
-    enabled: true
+    enabled: !empty(azurepolicy)
   }
-}) : aks_addons3
-
-var aks_addons5 = azureKeyvaultSecretsProvider ? union(aks_addons4, {
   azureKeyvaultSecretsProvider: {
     config: {
       enableSecretRotation: 'false'
     }
+    enabled: azureKeyvaultSecretsProvider
+  }
+  openServiceMesh: {
+    enabled: openServiceMeshAddon
+    config: {}
+  }
+}
+
+var aks_addons1 = DEPLOY_APPGW_ADDON && ingressApplicationGateway ? union(aks_addons, deployAppGw ? {
+  ingressApplicationGateway: {
+    config: {
+      applicationGatewayId: appgw.id
+    }
     enabled: true
   }
-}) : aks_addons4
+} : {
+  ingressApplicationGateway: {
+    enabled: true
+    config: {
+      applicationGatewayName: appgwName
+      subnetCIDR: appGatewaySubnetAddressPrefix
+    }
+  }
+}) : aks_addons
+
 
 var aks_identity = {
   type: 'UserAssigned'
@@ -1049,7 +1048,7 @@ var aksProperties = {
   autoUpgradeProfile: !empty(upgradeChannel) ? {
     upgradeChannel: upgradeChannel
   } : {}
-  addonProfiles: !empty(aks_addons5) ? aks_addons5 : {}
+  addonProfiles: !empty(aks_addons1) ? aks_addons1 : aks_addons
 }
 
 @description('Needing to seperately declare and union this because of https://github.com/Azure/AKS/issues/2774')

bicep/main.bicep

@@ -4,8 +4,9 @@ import { TextField, Link, Separator, Dropdown, Slider, Stack, Text, Label, Choic
 import { adv_stackstyle, hasError, getError } from './common'
 
 
-export default function ({ tabValues, updateFn, invalidArray }) {
+export default function ({ tabValues, updateFn, featureFlag, invalidArray }) {
     const { addons, net } = tabValues
+    const osmFeatureFlag = featureFlag.includes('osm')
     return (
         <Stack tokens={{ childrenGap: 15 }} styles={adv_stackstyle}>
 
@@ -298,6 +299,19 @@ export default function ({ tabValues, updateFn, invalidArray }) {
                 </Stack>
             </Stack.Item>
 
+            { osmFeatureFlag &&
+            <>
+                <Separator className="notopmargin" />
+
+                <Stack.Item align="start">
+                    <Label required={true}>
+                        Open Service Mesh : Enable Open Service Mesh on the AKS Cluster
+                        (<a target="_new" href="https://docs.microsoft.com/azure/aks/open-service-mesh-about">docs</a>)
+                    </Label>
+                    <Checkbox styles={{ root: { marginLeft: '50px' } }} inputProps={{ "data-testid": "addons-osm-Checkbox"}} checked={addons.openServiceMeshAddon} onChange={(ev, v) => updateFn("openServiceMeshAddon", v)} label="Install the Open Service Mesh AddOn" />
+                </Stack.Item>
+            </>}
+
             {/*
         <ChoiceGroup
           label='Enable gitops'

helper/src/components/addonsTab.js

@@ -50,6 +50,7 @@ export default function DeployTab({ defaults, updateFn, tabValues, invalidArray,
     }),
     ...(addons.monitor === "aci" && { omsagent: true, retentionInDays: addons.retentionInDays, ...( addons.createAksMetricAlerts !== defaults.addons.createAksMetricAlerts && {createAksMetricAlerts: addons.createAksMetricAlerts }) }),
     ...(addons.networkPolicy !== "none" && { networkPolicy: addons.networkPolicy }),
+    ...(defaults.addons.openServiceMeshAddon !== addons.openServiceMeshAddon && {openServiceMeshAddon: addons.openServiceMeshAddon }),
     ...(addons.azurepolicy !== "none" && { azurepolicy: addons.azurepolicy }),
     ...(net.networkPlugin !== defaults.net.networkPlugin && {networkPlugin: net.networkPlugin}),
     ...(net.vnet_opt === "custom" && net.networkPlugin === 'kubenet' && defaults.net.podCidr !== net.podCidr && { podCidr: net.podCidr }),

helper/src/components/deployTab.js

@@ -305,7 +305,7 @@ export default function PortalNav({ config }) {
               <ClusterTab tabValues={tabValues} featureFlag={featureFlag} updateFn={(field, value) => mergeState("cluster", field, value)} invalidArray={invalidArray['cluster']} />
             </PivotItem>
             <PivotItem headerText={tabLabels.addons} itemKey="addons" onRenderItemLink={(a, b) => _customRenderer('addons', a, b)} >
-              <AddonsTab tabValues={tabValues} updateFn={(field, value) => mergeState("addons", field, value)} invalidArray={invalidArray['addons']} />
+              <AddonsTab tabValues={tabValues} featureFlag={featureFlag} updateFn={(field, value) => mergeState("addons", field, value)} invalidArray={invalidArray['addons']} />
             </PivotItem>
             <PivotItem headerText={tabLabels.net} itemKey="net" onRenderItemLink={(a, b) => _customRenderer('net', a, b)}>
               <NetworkTab tabValues={tabValues} featureFlag={featureFlag} updateFn={(field, value) => mergeState("net", field, value)} invalidArray={invalidArray['net']} />

helper/src/components/portalnav.js

@@ -42,6 +42,7 @@
         },
         "addons": {
             "networkPolicy": "none",
+            "openServiceMeshAddon": false,
             "denydefaultNetworkPolicy": false,
             "azurepolicy": "none",
             "ingress": "none",