为现有集群更改 Azure Kubernetes 服务中的 --network-plugin
[英]Changing --network-plugin in Azure Kubernetes Service for existing cluster
问题描述
I'm trying to implement Azure Key Vault such that API keys, credentials and other Kubernetes secrets are read into production and staging environments.
我正在尝试实施 Azure Key Vault,以便将 API 密钥、凭据和其他 Kubernetes 机密读入生产和暂存环境。 Ultimately, I'd like to try to expand that to local development environments so devs don't have to mess with it at all.最终,我想尝试将其扩展到本地开发环境,这样开发人员就不必完全搞砸它。 It is just read in when they start their cluster.它只是在他们启动集群时读入。
Anyway, I'm following this to enable Pod Identities:无论如何,我正在遵循这个来启用 Pod 身份:
https://docs.microsoft.com/en-us/azure/aks/use-azure-ad-pod-identity https://docs.microsoft.com/en-us/azure/aks/use-azure-ad-pod-identity
When I get to this step , I'm modifying the:当我到达这一步时,我正在修改:
az aks create -g myResourceGroup -n myAKSCluster --enable-managed-identity --enable-pod-identity --network-plugin azure
To the following because I'm trying to change an existing cluster:以下是因为我正在尝试更改现有集群:
az aks update -g myResourceGroup -n myAKSCluster --enable-managed-identity --enable-pod-identity --network-plugin azure
This doesn't work and figured out I need to run each flag one at a time, so I had to run --enable-managed-identity first since --enable-pod-identity depends on it.这不起作用,并且发现我需要一次运行每个标志,所以我必须先运行--enable-managed-identity ,因为--enable-pod-identity取决于它。
At any rate, when I get to the --enable-pod-identity I get the following error:无论如何,当我到达--enable-pod-identity时,我收到以下错误:
Operation failed with status: 'Bad Request'. Details: Network plugin kubenet is not supported to use with PodIdentity addon.
So I try the --network-plugin azure and get:所以我尝试了--network-plugin azure并得到:
az: error: unrecognized arguments: --network-plugin azure
Apparently this is flag is not available with update .显然,这是标志不适用于update 。
Poking around in the Azure portal for the AKS resource, I do see kubenet listed , but I'm not able to change it.在 Azure 门户中寻找 AKS 资源,我确实看到kubenet listed ,但我无法更改它。
So, the question: Is it possible to change the Network Plugin on existing cluster or do I need to start a new?所以,问题是:是否可以更改现有集群上的网络插件,还是我需要启动一个新的?
EDIT: Looks like others are having similar issues on existing clusters:编辑:看起来其他人在现有集群上也有类似的问题:
https://github.com/Azure/AKS/issues/2094 https://github.com/Azure/AKS/issues/2094
1 个解决方案
解决方案1
2 已采纳 2021-02-16 07:00:20
Is it possible to change the Network Plugin on the existing cluster or do I need to start a new?
It's impossible to change the network plugin on the existing cluster, so you need to create a new cluster and set the network plugin with azure at the creation time.现有集群上无法更改网络插件,因此需要新建集群并在创建时将网络插件设置为 azure。 You can find there is no parameter --network-plugin in the CLI command az aks update even if you install the aks-preview extension.即使您安装了aks-preview扩展,您也会发现 CLI 命令az aks update中没有参数--network-plugin 。 It means it does not support changing the network plugin of the existing cluster.这意味着它不支持更改现有集群的网络插件。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.