Skip to content

[AKS] az aks create/update: Add --enable-container-network-logs parameter #32700

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
carlotaarvela wants to merge 3 commits into
base: dev
Choose a base branch
from
Open

[AKS] az aks create/update: Add --enable-container-network-logs parameter #32700

carlotaarvela wants to merge 3 commits into from

Conversation

@carlotaarvela
Copy link

@carlotaarvela carlotaarvela commented Jan 26, 2026
edited
Loading

Related command
az aks create
az aks update

Description
Add support for enabling and disabling Container Network Logs on AKS clusters with Advanced Container Networking Services (ACNS).

New parameters:

  • az aks create --enable-container-network-logs: Enable container network logs during cluster creation
  • az aks update --enable-container-network-logs: Enable container network logs on an existing cluster
  • az aks update --disable-container-network-logs: Disable container network logs on an existing cluster

Container Network Logs requires ACNS enabled, monitoring addon enabled, and cilium network dataplane. When enabled, High Log Scale Mode is automatically enabled if not explicitly disabled.

Testing Guide

# Create cluster with container network logs enabled
az aks create -g myRG -n myCluster --network-plugin azure --network-plugin-mode overlay \
  --network-dataplane cilium --enable-acns --enable-addons monitoring --enable-container-network-logs

# Enable on existing cluster
az aks update -g myRG -n myCluster --enable-container-network-logs

# Disable on existing cluster
az aks update -g myRG -n myCluster --disable-container-network-logs

History Notes

[AKS] az aks create: Add --enable-container-network-logs parameter to enable container network logs
[AKS] az aks update: Add --enable-container-network-logs and --disable-container-network-logs parameters

This checklist is used to make sure that common guidelines for a pull request are followed.

Copilot AI review requested due to automatic review settings January 26, 2026 20:13
@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Jan 26, 2026
edited
Loading

️✔️AzureCLI-FullTest
️✔️acr
️✔️latest
️✔️3.12
️✔️3.13
️✔️acs
️✔️latest
️✔️3.12
️✔️3.13
️✔️advisor
️✔️latest
️✔️3.12
️✔️3.13
️✔️ams
️✔️latest
️✔️3.12
️✔️3.13
️✔️apim
️✔️latest
️✔️3.12
️✔️3.13
️✔️appconfig
️✔️latest
️✔️3.12
️✔️3.13
️✔️appservice
️✔️latest
️✔️3.12
️✔️3.13
️✔️aro
️✔️latest
️✔️3.12
️✔️3.13
️✔️backup
️✔️latest
️✔️3.12
️✔️3.13
️✔️batch
️✔️latest
️✔️3.12
️✔️3.13
️✔️batchai
️✔️latest
️✔️3.12
️✔️3.13
️✔️billing
️✔️latest
️✔️3.12
️✔️3.13
️✔️botservice
️✔️latest
️✔️3.12
️✔️3.13
️✔️cdn
️✔️latest
️✔️3.12
️✔️3.13
️✔️cloud
️✔️latest
️✔️3.12
️✔️3.13
️✔️cognitiveservices
️✔️latest
️✔️3.12
️✔️3.13
️✔️compute_recommender
️✔️latest
️✔️3.12
️✔️3.13
️✔️computefleet
️✔️latest
️✔️3.12
️✔️3.13
️✔️config
️✔️latest
️✔️3.12
️✔️3.13
️✔️configure
️✔️latest
️✔️3.12
️✔️3.13
️✔️consumption
️✔️latest
️✔️3.12
️✔️3.13
️✔️container
️✔️latest
️✔️3.12
️✔️3.13
️✔️containerapp
️✔️latest
️✔️3.12
️✔️3.13
️✔️core
️✔️latest
️✔️3.12
️✔️3.13
️✔️cosmosdb
️✔️latest
️✔️3.12
️✔️3.13
️✔️databoxedge
️✔️latest
️✔️3.12
️✔️3.13
️✔️dls
️✔️latest
️✔️3.12
️✔️3.13
️✔️dms
️✔️latest
️✔️3.12
️✔️3.13
️✔️eventgrid
️✔️latest
️✔️3.12
️✔️3.13
️✔️eventhubs
️✔️latest
️✔️3.12
️✔️3.13
️✔️feedback
️✔️latest
️✔️3.12
️✔️3.13
️✔️find
️✔️latest
️✔️3.12
️✔️3.13
️✔️hdinsight
️✔️latest
️✔️3.12
️✔️3.13
️✔️identity
️✔️latest
️✔️3.12
️✔️3.13
️✔️iot
️✔️latest
️✔️3.12
️✔️3.13
️✔️keyvault
️✔️latest
️✔️3.12
️✔️3.13
️✔️lab
️✔️latest
️✔️3.12
️✔️3.13
️✔️managedservices
️✔️latest
️✔️3.12
️✔️3.13
️✔️maps
️✔️latest
️✔️3.12
️✔️3.13
️✔️marketplaceordering
️✔️latest
️✔️3.12
️✔️3.13
️✔️monitor
️✔️latest
️✔️3.12
️✔️3.13
️✔️mysql
️✔️latest
️✔️3.12
️✔️3.13
️✔️netappfiles
️✔️latest
️✔️3.12
️✔️3.13
️✔️network
️✔️latest
️✔️3.12
️✔️3.13
️✔️policyinsights
️✔️latest
️✔️3.12
️✔️3.13
️✔️postgresql
️✔️latest
️✔️3.12
️✔️3.13
️✔️privatedns
️✔️latest
️✔️3.12
️✔️3.13
️✔️profile
️✔️latest
️✔️3.12
️✔️3.13
️✔️rdbms
️✔️latest
️✔️3.12
️✔️3.13
️✔️redis
️✔️latest
️✔️3.12
️✔️3.13
️✔️relay
️✔️latest
️✔️3.12
️✔️3.13
️✔️resource
️✔️latest
️✔️3.12
️✔️3.13
️✔️role
️✔️latest
️✔️3.12
️✔️3.13
️✔️search
️✔️latest
️✔️3.12
️✔️3.13
️✔️security
️✔️latest
️✔️3.12
️✔️3.13
️✔️servicebus
️✔️latest
️✔️3.12
️✔️3.13
️✔️serviceconnector
️✔️latest
️✔️3.12
️✔️3.13
️✔️servicefabric
️✔️latest
️✔️3.12
️✔️3.13
️✔️signalr
️✔️latest
️✔️3.12
️✔️3.13
️✔️sql
️✔️latest
️✔️3.12
️✔️3.13
️✔️sqlvm
️✔️latest
️✔️3.12
️✔️3.13
️✔️storage
️✔️latest
️✔️3.12
️✔️3.13
️✔️synapse
️✔️latest
️✔️3.12
️✔️3.13
️✔️telemetry
️✔️latest
️✔️3.12
️✔️3.13
️✔️util
️✔️latest
️✔️3.12
️✔️3.13
️✔️vm
️✔️latest
️✔️3.12
️✔️3.13

@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Jan 26, 2026

Hi @carlotaarvela,
Since the current milestone time is less than 7 days, this pr will be reviewed in the next milestone.

@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Jan 26, 2026
edited
Loading

⚠️AzureCLI-BreakingChangeTest
⚠️acs
rule cmd_name rule_message suggest_message
⚠️ 1006 - ParaAdd aks create cmd aks create added parameter enable_container_network_logs
⚠️ 1006 - ParaAdd aks update cmd aks update added parameter disable_container_network_logs
⚠️ 1006 - ParaAdd aks update cmd aks update added parameter enable_container_network_logs

@yonzhan
Copy link
Collaborator

yonzhan commented Jan 26, 2026

Thank you for your contribution! We will review the pull request and get back to you soon.

@github-actions
Copy link

github-actions bot commented Jan 26, 2026

The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR.

Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions).
After that please run the following commands to enable git hooks:

pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>

@microsoft-github-policy-service microsoft-github-policy-service bot added the Auto-Assign Auto assign by bot label Jan 26, 2026
@microsoft-github-policy-service microsoft-github-policy-service bot added the AKS az aks/acs/openshift label Jan 26, 2026
Copilot AI reviewed Jan 26, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds support for enabling and disabling Container Network Logs on AKS clusters with Advanced Container Networking Services (ACNS). The feature requires ACNS, monitoring addon, and Cilium network dataplane.

Changes:

  • Added --enable-container-network-logs parameter for az aks create and az aks update
  • Added --disable-container-network-logs parameter for az aks update
  • Automatically enables High Log Scale Mode when container network logs are enabled
  • Added validation to ensure prerequisites (ACNS and monitoring addon) are met

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
_params.py Added parameter definitions for enable/disable container network logs flags
_help.py Added help text for the new parameters and updated high log scale mode description
custom.py Added parameters to aks_create, aks_update, and aks_enable_addons functions; changed enable_syslog and enable_high_log_scale_mode defaults from False to None
managed_cluster_decorator.py Implemented get_container_network_logs() method with validation, modified get_enable_high_log_scale_mode() to auto-enable when CNL is enabled, added update_monitoring_profile_flow_logs() method
addonconfiguration.py Added Microsoft-ContainerNetworkLogs to ContainerInsightsStreams list
test_managed_cluster_decorator.py Added comprehensive unit tests for various container network logs scenarios
test_aks_commands.py Added integration test for creating cluster with container network logs enabled
linter_exclusions.yml Added exclusions for the long parameter names

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@FumingZhang
Copy link
Member

FumingZhang commented Jan 27, 2026

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Jan 27, 2026

Azure Pipelines successfully started running 3 pipeline(s).

FumingZhang
FumingZhang reviewed Jan 27, 2026
View reviewed changes
Copy link
Member

@FumingZhang FumingZhang left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Queued live test to validate the change, test passed!

  • test_aks_create_acns_with_flow_logs (failed due to preview feature flag)
  • test_aks_create_with_monitoring_aad_auth_msi_with_syslog
  • test_aks_create_with_monitoring_aad_auth_uai_with_syslog
  • test_aks_enable_monitoring_with_aad_auth_msi_with_syslog
  • test_aks_enable_monitoring_with_aad_auth_uai_with_syslog
  • test_aks_create_with_monitoring_aad_auth_msi_with_datacollectionsettings_and_otheraddon
  • test_aks_create_with_monitoring_aad_auth_with_highlogscale
  • test_aks_create_with_private_cluster_with_monitoring_aad_auth_msi_with_ampls_with_highlogscale

@carlotaarvela carlotaarvela changed the title [AKS] az aks create/update: Add --enable-container-network-logs parameter [AKS] az aks create/update: Add --enable-container-network-logs parameter Jan 27, 2026
@carlotaarvela carlotaarvela force-pushed the feature/container-network-logs branch from bf12a24 to 7254c48 Compare January 27, 2026 11:38
@FumingZhang
Copy link
Member

FumingZhang commented Jan 28, 2026

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Jan 28, 2026

Azure Pipelines successfully started running 3 pipeline(s).

@FumingZhang
Copy link
Member

FumingZhang commented Jan 28, 2026

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Jan 28, 2026

Azure Pipelines successfully started running 3 pipeline(s).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@FumingZhang FumingZhang FumingZhang approved these changes

@zhoxing-ms zhoxing-ms Awaiting requested review from zhoxing-ms zhoxing-ms is a code owner

@jsntcy jsntcy Awaiting requested review from jsntcy jsntcy is a code owner

@yanzhudd yanzhudd Awaiting requested review from yanzhudd yanzhudd is a code owner

@yonzhan yonzhan Awaiting requested review from yonzhan

@kairu-ms kairu-ms Awaiting requested review from kairu-ms

+1 more reviewer

@snguyen64 snguyen64 snguyen64 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@zhoxing-ms zhoxing-ms

@yanzhudd yanzhudd

Labels

AKS az aks/acs/openshift Auto-Assign Auto assign by bot

Projects

None yet

Milestone

March 2026 (2026-03-03)

Development

Successfully merging this pull request may close these issues.

6 participants

@carlotaarvela @yonzhan @FumingZhang @snguyen64 @zhoxing-ms @yanzhudd