diff --git a/terraform/azure/projects/utoronto.tfvars b/terraform/azure/projects/utoronto.tfvars index e3c3bb8daa..f7888250e5 100644 --- a/terraform/azure/projects/utoronto.tfvars +++ b/terraform/azure/projects/utoronto.tfvars @@ -1,3 +1,11 @@ +# IMPORTANT: Due to a restrictive network rule from storage.tf, we can't perform +# "terraform plan" or "terraform apply" without a workaround. +# +# One known workaround is to allow your public IP temporarily as +# discussed in https://github.com/2i2c-org/infrastructure/issues/890#issuecomment-1879072422. +# This workaround is problematic as that may temporarily allow access +# to storage by other actors with the same IP. +# tenant_id = "78aac226-2f03-4b4d-9037-b46d56c55210" subscription_id = "ead3521a-d994-4a44-a68d-b16e35642d5b" resourcegroup_name = "2i2c-utoronto-cluster" @@ -16,17 +24,20 @@ node_pools = { { name : "core", - # FIXME: transition to "Standard_E2s_v5" nodes as they are large enough and - # can more cheaply handle being forced to have 2-3 replicas for silly - # reasons like three calico-typha pods. See - # https://github.com/2i2c-org/infrastructure/issues/3592#issuecomment-1883269632. + # FIXME: Transition to "Standard_E2s_v5" nodes as they are large enough to + # for the biggest workload (prometheus-server) and can handle high + # availability requirements better. + # + # We are currently forced to handle three calico-typha pods that + # can't schedule on the same node, see https://github.com/2i2c-org/infrastructure/issues/3592#issuecomment-1883269632. # vm_size : "Standard_E4s_v3", + # core nodes doesn't need much disk space os_disk_size_gb : 40, - # FIXME: stop using persistent disks for the nodes, use the variable default - # "Temporary" instead + # FIXME: Stop using persistent disks for the nodes, use the variable default + # "Temporary" instead by removing this line. kubelet_disk_type : "OS", min : 1,