From e7a5680a83812d565498bb7d623912534ea84d9a Mon Sep 17 00:00:00 2001
From: Jack Francis <jackfrancis@gmail.com>
Date: Tue, 27 Oct 2020 09:34:58 -0700
Subject: [PATCH] fix: ensure flatcar configs use transparent Azure CNI (#3972)

---
 pkg/api/vlabs/validate.go                     |  4 ++
 pkg/api/vlabs/validate_test.go                | 42 +++++++++++++++++++
 .../test_cluster_configs/flatcar/flatcar.json |  5 +--
 3 files changed, 48 insertions(+), 3 deletions(-)

diff --git a/pkg/api/vlabs/validate.go b/pkg/api/vlabs/validate.go
index d986a83ae6..ec37e2d44e 100644
--- a/pkg/api/vlabs/validate.go
+++ b/pkg/api/vlabs/validate.go
@@ -406,6 +406,10 @@ func (a *Properties) ValidateOrchestratorProfile(isUpdate bool) error {
 		}
 	}
 
+	if a.HasFlatcar() && o.KubernetesConfig.NetworkPlugin == "azure" && o.KubernetesConfig.NetworkMode == NetworkModeBridge {
+		return errors.Errorf("Flatcar node pools require 'transparent' networkMode with Azure CNI")
+	}
+
 	if o.OrchestratorType != Kubernetes && o.KubernetesConfig != nil {
 		return errors.Errorf("KubernetesConfig can be specified only when OrchestratorType is Kubernetes")
 	}
diff --git a/pkg/api/vlabs/validate_test.go b/pkg/api/vlabs/validate_test.go
index 99ab984eb9..8d1e89405f 100644
--- a/pkg/api/vlabs/validate_test.go
+++ b/pkg/api/vlabs/validate_test.go
@@ -316,6 +316,48 @@ func Test_OrchestratorProfile_Validate(t *testing.T) {
 			},
 			expectedError: "EtcdStorageLimitGB value of 1 is too small, the minimum allowed is 2",
 		},
+		"should error when using flatcar + Azure CNI + bridge mode": {
+			properties: &Properties{
+				OrchestratorProfile: &OrchestratorProfile{
+					OrchestratorType: "Kubernetes",
+					KubernetesConfig: &KubernetesConfig{
+						NetworkPlugin: "azure",
+						NetworkMode:   NetworkModeBridge,
+					},
+				},
+				AgentPoolProfiles: []*AgentPoolProfile{
+					{
+						Name:   "flatcarpool",
+						Count:  10,
+						Distro: Flatcar,
+					},
+				},
+			},
+			expectedError: "Flatcar node pools require 'transparent' networkMode with Azure CNI",
+		},
+		"should not error when using Azure CNI + bridge mode + ubuntu": {
+			properties: &Properties{
+				OrchestratorProfile: &OrchestratorProfile{
+					OrchestratorType: "Kubernetes",
+					KubernetesConfig: &KubernetesConfig{
+						NetworkPlugin: "azure",
+						NetworkMode:   NetworkModeBridge,
+					},
+				},
+				AgentPoolProfiles: []*AgentPoolProfile{
+					{
+						Name:   "ubuntu1604pool",
+						Count:  10,
+						Distro: AKSUbuntu1604,
+					},
+					{
+						Name:   "ubuntu1804pool",
+						Count:  10,
+						Distro: AKSUbuntu1804,
+					},
+				},
+			},
+		},
 	}
 
 	for testName, test := range tests {
diff --git a/test/e2e/test_cluster_configs/flatcar/flatcar.json b/test/e2e/test_cluster_configs/flatcar/flatcar.json
index 23c2ffd653..94b4050842 100644
--- a/test/e2e/test_cluster_configs/flatcar/flatcar.json
+++ b/test/e2e/test_cluster_configs/flatcar/flatcar.json
@@ -1,13 +1,12 @@
 {
-	"env": {
-		"SKIP_TESTS": "true"
-	},
 	"apiModel": {
 		"apiVersion": "vlabs",
 		"properties": {
 			"orchestratorProfile": {
 				"orchestratorType": "Kubernetes",
 				"kubernetesConfig": {
+					"networkPlugin": "azure",
+					"networkMode": "transparent",
 					"addons": [
 						{
 							"name": "cluster-autoscaler",