Add --enable-cilium-dataplane to AKS cluster create (#5465)

src/aks-preview/HISTORY.rst

@@ -12,6 +12,11 @@ To release a new version, please select a new version number (usually plus 1 to
 Pending
 +++++++
 
+0.5.109
++++++++
+
+* Add --enable-cilium-dataplane flag for creating a cluster that uses Cilium as the networking dataplane.
+
 0.5.108
 +++++++
 

src/aks-preview/azext_aks_preview/_consts.py

@@ -91,6 +91,9 @@
 # network plugin mode
 CONST_NETWORK_PLUGIN_MODE_OVERLAY = "overlay"
 
+# networkprofile eBPF dataplane
+CONST_EBPF_DATAPLANE_CILIUM = "cilium"
+
 # disk driver versions
 CONST_DISK_DRIVER_V1 = "v1"
 CONST_DISK_DRIVER_V2 = "v2"

src/aks-preview/azext_aks_preview/_help.py

@@ -215,6 +215,12 @@
               Using together with "azure" network plugin.
               Specify "azure" for Azure network policy manager and "calico" for calico network policy controller.
               Defaults to "" (network policy disabled).
+        - name: --enable-cilium-dataplane
+          type: bool
+          short-summary: Use Cilium as the networking dataplane for the Kubernetes cluster.
+          long-summary: |
+              Used together with the "azure" network plugin.
+              Requires either --pod-subnet-id or --network-plugin-mode=overlay.
         - name: --no-ssh-key -x
           type: string
           short-summary: Do not use or create a local SSH key.

src/aks-preview/azext_aks_preview/_params.py

@@ -333,6 +333,7 @@ def load_arguments(self, _):
         c.argument('dns_zone_resource_id')
         c.argument('enable_keda', action='store_true', is_preview=True)
         c.argument('enable_node_restriction', action='store_true', is_preview=True, help="enable node restriction for cluster")
+        c.argument('enable_cilium_dataplane', action='store_true', is_preview=True)
         # nodepool
         c.argument('host_group_id', validator=validate_host_group_id, is_preview=True)
         c.argument('crg_id', validator=validate_crg_id, is_preview=True)

src/aks-preview/azext_aks_preview/custom.py

@@ -673,6 +673,7 @@ def aks_create(
     enable_keda=False,
     enable_node_restriction=False,
     enable_vpa=False,
+    enable_cilium_dataplane=False,
     # nodepool
     host_group_id=None,
     crg_id=None,

src/aks-preview/azext_aks_preview/managed_cluster_decorator.py

@@ -49,6 +49,7 @@
     CONST_LOAD_BALANCER_SKU_BASIC,
     CONST_PRIVATE_DNS_ZONE_NONE,
     CONST_PRIVATE_DNS_ZONE_SYSTEM,
+    CONST_EBPF_DATAPLANE_CILIUM,
 )
 from azext_aks_preview._helpers import (
     get_cluster_snapshot_by_snapshot_id,
@@ -321,6 +322,13 @@ def get_network_plugin_mode(self) -> Union[str, None]:
         """
         return self.raw_param.get('network_plugin_mode')
 
+    def get_enable_cilium_dataplane(self) -> bool:
+        """Get the value of enable_cilium_dataplane
+
+        :return: bool
+        """
+        return bool(self.raw_param.get('enable_cilium_dataplane'))
+
     def get_load_balancer_managed_outbound_ipv6_count(self) -> Union[int, None]:
         """Obtain the expected count of IPv6 managed outbound IPs.
 
@@ -2160,6 +2168,9 @@ def set_up_network_profile(self, mc: ManagedCluster) -> ManagedCluster:
 
         network_profile.network_plugin_mode = self.context.get_network_plugin_mode()
 
+        if self.context.get_enable_cilium_dataplane():
+            network_profile.ebpf_dataplane = CONST_EBPF_DATAPLANE_CILIUM
+
         return mc
 
     def set_up_api_server_access_profile(self, mc: ManagedCluster) -> ManagedCluster: