Skip to content

ggolub/terraform-azurerm-kubernetes

BranchesTags
 
 

Repository files navigation

Azure - Kubernetes Module

Introduction

This module will create a managed Kubernetes cluster using Azure Kubernetes Service.

Providers

Name Version
azuread n/a
azurerm >= 2.0.0

Inputs

Name Description Type Default Required
aks_managed_vnet use AKS managed vnet/subnet (false requires default_node_pool_subnet and node_pool_subnets is specified) bool true no
configure_sp_subnet_role Add Network Contributor role for service principal on input subnets. bool true no
configure_subnet_nsg_rules Configure required AKS NSG rules on input subnets. bool true no
default_node_pool_availability_zones default node pool availability zones list(number) 
[
  1,
  2,
  3
]
 no
default_node_pool_enable_auto_scaling enable default node pool auto scaling bool true no
default_node_pool_name default node pool name string "default" no
default_node_pool_node_count default node pool node count number 1 no
default_node_pool_node_max_count enable default node pool auto scaling (only valid with auto scaling) number 5 no
default_node_pool_node_min_count enable default node pool auto scaling (only valid for auto scaling) number 1 no
default_node_pool_subnet name of key from node_pool_subnets map to use for default node pool string "" no
default_node_pool_vm_size default node pool VM size string "Standard_D2s_v3" no
enable_aad_pod_identity enable Azure AD pod identity enable kubernetes dashboard bool true no
enable_kube_dashboard enable kubernetes dashboard bool true no
enable_windows_node_pools configure profile for windows node pools (requires windows_profile_admin_username/password) bool false no
kubernetes_version kubernetes version string n/a yes
location Azure region string n/a yes
names names to be applied to resources map(string) n/a yes
network_plugin network plugin to use for networking (azure or kubenet) string "kubenet" no
node_pool_subnets default node pool vnet subnet info 
map(object({
                  id                  = string
                  resource_group_name = string
                  security_group_name = string
                }))
 {} no
resource_group_name Resource group name string n/a yes
service_principal_id Azure Service Principal ID string "" no
service_principal_name Azure Service Principal Name string "" no
service_principal_secret Azure Service Principal Secret string "" no
subnet_nsg_rule_priority_start Starting point for NSG rulee priorities. number 1000 no
tags tags to be applied to resources map(string) n/a yes
use_service_principal use service principal (false will use SystemAssigned identity) bool false no
windows_profile_admin_password windows profile admin password string "" no
windows_profile_admin_username windows profile admin username string "aks-windows-admin" no

Outputs

Name Description
client_certificate kubernetes client certificate
client_key kubernetes client key
cluster_ca_certificate kubernetes cluster ca certificate
effective_outbound_ips_ids The outcome (resource IDs) of the specified arguments.
fqdn kubernetes managed cluster fqdn
host kubernetes host
id kubernetes managed cluster id
kube_config_raw raw kubernetes config to be used by kubectl and other compatible tools
name kubernetes managed cluster name
node_resource_group auto-generated resource group which contains the resources for this managed kubernetes cluster
password kubernetes password
principal_id id of the principal used by this managed kubernetes cluster
username kubernetes username

Example

provider "azurerm" {
  version = ">=2.0.0"
  features {}
  subscription_id = "00000-0000-0000-0000-0000000"
}

# Subscription
module "subscription" {
  source = "[email protected]:Azure-Terraform/terraform-azurerm-subscription-data.git?ref=v1.0.0"
}

# Metadata
module "metadata" {
  source = "[email protected]:Azure-Terraform/terraform-azurerm-metadata.git?ref=v1.0.0"

  subscription_id     = module.subscription.output.subscription_id
  # These values should be taken from https://github.com/openrba/python-azure-naming
  business_unit       = "rba.businessUnit"
  cost_center         = "rba.costCenter"
  environment         = "rba.environment"
  location            = "rba.azureRegion"
  market              = "rba.market"
  product_name        = "rba.productName"
  product_group       = "rba.productGroup"
  project             = "project-url"
  sre_team            = "team-name"
  subscription_type   = "rba.subscriptionType"
  resource_group_type = "rba.resourceGroupType"

  additional_tags = {
    "example" = "an additional tag"
  }
}

# Resource group
module "resource_group" {
  source = "[email protected]:Azure-Terraform/terraform-azurerm-resource-group.git?ref=v1.0.0"

  location = module.metadata.location
  tags     = module.metadata.tags
  name     = module.metadata.names
}

# AKS
## This will create a managed kubernetes cluster
module "aks" {
  source = "[email protected]:Azure-Terraform/terraform-azurerm-kubernetes.git"

  service_principal_id     = var.service_principal_id
  service_principal_secret = var.service_principal_secret
  service_principal_name   = "service-principal-name"

  resource_group_name = module.resource_group.name
  location            = module.resource_group.location

  names = module.metadata.names
  tags  = module.metadata.tags

  kubernetes_version = "1.16.7"

  default_node_pool_name                = "default"
  default_node_pool_vm_size             = "Standard_D2s_v3"
  default_node_pool_enable_auto_scaling = true
  default_node_pool_node_min_count      = 1
  default_node_pool_node_max_count      = 5
  default_node_pool_availability_zones  = [1,2,3]

  enable_kube_dashboard = true
  
}

resource "azurerm_kubernetes_cluster_node_pool" "gpu" {
  name                  = "gpu"
  kubernetes_cluster_id = module.aks.id
  vm_size               = "Standard_NC6s_v3"
  availability_zones    = [1,2,3]

  enable_auto_scaling = true
  node_count          = 1
  min_count           = 1
  max_count           = 5

  tags = module.metadata.tags
}

# Helm
provider "helm" {
  alias = "aks"
  kubernetes {
    host                   = module.aks.host
    client_certificate     = base64decode(module.aks.client_certificate)
    client_key             = base64decode(module.aks.client_key)
    cluster_ca_certificate = base64decode(module.aks.cluster_ca_certificate)
  }
}

module "aad-pod-identity" {
  source = "[email protected]:Azure-Terraform/terraform-azurerm-kubernetes.git/aad-pod-identity"
  
  providers = {
    helm = helm.aks
  }

  resource_group_name    = module.resource_group.name
  service_principal_name = "service-principal-name"

  aad_pod_identity_version = "1.6.0"
}

About

Terraform Azure Kubernetes Module

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

13 tags

Packages

No packages published

Languages

  • HCL 100.0%