diff --git a/quickstart/101-attestation-provider/main.tf b/quickstart/101-attestation-provider/main.tf index 36091ab7..fc2fd724 100644 --- a/quickstart/101-attestation-provider/main.tf +++ b/quickstart/101-attestation-provider/main.tf @@ -3,14 +3,13 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location + name = random_pet.rg_name.id } resource "azurerm_attestation_provider" "corp_attestation" { - name = var.attestation_provider_name - resource_group_name = azurerm_resource_group.rg.name - location = azurerm_resource_group.rg.location - + location = azurerm_resource_group.rg.location + name = var.attestation_provider_name + resource_group_name = azurerm_resource_group.rg.name policy_signing_certificate_data = file(var.policy_file) } \ No newline at end of file diff --git a/quickstart/101-attestation-provider/outputs.tf b/quickstart/101-attestation-provider/outputs.tf index 62816bd7..c765da63 100644 --- a/quickstart/101-attestation-provider/outputs.tf +++ b/quickstart/101-attestation-provider/outputs.tf @@ -1,3 +1,3 @@ output "resource_group_name" { value = azurerm_resource_group.rg.name -} +} \ No newline at end of file diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index 6bd52554..5343d826 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -6,9 +6,13 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/101-attestation-provider/variables.tf b/quickstart/101-attestation-provider/variables.tf index 7c14fc2b..d10d70d2 100644 --- a/quickstart/101-attestation-provider/variables.tf +++ b/quickstart/101-attestation-provider/variables.tf @@ -1,6 +1,9 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +variable "attestation_provider_name" { + default = "attestationprovider007" +} + +variable "policy_file" { + default = "~/.certs/cert.pem" } variable "resource_group_location" { @@ -8,10 +11,7 @@ variable "resource_group_location" { description = "Location of the resource group." } -variable "policy_file" { - default = "~/.certs/cert.pem" -} - -variable "attestation_provider_name" { - default = "attestationprovider007" +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." } \ No newline at end of file diff --git a/quickstart/101-resource-group/main.tf b/quickstart/101-resource-group/main.tf index b312f1af..ab4f9a5e 100644 --- a/quickstart/101-resource-group/main.tf +++ b/quickstart/101-resource-group/main.tf @@ -3,6 +3,6 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location -} + name = random_pet.rg_name.id +} \ No newline at end of file diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index 6bd52554..5343d826 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -6,9 +6,13 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/101-resource-group/variables.tf b/quickstart/101-resource-group/variables.tf index 19f4680c..e8396125 100644 --- a/quickstart/101-resource-group/variables.tf +++ b/quickstart/101-resource-group/variables.tf @@ -1,9 +1,9 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." -} - variable "resource_group_location" { default = "eastus" description = "Location of the resource group." } + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf new file mode 100644 index 00000000..0069ac6f --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -0,0 +1,65 @@ +# Generate random resource group name +resource "random_pet" "rg_name" { + prefix = var.resource_group_name_prefix +} + +resource "azurerm_resource_group" "rg" { + location = var.resource_group_location + name = random_pet.rg_name.id +} + +resource "random_id" "log_analytics_workspace_name_suffix" { + byte_length = 8 +} + +resource "azurerm_log_analytics_workspace" "test" { + location = var.log_analytics_workspace_location + # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant. + name = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}" + resource_group_name = azurerm_resource_group.rg.name + sku = var.log_analytics_workspace_sku +} + +resource "azurerm_log_analytics_solution" "test" { + location = azurerm_log_analytics_workspace.test.location + resource_group_name = azurerm_resource_group.rg.name + solution_name = "ContainerInsights" + workspace_name = azurerm_log_analytics_workspace.test.name + workspace_resource_id = azurerm_log_analytics_workspace.test.id + + plan { + product = "OMSGallery/ContainerInsights" + publisher = "Microsoft" + } +} + +resource "azurerm_kubernetes_cluster" "k8s" { + location = azurerm_resource_group.rg.location + name = var.cluster_name + resource_group_name = azurerm_resource_group.rg.name + dns_prefix = var.dns_prefix + tags = { + Environment = "Development" + } + + default_node_pool { + name = "agentpool" + vm_size = "Standard_D2_v2" + node_count = var.agent_count + } + linux_profile { + admin_username = "ubuntu" + + ssh_key { + key_data = file(var.ssh_public_key) + } + } + network_profile { + network_plugin = "kubenet" + load_balancer_sku = "standard" + } + service_principal { + client_id = var.aks_service_principal_app_id + client_secret = var.aks_service_principal_client_secret + } +} diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf new file mode 100644 index 00000000..b41d7ae1 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -0,0 +1,38 @@ +output "client_certificate" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate + sensitive = true +} + +output "client_key" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_key + sensitive = true +} + +output "cluster_ca_certificate" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].cluster_ca_certificate + sensitive = true +} + +output "cluster_password" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].password + sensitive = true +} + +output "cluster_username" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].username + sensitive = true +} + +output "host" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].host + sensitive = true +} + +output "kube_config" { + value = azurerm_kubernetes_cluster.k8s.kube_config_raw + sensitive = true +} + +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf new file mode 100644 index 00000000..74dc62e1 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -0,0 +1,18 @@ +terraform { + required_version = ">=1.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>3.0" + } + random = { + source = "hashicorp/random" + version = "~>3.0" + } + } +} + +provider "azurerm" { + features {} +} diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md new file mode 100644 index 00000000..e56453ce --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md @@ -0,0 +1,33 @@ +# Kubernetes cluster with Azure Kubernetes Service (AKS) + +This template provisions an [AKS / Azure Kubernetes service (also known as a Managed Kubernetes Cluster)](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster). + +## Terraform resource types + +- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) +- [random_string](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) +- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) +- [azurerm_log_analytics_workspace](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) +- [azurerm_log_analytics_solution](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_solution) +- [azurerm_kubernetes_cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster) + +## Variables + +| Name | Description | Default | +|-|-|-| +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | +| `agent_count` | Initial number of nodes which should exist in this Node Pool. Value must be between 1 and 1000. | 3 | +| `ssh_public_key` | File containing the an ssh_key block. | ~/.ssh/id_rsa.pub | +| `dns_prefix` | DNS prefix specified when creating the managed cluster. | k8stest | +| `cluster_name` | Name of the Managed Kubernetes Cluster to create. | k8stest | +| `log_analytics_workspace_name` | Prefix of the name of the Log Analytics Workspace. Random value is appended to ensure uniqueness across Azure. | testLogAnalyticsWorkspaceName | +| `log_analytics_workspace_location` | Azure location where the resource exists. | eastus | +| `log_analytics_workspace_sku` | SKU of the Log Analytics Workspace. | PerGB2018 | +| `aks_service_principal_app_id` | Service principal app ID. | | +| `aks_service_principal_client_secret` | Service principal password. | | +| `aks_service_principal_object_id` | Service principal object ID. | | + +## Example + +To see how to run this example, see [Create a Kubernetes cluster with Azure Kubernetes Service using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-k8s-cluster-with-tf-and-aks). diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars new file mode 100644 index 00000000..866eb921 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars @@ -0,0 +1,2 @@ +aks_service_principal_app_id = "" +aks_service_principal_client_secret = "" \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf new file mode 100644 index 00000000..c90da17d --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -0,0 +1,49 @@ +variable "agent_count" { + default = 3 +} + +# The following two variable declarations are placeholder references. +# Set the values for these variable in terraform.tfvars +variable "aks_service_principal_app_id" { + default = "" +} + +variable "aks_service_principal_client_secret" { + default = "" +} + +variable "cluster_name" { + default = "k8stest" +} + +variable "dns_prefix" { + default = "k8stest" +} + +# Refer to https://azure.microsoft.com/global-infrastructure/services/?products=monitor for available Log Analytics regions. +variable "log_analytics_workspace_location" { + default = "eastus" +} + +variable "log_analytics_workspace_name" { + default = "testLogAnalyticsWorkspaceName" +} + +# Refer to https://azure.microsoft.com/pricing/details/monitor/ for Log Analytics pricing +variable "log_analytics_workspace_sku" { + default = "PerGB2018" +} + +variable "resource_group_location" { + default = "eastus" + description = "Location of the resource group." +} + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} + +variable "ssh_public_key" { + default = "~/.ssh/id_rsa.pub" +} diff --git a/quickstart/201-mysql-fs-db/main.tf b/quickstart/201-mysql-fs-db/main.tf index feab9787..6d6a1238 100644 --- a/quickstart/201-mysql-fs-db/main.tf +++ b/quickstart/201-mysql-fs-db/main.tf @@ -1,53 +1,57 @@ -// Generate random value for the Resource Group name +# Generate random resource group name resource "random_pet" "rg_name" { - prefix = var.name_prefix + prefix = var.resource_group_name_prefix } -// Generate random value for the name +resource "azurerm_resource_group" "rg" { + location = var.resource_group_location + name = random_pet.rg_name.id +} + +# Generate random value for the name resource "random_string" "name" { length = 8 - upper = false lower = true + numeric = false special = false + upper = false } -// Generate random value for the login password +# Generate random value for the login password resource "random_password" "password" { length = 8 - upper = true lower = true - special = true + min_lower = 1 + min_numeric = 1 + min_special = 1 + min_upper = 1 + numeric = true override_special = "_" + special = true + upper = true } -// Manages the Resource Group where the resource exists -resource "azurerm_resource_group" "default" { - name = "mysqlfsRG-${random_pet.rg_name.id}" - location = var.location -} - -// Manages the Virtual Network +# Manages the Virtual Network resource "azurerm_virtual_network" "default" { - name = "vnet-${random_string.name.result}" - location = azurerm_resource_group.default.location - resource_group_name = azurerm_resource_group.default.name address_space = ["10.0.0.0/16"] + location = azurerm_resource_group.rg.location + name = "vnet-${random_string.name.result}" + resource_group_name = azurerm_resource_group.rg.name } -// Manages the Subnet +# Manages the Subnet resource "azurerm_subnet" "default" { - name = "subnet-${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name - virtual_network_name = azurerm_virtual_network.default.name address_prefixes = ["10.0.2.0/24"] + name = "subnet-${random_string.name.result}" + resource_group_name = azurerm_resource_group.rg.name + virtual_network_name = azurerm_virtual_network.default.name service_endpoints = ["Microsoft.Storage"] delegation { name = "fs" service_delegation { - name = "Microsoft.DBforMySQL/flexibleServers" - + name = "Microsoft.DBforMySQL/flexibleServers" actions = [ "Microsoft.Network/virtualNetworks/subnets/join/action", ] @@ -55,51 +59,48 @@ resource "azurerm_subnet" "default" { } } -// Enables you to manage Private DNS zones within Azure DNS +# Enables you to manage Private DNS zones within Azure DNS resource "azurerm_private_dns_zone" "default" { name = "${random_string.name.result}.mysql.database.azure.com" - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name } -// Enables you to manage Private DNS zone Virtual Network Links +# Enables you to manage Private DNS zone Virtual Network Links resource "azurerm_private_dns_zone_virtual_network_link" "default" { name = "mysqlfsVnetZone${random_string.name.result}.com" private_dns_zone_name = azurerm_private_dns_zone.default.name + resource_group_name = azurerm_resource_group.rg.name virtual_network_id = azurerm_virtual_network.default.id - resource_group_name = azurerm_resource_group.default.name } -// Manages the MySQL Flexible Server +# Manages the MySQL Flexible Server resource "azurerm_mysql_flexible_server" "default" { + location = azurerm_resource_group.rg.location name = "mysqlfs-${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name - location = azurerm_resource_group.default.location + resource_group_name = azurerm_resource_group.rg.name administrator_login = random_string.name.result administrator_password = random_password.password.result - zone = "1" - version = "8.0.21" backup_retention_days = 7 + delegated_subnet_id = azurerm_subnet.default.id geo_redundant_backup_enabled = false - - storage { - size_gb = 20 - iops = 360 - } - - delegated_subnet_id = azurerm_subnet.default.id - private_dns_zone_id = azurerm_private_dns_zone.default.id - sku_name = "GP_Standard_D2ds_v4" + private_dns_zone_id = azurerm_private_dns_zone.default.id + sku_name = "GP_Standard_D2ds_v4" + version = "8.0.21" + zone = "1" high_availability { mode = "ZoneRedundant" standby_availability_zone = "2" } - maintenance_window { day_of_week = 0 start_hour = 8 start_minute = 0 } + storage { + iops = 360 + size_gb = 20 + } depends_on = [azurerm_private_dns_zone_virtual_network_link.default] } diff --git a/quickstart/201-mysql-fs-db/mysql-fs-db.tf b/quickstart/201-mysql-fs-db/mysql-fs-db.tf index 7be11190..4ed02a76 100644 --- a/quickstart/201-mysql-fs-db/mysql-fs-db.tf +++ b/quickstart/201-mysql-fs-db/mysql-fs-db.tf @@ -1,8 +1,8 @@ -// Manages the MySQL Flexible Server Database +# Manages the MySQL Flexible Server Database resource "azurerm_mysql_flexible_database" "default" { - name = "mysqlfsdb_${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name - server_name = azurerm_mysql_flexible_server.default.name charset = "utf8" collation = "utf8_unicode_ci" + name = "mysqlfsdb_${random_string.name.result}" + resource_group_name = azurerm_resource_group.rg.name + server_name = azurerm_mysql_flexible_server.default.name } diff --git a/quickstart/201-mysql-fs-db/outputs.tf b/quickstart/201-mysql-fs-db/outputs.tf index a4c7915b..74fb49c0 100644 --- a/quickstart/201-mysql-fs-db/outputs.tf +++ b/quickstart/201-mysql-fs-db/outputs.tf @@ -1,7 +1,3 @@ -output "resource_group_name" { - value = azurerm_resource_group.default.name -} - output "azurerm_mysql_flexible_server" { value = azurerm_mysql_flexible_server.default.name } @@ -9,3 +5,7 @@ output "azurerm_mysql_flexible_server" { output "mysql_flexible_server_database_name" { value = azurerm_mysql_flexible_database.default.name } + +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} \ No newline at end of file diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index cbe3e719..31d1f491 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -6,9 +6,14 @@ terraform { source = "hashicorp/azurerm" version = "~>3.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/201-mysql-fs-db/readme.md b/quickstart/201-mysql-fs-db/readme.md index 31abc815..bac940f1 100644 --- a/quickstart/201-mysql-fs-db/readme.md +++ b/quickstart/201-mysql-fs-db/readme.md @@ -17,10 +17,10 @@ This template deploys an [Azure MySQL Flexible Server Database](https://registry ## Variables -| Name | Description | -|-|-| -| `name_prefix` | (Optional) Prefix of the resource name. Value defaults to: tftest| -| `location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | +| Name | Description | Default | +|-|-|-| +| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. Value defaults to: rg| +| `resource_group_location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | ## Example diff --git a/quickstart/201-mysql-fs-db/variables.tf b/quickstart/201-mysql-fs-db/variables.tf index 7a27de0b..e8396125 100644 --- a/quickstart/201-mysql-fs-db/variables.tf +++ b/quickstart/201-mysql-fs-db/variables.tf @@ -1,11 +1,9 @@ -variable "name_prefix" { - type = string - default = "tftest" - description = "Prefix of the resource name." +variable "resource_group_location" { + default = "eastus" + description = "Location of the resource group." } -variable "location" { - type = string - default = "eastus" - description = "Location of the resource." -} +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} \ No newline at end of file