func()

in pkg/api/vlabs/validate.go [362:438]

• 68 lines of code
• 31 McCabe index (conditional complexity)

func (a *Properties) validateMasterProfile(isUpdate bool) error {
	m := a.MasterProfile

	if m.Count == 1 && !isUpdate {
		log.Warnf("Running only 1 control plane VM not recommended for production clusters, use 3 or 5 for control plane redundancy")
	}
	if m.IsVirtualMachineScaleSets() && m.VnetSubnetID != "" && m.FirstConsecutiveStaticIP != "" {
		return errors.New("when masterProfile's availabilityProfile is VirtualMachineScaleSets and a vnetSubnetID is specified, the firstConsecutiveStaticIP should be empty and will be determined by an offset from the first IP in the vnetCidr")
	}

	if m.ImageRef != nil {
		if err := m.ImageRef.validateImageNameAndGroup(); err != nil {
			return err
		}
	}

	if m.IsVirtualMachineScaleSets() {
		if !isUpdate {
			log.Warnf("Clusters with a VMSS control plane are not upgradable! You will not be able to upgrade your cluster using `aks-engine-azurestack upgrade`")
		}
		e := validateVMSS(a.OrchestratorProfile, false, m.StorageProfile, a.HasWindows(), a.IsAzureStackCloud())
		if e != nil {
			return e
		}
		if !a.IsClusterAllVirtualMachineScaleSets() {
			return errors.New("VirtualMachineScaleSets for master profile must be used together with virtualMachineScaleSets for agent profiles. Set \"availabilityProfile\" to \"VirtualMachineScaleSets\" for agent profiles")
		}

		if a.OrchestratorProfile.KubernetesConfig != nil && to.Bool(a.OrchestratorProfile.KubernetesConfig.UseManagedIdentity) && a.OrchestratorProfile.KubernetesConfig.UserAssignedID == "" {
			return errors.New("virtualMachineScaleSets for master profile can be used only with user assigned MSI ! Please specify \"userAssignedID\" in \"kubernetesConfig\"")
		}
	}
	if m.SinglePlacementGroup != nil && m.AvailabilityProfile == AvailabilitySet {
		return errors.New("singlePlacementGroup is only supported with VirtualMachineScaleSets")
	}

	if e := validateProximityPlacementGroupID(m.ProximityPlacementGroupID); e != nil {
		return e
	}

	distroValues := DistroValues
	if isUpdate {
		distroValues = append(distroValues, AKSDockerEngine, AKS1604Deprecated, AKS1804Deprecated)
	}
	if !validateDistro(m.Distro, distroValues) {
		switch m.Distro {
		case AKSDockerEngine, AKS1604Deprecated:
			return errors.Errorf("The %s distro is deprecated, please use %s instead", m.Distro, AKSUbuntu1604)
		case AKS1804Deprecated:
			return errors.Errorf("The %s distro is deprecated, please use %s instead", m.Distro, AKSUbuntu1804)
		default:
			return errors.Errorf("The %s distro is not supported", m.Distro)
		}
	}

	if to.Bool(m.AuditDEnabled) {
		if m.Distro != "" && !m.IsUbuntu() {
			return errors.Errorf("auditd was enabled for master vms, but an Ubuntu-based distro was not selected")
		}
	} else {
		if a.FeatureFlags.IsEnforceUbuntuDisaStigEnabled() && m.Distro != "" && m.IsUbuntu() {
			return errors.New("AuditD should be enabled in all Ubuntu-based pools if feature flag 'EnforceUbuntu2004DisaStig' or 'EnforceUbuntu2204DisaStig' is set")
		}
	}

	var validOSDiskCachingType bool
	for _, valid := range cachingTypesValidValues {
		if valid == m.OSDiskCachingType {
			validOSDiskCachingType = true
		}
	}
	if !validOSDiskCachingType {
		return errors.Errorf("Invalid masterProfile osDiskCachingType value \"%s\", please use one of the following versions: %s", m.OSDiskCachingType, cachingTypesValidValues)
	}

	return common.ValidateDNSPrefix(m.DNSPrefix)
}