From 67854c944cc905c11dd809103be41b8b18c0934b Mon Sep 17 00:00:00 2001 From: Matthew Christopher Date: Mon, 7 Jun 2021 12:33:14 -0700 Subject: [PATCH] PR feedback --- custom-words.txt | 3 + .../stable/2021-05-01/managedClusters.json | 138 ++++++++++++------ 2 files changed, 98 insertions(+), 43 deletions(-) diff --git a/custom-words.txt b/custom-words.txt index 192727525971..f9ce9fd78c93 100644 --- a/custom-words.txt +++ b/custom-words.txt @@ -827,6 +827,7 @@ hotpatching HSLA HSMs Hubspot +Hugepages hybridconnection hybriddata hybriddatamanager @@ -1062,6 +1063,7 @@ machinelearningcompute machinelearningexperimentation machinelearningservices machinewithhints +madvise Magadan Magento maintenancewindows @@ -1263,6 +1265,7 @@ nsxt ntext ntfs ntlm +numa numrecords nvarchar Nynorsk diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-05-01/managedClusters.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-05-01/managedClusters.json index 2c3650160c62..ac108be84de7 100644 --- a/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-05-01/managedClusters.json +++ b/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-05-01/managedClusters.json @@ -2134,7 +2134,8 @@ }, "orchestratorVersion": { "type": "string", - "description": "The version of the orchestrator specified when creating the managed cluster." + "title": "The version of Kubernetes running on the Agent Pool.", + "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool)." }, "nodeImageVersion": { "readOnly": true, @@ -2164,7 +2165,8 @@ }, "enableNodePublicIP": { "type": "boolean", - "description": "Enable public IP for nodes" + "title": "Whether each node is allocated its own public IP.", + "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false." }, "nodePublicIPPrefixID": { "type": "string", @@ -2178,7 +2180,7 @@ "scaleSetEvictionPolicy": { "$ref": "#/definitions/ScaleSetEvictionPolicy", "title": "The Virtual Machine Scale Set eviction policy to use.", - "description": "This cannot be specified unless the scaleSetPrirority is 'Spot'. If not specified, the default is 'Delete'." + "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'." }, "spotMaxPrice": { "type": "number", @@ -2230,7 +2232,8 @@ }, "enableFIPS": { "type": "boolean", - "description": "Whether to use a FIPS enabled OS." + "title": "Whether to use a FIPS-enabled OS.", + "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details." }, "gpuInstanceProfile": { "$ref": "#/definitions/GPUInstanceProfile", @@ -2298,7 +2301,7 @@ }, { "value": "User", - "description": "User agent pools are primarily for hosting your applocation pods." + "description": "User agent pools are primarily for hosting your application pods." } ] }, @@ -2371,7 +2374,7 @@ "values": [ { "value": "None", - "description": "No additional licenscing is applied." + "description": "No additional licensing is applied." }, { "value": "Windows_Server", @@ -2516,7 +2519,7 @@ "values": [ { "value": "loadBalancer", - "description": "The load balancer is used for egress through an AKS assigned public IP. This supports Kubernetes services of type 'loadBalancer'. For more information see [outbound type loadbalancer](https://docs.microsoft.com/azure/aks/egress-outboundtype#outbound-type-of-loadbalancer)." + "description": "The load balancer is used for egress through an AKS assigned public IP. This supports Kubernetes services of type 'loadBalancer'. For more information see [outbound type loadbalancer](https://docs.microsoft.com/azure/aks/egress-outboundtype#outbound-type-of-loadbalancer)." }, { "value": "userDefinedRouting", @@ -2526,7 +2529,7 @@ }, "default": "loadBalancer", "title": "The outbound (egress) routing method.", - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outboundtype](https://docs.microsoft.com/azure/aks/egress-outboundtype)." + "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype)." }, "loadBalancerSku": { "type": "string", @@ -2540,7 +2543,7 @@ "values": [ { "value": "standard", - "description": "Use a a standard Load Balancer. This is the recommended Load Balancer SKU. For more information about on working with the load balancer in the managed cluster, see the [standard Load Balancer](https://docs.microsoft.com/azure/aks/load-balancer-standard) article." + "description": "Use a a standard Load Balancer. This is the recommended Load Balancer SKU. For more information about on working with the load balancer in the managed cluster, see the [standard Load Balancer](https://docs.microsoft.com/azure/aks/load-balancer-standard) article." }, { "value": "basic", @@ -2548,9 +2551,8 @@ } ] }, - "default": "standard", "title": "The load balancer sku for the managed cluster.", - "description": "See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs." + "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs." }, "loadBalancerProfile": { "$ref": "#/definitions/ManagedClusterLoadBalancerProfile", @@ -2795,7 +2797,7 @@ "reason": { "type": "string", "readOnly": true, - "description": "An explaination of why provisioningState is set to failed (if so)." + "description": "An explanation of why provisioningState is set to failed (if so)." } }, "description": "The results of a run command" @@ -2998,15 +3000,18 @@ }, "kubernetesVersion": { "type": "string", - "description": "The version of Kubernetes specified when creating the managed cluster." + "title": "The version of Kubernetes the Managed Cluster is running.", + "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details." }, "dnsPrefix": { "type": "string", - "description": "The DNS prefix specified when creating the managed cluster." + "title": "The DNS prefix of the Managed Cluster.", + "description": "This cannot be updated once the Managed Cluster has been created." }, "fqdnSubdomain": { "type": "string", - "description": "The FQDN subdomain specified when creating private cluster with custom private dns zone." + "title": "The FQDN subdomain of the private cluster with custom private dns zone.", + "description": "This cannot be updated once the Managed Cluster has been created." }, "fqdn": { "readOnly": true, @@ -3021,7 +3026,8 @@ "azurePortalFQDN": { "readOnly": true, "type": "string", - "description": "The FQDN for the master pool which used by proxy config." + "title": "The special FQDN used by the Azure Portal to access the Managed Cluster. This FQDN is for use only by the Azure Portal and should not be used by other clients.", + "description": "The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly." }, "agentPoolProfiles": { "type": "array", @@ -3032,11 +3038,11 @@ }, "linuxProfile": { "$ref": "#/definitions/ContainerServiceLinuxProfile", - "description": "The profile for Linux VMs in the container service cluster." + "description": "The profile for Linux VMs in the Managed Cluster." }, "windowsProfile": { "$ref": "#/definitions/ManagedClusterWindowsProfile", - "description": "The profile for Windows VMs in the container service cluster." + "description": "The profile for Windows VMs in the Managed Cluster." }, "servicePrincipalProfile": { "$ref": "#/definitions/ManagedClusterServicePrincipalProfile", @@ -3093,14 +3099,13 @@ "priority", "random" ], - "default": "random", "x-ms-enum": { "name": "expander", "modelAsString": true, "values": [ { "value": "least-waste", - "description": "Selects the node group that will have the least idle CPU (if tied, unused memory) after scale-up. This is useful when you have different classes of nodes, for example, high CPU or high memory nodes, and only want to expand those when there are pending pods that need a lot of those resources." + "description": "Selects the node group that will have the least idle CPU (if tied, unused memory) after scale-up. This is useful when you have different classes of nodes, for example, high CPU or high memory nodes, and only want to expand those when there are pending pods that need a lot of those resources." }, { "value": "most-pods", @@ -3117,7 +3122,7 @@ ] }, "title": "The expander to use when scaling up", - "description": "See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information." + "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information." }, "max-empty-bulk-delete": { "type": "string", @@ -3251,7 +3256,7 @@ "values": [ { "value": "Running", - "description": "The cluster is running." + "description": "The cluster is running." }, { "value": "Stopped", @@ -3291,7 +3296,7 @@ "values": [ { "value": "system", - "description": "AKS will create a private DNS zone in the Node Resource Group." + "description": "AKS will create a private DNS zone in the Node Resource Group." }, { "value": "none", @@ -3334,15 +3339,15 @@ "values": [ { "value": "SystemAssigned", - "description": "Use an implicitly created identity in master components and an auto-created user assigned identity in the MC_ resource group in agent nodes." + "description": "Use an implicitly created system assigned managed identity to manage cluster resources. Master components in the control plane such as kube-controller-manager will use the system assigned managed identity to manipulate Azure resources." }, { "value": "UserAssigned", - "description": "" + "description": "Use a user-specified identity to manage cluster resources. Master components in the control plane such as kube-controller-manager will use the specified user assigned managed identity to manipulate Azure resources." }, { "value": "None", - "description": "Do not use MSI for the Managed Cluster, service principal will be used instead." + "description": "Do not use a managed identity for the Managed Cluster, service principal will be used instead." } ] } @@ -3451,7 +3456,7 @@ "kubernetesVersion", "osType" ], - "description": "The list of avialable upgrade versions." + "description": "The list of available upgrade versions." }, "ManagedClusterUpgradeProfileProperties": { "properties": { @@ -3490,23 +3495,23 @@ "values": [ { "value": "rapid", - "description": "Automatically upgrade the cluster to the latest supported patch release on the latest supported minor version. In cases where the cluster is at a version of Kubernetes that is at an N-2 minor version where N is the latest supported minor version, the cluster first upgrades to the latest supported patch version on N-1 minor version. For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster first is upgraded to 1.18.6, then is upgraded to 1.19.1." + "description": "Automatically upgrade the cluster to the latest supported patch release on the latest supported minor version. In cases where the cluster is at a version of Kubernetes that is at an N-2 minor version where N is the latest supported minor version, the cluster first upgrades to the latest supported patch version on N-1 minor version. For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster first is upgraded to 1.18.6, then is upgraded to 1.19.1." }, { "value": "stable", - "description": "Automatically upgrade the cluster to the latest supported patch release on minor version N-1, where N is the latest supported minor version. For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster is upgraded to 1.18.6." + "description": "Automatically upgrade the cluster to the latest supported patch release on minor version N-1, where N is the latest supported minor version. For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster is upgraded to 1.18.6." }, { "value": "patch", - "description": "Automatically upgrade the cluster to the latest supported patch version when it becomes available while keeping the minor version the same. For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster is upgraded to 1.17.9." + "description": "Automatically upgrade the cluster to the latest supported patch version when it becomes available while keeping the minor version the same. For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster is upgraded to 1.17.9." }, { "value": "node-image", - "description": "Automatically upgrade the node image to the latest version available. Microsoft provides patches and new images for image nodes frequently (usually weekly), but your running nodes won't get the new images unless you do a node image upgrade. Turning on the node-image channel will automatically update your node images whenever a new version is available." + "description": "Automatically upgrade the node image to the latest version available. Microsoft provides patches and new images for image nodes frequently (usually weekly), but your running nodes won't get the new images unless you do a node image upgrade. Turning on the node-image channel will automatically update your node images whenever a new version is available." }, { "value": "none", - "description": "Disables auto-upgrades and keeps the cluster at its current version of Kubernetes." + "description": "Disables auto-upgrades and keeps the cluster at its current version of Kubernetes." } ] }, @@ -3653,7 +3658,8 @@ "namespace", "podLabels" ], - "title": "A pod identity exception, which allows pods with certain labels to access the Azure Instance Metadata Service (IMDS) endpoint without being intercepted by the node-managed identity (NMI) server." + "title": "A pod identity exception, which allows pods with certain labels to access the Azure Instance Metadata Service (IMDS) endpoint without being intercepted by the node-managed identity (NMI) server.", + "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details." }, "ManagedClusterPodIdentityProfile": { "properties": { @@ -3663,7 +3669,8 @@ }, "allowNetworkPluginKubenet": { "type": "boolean", - "description": "Customer consent for enabling AAD pod identity addon in cluster using Kubenet network plugin." + "title": "Whether pod identity is allowed to run on clusters with Kubenet networking.", + "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information." }, "userAssignedIdentities": { "description": "The pod identities to use in the cluster.", @@ -3843,7 +3850,7 @@ "values": [ { "value": "Linux", - "description": "Use Linux." + "description": "Use Linux." }, { "value": "Windows", @@ -3878,7 +3885,7 @@ "values": [ { "value": "Spot", - "description": "Spot priority VMs will be used. There is no SLA for spot nodes. See [spot on AKS](https://docs.microsoft.com/azure/aks/spot-node-pool) for more information." + "description": "Spot priority VMs will be used. There is no SLA for spot nodes. See [spot on AKS](https://docs.microsoft.com/azure/aks/spot-node-pool) for more information." }, { "value": "Regular", @@ -3901,7 +3908,7 @@ "values": [ { "value": "Delete", - "description": "Nodes in the underlying Scale Set of the node pool are deleted when they're evicted." + "description": "Nodes in the underlying Scale Set of the node pool are deleted when they're evicted." }, { "value": "Deallocate", @@ -3993,12 +4000,11 @@ "tier": { "type": "string", "title": "The tier of a managed cluster SKU.", - "description": "See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", + "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", "enum": [ "Paid", "Free" ], - "default": "Free", "x-ms-enum": { "name": "ManagedClusterSKUTier", "modelAsString": true, @@ -4229,7 +4235,25 @@ "cpuManagerPolicy": { "type": "string", "title": "The CPU Manager policy to use.", - "description": "Valid values are 'none' or 'static'. The default is 'none'." + "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information.", + "enum": [ + "none", + "static" + ], + "x-ms-enum": { + "name": "KubeletCpuManagerPolicy", + "modelAsString": true, + "values": [ + { + "value": "none", + "description": "The default CPU affinity scheme. No affinity is provided beyond what the OS scheduler does automatically." + }, + { + "value": "static", + "description": "Allows containers in Guaranteed pods with integer CPU requests access to exclusive CPUs on the node." + } + ] + } }, "cpuCfsQuota": { "type": "boolean", @@ -4239,7 +4263,7 @@ "cpuCfsQuotaPeriod": { "type": "string", "title": "The CPU CFS quota period value.", - "description": "The default is '100ms.'" + "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'." }, "imageGcHighThreshold": { "type": "integer", @@ -4260,7 +4284,35 @@ "topologyManagerPolicy": { "type": "string", "title": "The Topology Manager policy to use.", - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'." + "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'.", + "enum": [ + "none", + "best-effort", + "restricted", + "single-numa-node" + ], + "x-ms-enum": { + "name": "KubeletTopologyManagerPolicy", + "modelAsString": true, + "values": [ + { + "value": "none", + "description": "No topology alignment is performed." + }, + { + "value": "best-effort", + "description": "Topology Manager tries to honor containers NUMA Node affinity. Containers without a preferred NUMA node affinity are still admitted to the node." + }, + { + "value": "restricted", + "description": "Topology Manager honors containers NUMA Node affinity. Containers without a preferred NUMA node affinity are rejected, resulting in a pod in a Terminated state with a pod admission failure." + }, + { + "value": "single-numa-node", + "description": "Topology Manager ensures containers are assigned to a single NUMA Node. If it is not possible to assign a container to a single NUMA Node the pod is rejected, resulting in a pod in a Terminated state with a pod admission failure." + } + ] + } }, "allowedUnsafeSysctls": { "type": "array", @@ -4533,7 +4585,7 @@ }, "enable-fips-image": { "type": "boolean", - "description": "Whether the image is FIPS enabled." + "description": "Whether the image is FIPS-enabled." } }, "required": [