AKS Test Scripts

A collection of PowerShell scripts for automated Azure Kubernetes Service (AKS) cluster provisioning, testing, and management with support for both single-stack and dual-stack networking configurations.

Overview

This repository provides automation scripts for:

• Creating and configuring AKS clusters (single-stack and dual-stack)
• Deploying test workloads and services
• Running connectivity tests across different service types
• Managing kube-proxy updates on Windows nodes
• Collecting logs and diagnostics from Windows nodes

Prerequisites

• Azure CLI installed and configured
• kubectl installed
• PowerShell 5.1 or higher
• Active Azure subscription
• Appropriate Azure permissions to create resources

Configuration

All global configuration values are stored in modules/constants.psm1. Update the following variables before running the scripts:

$Global:SUBSCRIPTION_ID        # Your Azure subscription ID
$Global:RG_NAME                # Resource group name
$Global:LOCATION               # Azure region (e.g., westeurope)
$Global:CLUSTER_NAME           # AKS cluster name
$Global:NODE_USER_NAME         # Windows node admin username
$Global:NODE_PASSWORD          # Windows node admin password
$Global:K8S_VERSION            # Kubernetes version
$Global:NODE_POOL_NAME         # Windows node pool name
$Global:NODE_COUNT             # Number of nodes in Windows pool

Main Scripts

Create-Cluster.ps1

Creates a complete AKS cluster with optional dual-stack networking support.

Usage:

# Create a dual-stack cluster (IPv4 + IPv6) - default
.\Create-Cluster.ps1

# Create a single-stack cluster
.\Create-Cluster.ps1 -isSingleStack

What it does:

1. Creates a resource group
2. Creates AKS cluster (single-stack or dual-stack)
3. Adds a Windows node pool
4. Configures kubectl credentials

Run-BasicTests.ps1

Executes comprehensive connectivity tests for Kubernetes services across different types and IP families.

Features:

• Tests ClusterIP, NodePort, and LoadBalancer services
• Validates connectivity from pods, nodes, and external sources
• Supports IPv4, IPv6, and dual-stack configurations
• Policy validation checks
• Generates detailed connectivity logs

Usage:

.\Run-BasicTests.ps1

Create-PodsAndServices.ps1

Deploys test workloads and services to the cluster.

What it deploys:

• Windows HPC DaemonSet (hpc-ds-win22)
• Test deployments
• Various service configurations (ClusterIP, NodePort, LoadBalancer)
• Dual-stack service configurations

Usage:

.\Create-PodsAndServices.ps1

Replace-KubeProxy.ps1

Updates kube-proxy binaries on Windows nodes within HPC pods.

Usage:

.\Replace-KubeProxy.ps1

What it does:

1. Packages the new kube-proxy binary
2. Copies it to all HPC pods
3. Executes replacement script on each pod
4. Verifies file hash after replacement

Get-WindowsLogs.ps1

Collects logs and diagnostics from Windows nodes.

Parameters:

• DstPath (required): Destination path for collected logs

Usage:

.\Get-WindowsLogs.ps1 -DstPath "logs-2026-01-02"

Get-EndpointNetworkMap.ps1

Builds a node-level mapping between IP addresses, HNS endpoint IDs, MAC addresses, VFP port names, and compartment IDs.

Usage:

# Print mapping table
.\Get-EndpointNetworkMap.ps1

# Export CSV
.\Get-EndpointNetworkMap.ps1 -OutputFormat Csv -OutFile endpoint-map.csv

# Export JSON
.\Get-EndpointNetworkMap.ps1 -OutputFormat Json -OutFile endpoint-map.json

Module Scripts

modules/Create-Rg.ps1

Creates the Azure resource group for the AKS cluster.

modules/Create-Cluster-Singlestack.ps1

Creates a single-stack (IPv4) AKS cluster with Azure CNI Overlay.

modules/Create-Cluster-Dualstack.ps1

Creates a dual-stack (IPv4 + IPv6) AKS cluster with Azure CNI Overlay.

modules/Create-Nodepool.ps1

Adds a Windows Server 2022 node pool to the cluster.

Configuration:

• OS: Windows Server 2022
• VM Size: Standard_E8-2as_v5
• Wait time: 5 minutes for node readiness

modules/constants.psm1

Central configuration file containing all global variables used across scripts.

YAML Manifests

The Yamls/ directory contains Kubernetes manifests for testing:

• hpc-ds-win22.yaml: Windows HPC DaemonSet
• dep-test.yaml, dep-test2.yaml: Test deployments
• Svc-IPV4.yaml, Svc-IPV6.yaml: IPv4 and IPv6 services
• Svc-Pref-DUAL-*.yaml: Dual-stack services with IP family preference
• Svc-Req-DUAL-*.yaml: Dual-stack services with IP family requirements
• fix-stale-lb.yaml: LoadBalancer troubleshooting manifest

Typical Workflow

1. Configure: Update modules/constants.psm1 with your settings

2. Create Cluster:

   .\Create-Cluster.ps1  # or with -isSingleStack for single-stack

3. Deploy Workloads:

   .\Create-PodsAndServices.ps1

4. Run Tests:

   .\Run-BasicTests.ps1

5. Collect Logs (if needed):

   .\Get-WindowsLogs.ps1 -DstPath "test-results"

Testing Capabilities

The test suite validates:

• ✅ ClusterIP service connectivity (IPv4, IPv6, dual-stack)
• ✅ NodePort service connectivity
• ✅ LoadBalancer service connectivity
• ✅ Pod-to-service communication
• ✅ Node-to-service communication
• ✅ External-to-service communication
• ✅ Service policy validation
• ✅ Kube-proxy error checking

Notes

• All scripts assume they are run from the repository root directory
• Windows node pool uses the standard_e8-2as_v5 VM size by default
• Cluster uses Azure CNI with Overlay networking mode
• Linux nodes use Azure Linux OS
• Default namespace for tests is demo

Troubleshooting

• Ensure Azure CLI is authenticated: az login
• Verify subscription context: az account show
• Check kubectl context: kubectl config current-context
• Review logs in ConnectivityLogs.txt after running tests
• Use Get-WindowsLogs.ps1 to collect detailed diagnostics from nodes

License

Internal testing scripts - not for public distribution.