Merge pull request #493 from Azure/e-444

Remove `var.http_application_routing_enabled`
Azure · Dec 26, 2023 · 7b76e9c · 7b76e9c
2 parents e5a17e1 + e81294a
commit 7b76e9c
Show file tree

Hide file tree

Showing 6 changed files with 9 additions and 24 deletions.
diff --git a/README.md b/README.md
@@ -317,7 +317,6 @@ No modules.
 | <a name="input_enable_host_encryption"></a> [enable\_host\_encryption](#input\_enable\_host\_encryption) | Enable Host Encryption for default node pool. Encryption at host feature must be enabled on the subscription: https://docs.microsoft.com/azure/virtual-machines/linux/disks-enable-host-based-encryption-cli | `bool` | `false` | no |
 | <a name="input_enable_node_public_ip"></a> [enable\_node\_public\_ip](#input\_enable\_node\_public\_ip) | (Optional) Should nodes in this Node Pool have a Public IP Address? Defaults to false. | `bool` | `false` | no |
 | <a name="input_green_field_application_gateway_for_ingress"></a> [green\_field\_application\_gateway\_for\_ingress](#input\_green\_field\_application\_gateway\_for\_ingress) | [Definition of `green_field`](https://learn.microsoft.com/en-us/azure/application-gateway/tutorial-ingress-controller-add-on-new)<br>* `name` - (Optional) The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster.<br>* `subnet_cidr` - (Optional) The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster.<br>* `subnet_id` - (Optional) The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. | <pre>object({<br>    name        = optional(string)<br>    subnet_cidr = optional(string)<br>    subnet_id   = optional(string)<br>  })</pre> | `null` | no |
-| <a name="input_http_application_routing_enabled"></a> [http\_application\_routing\_enabled](#input\_http\_application\_routing\_enabled) | Enable HTTP Application Routing Addon (forces recreation). | `bool` | `false` | no |
 | <a name="input_http_proxy_config"></a> [http\_proxy\_config](#input\_http\_proxy\_config) | optional(object({<br>    http\_proxy  = (Optional) The proxy address to be used when communicating over HTTP.<br>    https\_proxy = (Optional) The proxy address to be used when communicating over HTTPS.<br>    no\_proxy    = (Optional) The list of domains that will not use the proxy for communication. Note: If you specify the `default_node_pool.0.vnet_subnet_id`, be sure to include the Subnet CIDR in the `no_proxy` list. Note: You may wish to use Terraform's `ignore_changes` functionality to ignore the changes to this field.<br>    trusted\_ca  = (Optional) The base64 encoded alternative CA certificate content in PEM format.<br>}))<br>Once you have set only one of `http_proxy` and `https_proxy`, this config would be used for both `http_proxy` and `https_proxy` to avoid a configuration drift. | <pre>object({<br>    http_proxy  = optional(string)<br>    https_proxy = optional(string)<br>    no_proxy    = optional(list(string))<br>    trusted_ca  = optional(string)<br>  })</pre> | `null` | no |
 | <a name="input_identity_ids"></a> [identity\_ids](#input\_identity\_ids) | (Optional) Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster. | `list(string)` | `null` | no |
 | <a name="input_identity_type"></a> [identity\_type](#input\_identity\_type) | (Optional) The type of identity used for the managed cluster. Conflicts with `client_id` and `client_secret`. Possible values are `SystemAssigned` and `UserAssigned`. If `UserAssigned` is set, an `identity_ids` must be set as well. | `string` | `"SystemAssigned"` | no |
@@ -435,7 +434,6 @@ No modules.
 | <a name="output_generated_cluster_private_ssh_key"></a> [generated\_cluster\_private\_ssh\_key](#output\_generated\_cluster\_private\_ssh\_key) | The cluster will use this generated private key as ssh key when `var.public_ssh_key` is empty or null. Private key data in [PEM (RFC 1421)](https://datatracker.ietf.org/doc/html/rfc1421) format. |
 | <a name="output_generated_cluster_public_ssh_key"></a> [generated\_cluster\_public\_ssh\_key](#output\_generated\_cluster\_public\_ssh\_key) | The cluster will use this generated public key as ssh key when `var.public_ssh_key` is empty or null. The fingerprint of the public key data in OpenSSH MD5 hash format, e.g. `aa:bb:cc:....` Only available if the selected private key format is compatible, similarly to `public_key_openssh` and the [ECDSA P224 limitations](https://registry.terraform.io/providers/hashicorp/tls/latest/docs#limitations). |
 | <a name="output_host"></a> [host](#output\_host) | The `host` in the `azurerm_kubernetes_cluster`'s `kube_config` block. The Kubernetes cluster server host. |
-| <a name="output_http_application_routing_enabled"></a> [http\_application\_routing\_enabled](#output\_http\_application\_routing\_enabled) | The `azurerm_kubernetes_cluster`'s `http_application_routing_enabled` argument. (Optional) Should HTTP Application Routing be enabled? |
 | <a name="output_http_application_routing_zone_name"></a> [http\_application\_routing\_zone\_name](#output\_http\_application\_routing\_zone\_name) | The `azurerm_kubernetes_cluster`'s `http_application_routing_zone_name` argument. The Zone Name of the HTTP Application Routing. |
 | <a name="output_ingress_application_gateway"></a> [ingress\_application\_gateway](#output\_ingress\_application\_gateway) | The `azurerm_kubernetes_cluster`'s `ingress_application_gateway` block. |
 | <a name="output_ingress_application_gateway_enabled"></a> [ingress\_application\_gateway\_enabled](#output\_ingress\_application\_gateway\_enabled) | Has the `azurerm_kubernetes_cluster` turned on `ingress_application_gateway` block? |

diff --git a/examples/application_gateway_ingress/main.tf b/examples/application_gateway_ingress/main.tf
@@ -160,11 +160,10 @@ module "aks" {
       ]
     }
   ]
-  agents_type                      = "VirtualMachineScaleSets"
-  azure_policy_enabled             = true
-  enable_auto_scaling              = true
-  enable_host_encryption           = true
-  http_application_routing_enabled = true
+  agents_type            = "VirtualMachineScaleSets"
+  azure_policy_enabled   = true
+  enable_auto_scaling    = true
+  enable_host_encryption = true
   green_field_application_gateway_for_ingress = var.use_brown_field_application_gateway ? null : {
     name        = "ingress"
     subnet_cidr = local.appgw_cidr

diff --git a/examples/startup/main.tf b/examples/startup/main.tf
@@ -67,10 +67,9 @@ module "aks" {
   confidential_computing = {
     sgx_quote_helper_enabled = true
   }
-  disk_encryption_set_id           = azurerm_disk_encryption_set.des.id
-  enable_auto_scaling              = true
-  enable_host_encryption           = true
-  http_application_routing_enabled = true
+  disk_encryption_set_id = azurerm_disk_encryption_set.des.id
+  enable_auto_scaling    = true
+  enable_host_encryption = true
   green_field_application_gateway_for_ingress = {
     name        = "${random_id.prefix.hex}-agw"
     subnet_cidr = "10.52.1.0/24"

diff --git a/main.tf b/main.tf
@@ -22,7 +22,6 @@ resource "azurerm_kubernetes_cluster" "main" {
   azure_policy_enabled                = var.azure_policy_enabled
   disk_encryption_set_id              = var.disk_encryption_set_id
   dns_prefix                          = var.prefix
-  http_application_routing_enabled    = var.http_application_routing_enabled
   image_cleaner_enabled               = var.image_cleaner_enabled
   image_cleaner_interval_hours        = var.image_cleaner_interval_hours
   kubernetes_version                  = var.kubernetes_version
@@ -520,9 +519,10 @@ resource "azurerm_kubernetes_cluster" "main" {
 
   lifecycle {
     ignore_changes = [
+      http_application_routing_enabled,
+      http_proxy_config[0].no_proxy,
       kubernetes_version,
       public_network_access_enabled,
-      http_proxy_config[0].no_proxy
     ]
 
     precondition {

diff --git a/outputs.tf b/outputs.tf
@@ -130,11 +130,6 @@ output "host" {
   value       = azurerm_kubernetes_cluster.main.kube_config[0].host
 }
 
-output "http_application_routing_enabled" {
-  description = "The `azurerm_kubernetes_cluster`'s `http_application_routing_enabled` argument. (Optional) Should HTTP Application Routing be enabled?"
-  value       = azurerm_kubernetes_cluster.main.http_application_routing_enabled
-}
-
 output "http_application_routing_zone_name" {
   description = "The `azurerm_kubernetes_cluster`'s `http_application_routing_zone_name` argument. The Zone Name of the HTTP Application Routing."
   value       = azurerm_kubernetes_cluster.main.http_application_routing_zone_name != null ? azurerm_kubernetes_cluster.main.http_application_routing_zone_name : ""

diff --git a/variables.tf b/variables.tf
@@ -479,12 +479,6 @@ EOT
   }
 }
 
-variable "http_application_routing_enabled" {
-  type        = bool
-  default     = false
-  description = "Enable HTTP Application Routing Addon (forces recreation)."
-}
-
 variable "http_proxy_config" {
   type = object({
     http_proxy  = optional(string)