Add lb ext outbound option (#115)

* fix aks check

* add ext lb outbound option

AzureBasicLoadBalancerUpgrade/README.md

@@ -24,7 +24,7 @@ The PowerShell module performs the following functions:
 - Logs the upgrade operation for easy audit and failure recovery.
 
 >[!WARNING]
-> Migrating _internal_ Basic Load Balancers where the backend VMs or VMSS instances do not have Public IP Addresses assigned requires additional action post-migration to enable backend pool members to connect to the internet. The recommended approach is to create a NAT Gateway and assign it to the backend pool members' subnet (see: [**Integrate NAT Gateway with Internal Load Balancer**](https://learn.microsoft.com/azure/virtual-network/nat-gateway/tutorial-nat-gateway-load-balancer-internal-portal)). Alternatively, Public IP Addresses can be allocated to each Virtual Machine Scale Set or Virtual Machine instance by adding a Public IP Configuration to the Network Profile (see: [**VMSS Public IPv4 Address Per Virtual Machine**](https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-networking)) for Virtual Machine Scale Sets or [**Associate a Public IP address with a Virtual Machine**](https://learn.microsoft.com/azure/virtual-network/ip-services/associate-public-ip-address-vm) for Virtual Machines. 
+> Migrating _internal_ Basic Load Balancers where the backend VMs or VMSS instances do not have Public IP Addresses requires additional steps for backend connectivity to the internet. The recommended approach is to [create a NAT Gateway and assign it to the backend pool members' subnet](https://learn.microsoft.com/azure/virtual-network/nat-gateway/tutorial-nat-gateway-load-balancer-internal-portal), however this can only be implemented after all Basic SKU network resources in the subnet have been upgraded. As an interim solution, add a secondary external Basic Load Balancer with no inbound rules or allocate Public IP Addresses to [**each Virtual Machine Scale Set instance**](https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-networking) or [**Virtual Machine**](https://learn.microsoft.com/azure/virtual-network/ip-services/associate-public-ip-address-vm).
 
 >[!NOTE]
 > If the Virtual Machine Scale Set in the Load Balancer backend pool has Public IP Addresses in its network configuration, the Public IP Addresses associated with each Virtual Machine Scale Set instance will change when they are upgraded to Standard SKU. This is because scale set instance-level Public IP addresses cannot be upgraded, only replaced with a new Standard SKU Public IP. All other Public IP addresses will be retained through the migration. 

AzureBasicLoadBalancerUpgrade/module/AzureBasicLoadBalancerUpgrade/AzureBasicLoadBalancerUpgrade.psd1

@@ -12,7 +12,7 @@
     RootModule = 'AzureBasicLoadBalancerUpgrade'
 
     # Version number of this module.
-    ModuleVersion = '2.4.7'
+    ModuleVersion = '2.4.8'
 
     # Supported PSEditions
     # CompatiblePSEditions = @()
@@ -107,7 +107,7 @@
             # IconUri = ''
 
             # ReleaseNotes of this module
-            ReleaseNotes = 'Block AKS upgrades; prompt for downtime; version check; [fixed error in AKS check]'
+            ReleaseNotes = 'Add secondary external LB outbound option'
 
             # Prerelease string of this module
             # Prerelease = ''

AzureBasicLoadBalancerUpgrade/module/AzureBasicLoadBalancerUpgrade/modules/ValidateScenario/ValidateScenario.psm1

@@ -310,10 +310,10 @@ Function Test-SupportedMigrationScenario {
             }
 
             If (!$vmssVMsHavePublicIPs -and $scenario.ExternalOrInternal -eq 'Internal') {
-                $message = "[Test-SupportedMigrationScenario] Internal load balancer backend VMs do not have Public IPs and will not have outbound internet connectivity after migration to a Standard LB. VMSS: '$($vmss.Name)'"
+                $message = "[Test-SupportedMigrationScenario] Internal load balancer backend VMSS instances do not have Public IPs and will not have outbound internet connectivity after migration to a Standard LB. VMSS: '$($vmss.Name)'"
                 log -Message $message -Severity 'Warning'
 
-                Write-Host "In order for your VMSS instances to access the internet, you'll need to take additional action post-migration. Either add Public IPs to each VMSS instance (see: https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-networking#public-ipv4-per-virtual-machine) or assign a NAT Gateway to the VMSS instances' subnet (see: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access)." -ForegroundColor Yellow
+                Write-Host "In order for your VMSS instances to access the internet, you'll need to take additional action before or after migration. To address this pre-migration, either add a secondary external Basic SKU Load Balancer with no inbound rules to your VMSS or add Public IPs to each VMSS instance (see:https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-networking#public-ipv4-per-virtual-machine). Post-migration, a NAT Gateway can be added to the VMSSS' subnet (see: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access)--if an interim external Load Balancer or instance-level public IP addresses were added pre-migration they can be removed once the NAT Gateway is deployed." -ForegroundColor Yellow
                 If (!$force.IsPresent) {
                     $response = $null
                     while ($response -ne 'y' -and $response -ne 'n') {
@@ -323,6 +323,9 @@ Function Test-SupportedMigrationScenario {
                         $message = "[Test-SupportedMigrationScenario] User chose to exit the module"
                         log -Message $message -Severity 'Error' -terminateOnError
                     }
+                    Else {
+                        log -Message "[Test-SupportedMigrationScenario] User chose to continue with validation or migration"
+                    }
                 }
                 Else {
                     $message = "[Test-SupportedMigrationScenario] -Force or -ValidateOnly parameter was used, so continuing with migration validation"
@@ -498,7 +501,7 @@ Function Test-SupportedMigrationScenario {
             $message = "[Test-SupportedMigrationScenario] Internal load balancer backend VMs do not have Public IPs and will not have outbound internet connectivity after migration to a Standard LB."
             log -Message $message -Severity 'Warning'
 
-            Write-Host "In order for your VMs to access the internet, you'll need to take additional action before or after migration. Either add Public IPs to each VM, assign a NAT Gateway to the VM subnet, or route internet traffic through an NVA (see: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access)." -ForegroundColor Yellow
+            Write-Host "In order for your VMs to access the internet, you'll need to take additional action before or after migration. To address this pre-migration, either add a secondary external Basic SKU Load Balancer with no inbound rules to your backend VMs or add Public IPs to each VM. Post-migration, a NAT Gateway can be added to the VMs' subnet (see: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access)--if an interim external Load Balancer or instance-level public IP addresses were added pre-migration they can be removed once the NAT Gateway is deployed." -ForegroundColor Yellow
             If (!$force.IsPresent) {
                 $response = $null
                 while ($response -ne 'y' -and $response -ne 'n') {
@@ -508,6 +511,9 @@ Function Test-SupportedMigrationScenario {
                     $message = "[Test-SupportedMigrationScenario] User chose to exit the module"
                     log -Message $message -Severity 'Error' -terminateOnError
                 }
+                Else {
+                    log -Message "[Test-SupportedMigrationScenario] User chose to continue with validation or migration"
+                }
             }
             Else {
                 $message = "[Test-SupportedMigrationScenario] -Force or -ValidateMigration parameter was used, so continuing with migration validation"