From 1f4ae0489248f109dd6f47508d81e6496b941f84 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 18:54:06 -0700 Subject: [PATCH 01/13] Fixing article --- .../201-k8s-cluster-with-tf-and-aks/main.tf | 77 +++++++++++++++++++ .../outputs.tf | 33 ++++++++ .../providers.tf | 14 ++++ .../201-k8s-cluster-with-tf-and-aks/readme.md | 0 .../terraform.tfvars | 5 ++ .../variables.tf | 61 +++++++++++++++ 6 files changed, 190 insertions(+) create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/main.tf create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/readme.md create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf new file mode 100644 index 00000000..b012b196 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -0,0 +1,77 @@ +# Generate random resource group name +resource "random_pet" "rg_name" { + prefix = var.resource_group_name_prefix +} + +resource "azurerm_resource_group" "rg" { + name = random_pet.rg_name.id + location = var.resource_group_location +} + +resource "random_id" "log_analytics_workspace_name_suffix" { + byte_length = 8 +} + +resource "azurerm_log_analytics_workspace" "test" { + # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant. + name = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}" + location = var.log_analytics_workspace_location + resource_group_name = azurerm_resource_group.k8s.name + sku = var.log_analytics_workspace_sku +} + +resource "azurerm_log_analytics_solution" "test" { + solution_name = "ContainerInsights" + location = azurerm_log_analytics_workspace.test.location + resource_group_name = azurerm_resource_group.k8s.name + workspace_resource_id = azurerm_log_analytics_workspace.test.id + workspace_name = azurerm_log_analytics_workspace.test.name + + plan { + publisher = "Microsoft" + product = "OMSGallery/ContainerInsights" + } +} + +resource "azurerm_kubernetes_cluster" "k8s" { + name = var.cluster_name + location = azurerm_resource_group.k8s.location + resource_group_name = azurerm_resource_group.k8s.name + dns_prefix = var.dns_prefix + + linux_profile { + admin_username = "ubuntu" + + ssh_key { + key_data = file(var.ssh_public_key) + } + } + + default_node_pool { + name = "agentpool" + node_count = var.agent_count + vm_size = "Standard_D2_v2" + } + + service_principal { + client_id = var.aks_service_principal_app_id + client_secret = var.aks_service_principal_client_secret + } + + addon_profile { + oms_agent { + enabled = true + log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id + } + } + + network_profile { + load_balancer_sku = "Standard" + network_plugin = "kubenet" + } + + tags = { + Environment = "Development" + } +} + \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf new file mode 100644 index 00000000..9ee2d871 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -0,0 +1,33 @@ +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} + +output "client_key" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key +} + +output "client_certificate" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate +} + +output "cluster_ca_certificate" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate +} + +output "cluster_username" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.username +} + +output "cluster_password" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.password +} + +output "kube_config" { + value = azurerm_kubernetes_cluster.k8s.kube_config_raw + sensitive = true +} + +output "host" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.host +} + \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf new file mode 100644 index 00000000..cbe3e719 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -0,0 +1,14 @@ +terraform { + required_version = ">=1.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>3.0" + } + } +} + +provider "azurerm" { + features {} +} diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md new file mode 100644 index 00000000..e69de29b diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars new file mode 100644 index 00000000..5e0e0e0f --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars @@ -0,0 +1,5 @@ +aks_service_principal_app_id = "" + +aks_service_principal_client_secret = "" + +aks_service_principal_object_id = "" diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf new file mode 100644 index 00000000..e9e948cb --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -0,0 +1,61 @@ +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} + +variable "resource_group_location" { + default = "eastus" + description = "Location of the resource group." +} + +variable "agent_count" { + default = 3 +} + +variable "ssh_public_key" { + default = "~/.ssh/id_rsa.pub" +} + +variable "dns_prefix" { + default = "k8stest" +} + +variable "cluster_name" { + default = "k8stest" +} + +variable "resource_group_name" { + default = "azure-k8stest" +} + +variable "location" { + default = "Central US" +} + +variable "log_analytics_workspace_name" { + default = "testLogAnalyticsWorkspaceName" +} + +# refer https://azure.microsoft.com/global-infrastructure/services/?products=monitor for log analytics available regions +variable "log_analytics_workspace_location" { + default = "eastus" +} + +# refer https://azure.microsoft.com/pricing/details/monitor/ for log analytics pricing +variable "log_analytics_workspace_sku" { + default = "PerGB2018" +} + +# these following three entries are placeholder references; we will specify values later in terraform.tfvars +variable "aks_service_principal_app_id" { + default = "" +} + +variable "aks_service_principal_client_secret" { + default = "" +} + +variable "aks_service_principal_object_id" { + default = "" +} + \ No newline at end of file From 9a26ecdd6c04a7111d8aa145ba2b62371b5e9d22 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 21:22:02 -0700 Subject: [PATCH 02/13] Updating main to use new rg var name --- quickstart/201-k8s-cluster-with-tf-and-aks/main.tf | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf index b012b196..7cbd1474 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -23,7 +23,7 @@ resource "azurerm_log_analytics_workspace" "test" { resource "azurerm_log_analytics_solution" "test" { solution_name = "ContainerInsights" location = azurerm_log_analytics_workspace.test.location - resource_group_name = azurerm_resource_group.k8s.name + resource_group_name = azurerm_resource_group.rg.name workspace_resource_id = azurerm_log_analytics_workspace.test.id workspace_name = azurerm_log_analytics_workspace.test.name @@ -35,8 +35,8 @@ resource "azurerm_log_analytics_solution" "test" { resource "azurerm_kubernetes_cluster" "k8s" { name = var.cluster_name - location = azurerm_resource_group.k8s.location - resource_group_name = azurerm_resource_group.k8s.name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name dns_prefix = var.dns_prefix linux_profile { @@ -74,4 +74,3 @@ resource "azurerm_kubernetes_cluster" "k8s" { Environment = "Development" } } - \ No newline at end of file From 0419cad12a3b0eff0a83a5de2d1b388d06f8c383 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 21:25:20 -0700 Subject: [PATCH 03/13] Updating main to use new rg var name --- quickstart/201-k8s-cluster-with-tf-and-aks/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf index 7cbd1474..226cc741 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -16,7 +16,7 @@ resource "azurerm_log_analytics_workspace" "test" { # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant. name = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}" location = var.log_analytics_workspace_location - resource_group_name = azurerm_resource_group.k8s.name + resource_group_name = azurerm_resource_group.rg.name sku = var.log_analytics_workspace_sku } From 7b46e0c27ab3ca15e172e7b00490e56a4197b3f9 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 22:08:55 -0700 Subject: [PATCH 04/13] Removed deprecated block and fixed sku value --- quickstart/201-k8s-cluster-with-tf-and-aks/main.tf | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf index 226cc741..bace6bb2 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -58,15 +58,8 @@ resource "azurerm_kubernetes_cluster" "k8s" { client_secret = var.aks_service_principal_client_secret } - addon_profile { - oms_agent { - enabled = true - log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id - } - } - network_profile { - load_balancer_sku = "Standard" + load_balancer_sku = "standard" network_plugin = "kubenet" } From df14b6229d0675ccb48f898196a720a12083a3a0 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 22:19:04 -0700 Subject: [PATCH 05/13] Marked various output values as sensitive --- .../201-k8s-cluster-with-tf-and-aks/outputs.tf | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf index 9ee2d871..52632b91 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -3,23 +3,28 @@ output "resource_group_name" { } output "client_key" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + sensitive = true } output "client_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + sensitive = true } output "cluster_ca_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + sensitive = true } output "cluster_username" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + sensitive = true } output "cluster_password" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + sensitive = true } output "kube_config" { @@ -28,6 +33,7 @@ output "kube_config" { } output "host" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + sensitive = true } \ No newline at end of file From 0bb3ff10c1d40ef83a3738121a512596e95759c2 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 08:17:56 -0700 Subject: [PATCH 06/13] readme files --- .../201-k8s-cluster-with-tf-and-aks/readme.md | 33 +++++++++++++++++++ .../variables.tf | 16 +++------ 2 files changed, 37 insertions(+), 12 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md index e69de29b..e56453ce 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md @@ -0,0 +1,33 @@ +# Kubernetes cluster with Azure Kubernetes Service (AKS) + +This template provisions an [AKS / Azure Kubernetes service (also known as a Managed Kubernetes Cluster)](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster). + +## Terraform resource types + +- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) +- [random_string](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) +- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) +- [azurerm_log_analytics_workspace](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) +- [azurerm_log_analytics_solution](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_solution) +- [azurerm_kubernetes_cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster) + +## Variables + +| Name | Description | Default | +|-|-|-| +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | +| `agent_count` | Initial number of nodes which should exist in this Node Pool. Value must be between 1 and 1000. | 3 | +| `ssh_public_key` | File containing the an ssh_key block. | ~/.ssh/id_rsa.pub | +| `dns_prefix` | DNS prefix specified when creating the managed cluster. | k8stest | +| `cluster_name` | Name of the Managed Kubernetes Cluster to create. | k8stest | +| `log_analytics_workspace_name` | Prefix of the name of the Log Analytics Workspace. Random value is appended to ensure uniqueness across Azure. | testLogAnalyticsWorkspaceName | +| `log_analytics_workspace_location` | Azure location where the resource exists. | eastus | +| `log_analytics_workspace_sku` | SKU of the Log Analytics Workspace. | PerGB2018 | +| `aks_service_principal_app_id` | Service principal app ID. | | +| `aks_service_principal_client_secret` | Service principal password. | | +| `aks_service_principal_object_id` | Service principal object ID. | | + +## Example + +To see how to run this example, see [Create a Kubernetes cluster with Azure Kubernetes Service using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-k8s-cluster-with-tf-and-aks). diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf index e9e948cb..e19ab7f6 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -24,29 +24,22 @@ variable "cluster_name" { default = "k8stest" } -variable "resource_group_name" { - default = "azure-k8stest" -} - -variable "location" { - default = "Central US" -} - variable "log_analytics_workspace_name" { default = "testLogAnalyticsWorkspaceName" } -# refer https://azure.microsoft.com/global-infrastructure/services/?products=monitor for log analytics available regions +# Refer to https://azure.microsoft.com/global-infrastructure/services/?products=monitor for available Log Analytics regions. variable "log_analytics_workspace_location" { default = "eastus" } -# refer https://azure.microsoft.com/pricing/details/monitor/ for log analytics pricing +# Refer to https://azure.microsoft.com/pricing/details/monitor/ for Log Analytics pricing variable "log_analytics_workspace_sku" { default = "PerGB2018" } -# these following three entries are placeholder references; we will specify values later in terraform.tfvars +# The following three variable declarations are placeholder references. +# Set the values for these variable in terraform.tfvars variable "aks_service_principal_app_id" { default = "" } @@ -58,4 +51,3 @@ variable "aks_service_principal_client_secret" { variable "aks_service_principal_object_id" { default = "" } - \ No newline at end of file From e866f8430d37e4f783bf9bba408ca1d258a1b5c1 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 09:12:59 -0700 Subject: [PATCH 07/13] readme files --- quickstart/201-mysql-fs-db/main.tf | 29 ++++++++++++------------- quickstart/201-mysql-fs-db/readme.md | 8 +++---- quickstart/201-mysql-fs-db/variables.tf | 12 +++++----- 3 files changed, 23 insertions(+), 26 deletions(-) diff --git a/quickstart/201-mysql-fs-db/main.tf b/quickstart/201-mysql-fs-db/main.tf index feab9787..9ebacf65 100644 --- a/quickstart/201-mysql-fs-db/main.tf +++ b/quickstart/201-mysql-fs-db/main.tf @@ -1,9 +1,14 @@ -// Generate random value for the Resource Group name +# Generate random resource group name resource "random_pet" "rg_name" { - prefix = var.name_prefix + prefix = var.resource_group_name_prefix } -// Generate random value for the name +resource "azurerm_resource_group" "rg" { + name = random_pet.rg_name.id + location = var.resource_group_location +} + +# Generate random value for the name resource "random_string" "name" { length = 8 upper = false @@ -11,7 +16,7 @@ resource "random_string" "name" { special = false } -// Generate random value for the login password +# Generate random value for the login password resource "random_password" "password" { length = 8 upper = true @@ -20,13 +25,7 @@ resource "random_password" "password" { override_special = "_" } -// Manages the Resource Group where the resource exists -resource "azurerm_resource_group" "default" { - name = "mysqlfsRG-${random_pet.rg_name.id}" - location = var.location -} - -// Manages the Virtual Network +# Manages the Virtual Network resource "azurerm_virtual_network" "default" { name = "vnet-${random_string.name.result}" location = azurerm_resource_group.default.location @@ -34,7 +33,7 @@ resource "azurerm_virtual_network" "default" { address_space = ["10.0.0.0/16"] } -// Manages the Subnet +# Manages the Subnet resource "azurerm_subnet" "default" { name = "subnet-${random_string.name.result}" resource_group_name = azurerm_resource_group.default.name @@ -55,13 +54,13 @@ resource "azurerm_subnet" "default" { } } -// Enables you to manage Private DNS zones within Azure DNS +# Enables you to manage Private DNS zones within Azure DNS resource "azurerm_private_dns_zone" "default" { name = "${random_string.name.result}.mysql.database.azure.com" resource_group_name = azurerm_resource_group.default.name } -// Enables you to manage Private DNS zone Virtual Network Links +# Enables you to manage Private DNS zone Virtual Network Links resource "azurerm_private_dns_zone_virtual_network_link" "default" { name = "mysqlfsVnetZone${random_string.name.result}.com" private_dns_zone_name = azurerm_private_dns_zone.default.name @@ -69,7 +68,7 @@ resource "azurerm_private_dns_zone_virtual_network_link" "default" { resource_group_name = azurerm_resource_group.default.name } -// Manages the MySQL Flexible Server +# Manages the MySQL Flexible Server resource "azurerm_mysql_flexible_server" "default" { name = "mysqlfs-${random_string.name.result}" resource_group_name = azurerm_resource_group.default.name diff --git a/quickstart/201-mysql-fs-db/readme.md b/quickstart/201-mysql-fs-db/readme.md index 31abc815..bac940f1 100644 --- a/quickstart/201-mysql-fs-db/readme.md +++ b/quickstart/201-mysql-fs-db/readme.md @@ -17,10 +17,10 @@ This template deploys an [Azure MySQL Flexible Server Database](https://registry ## Variables -| Name | Description | -|-|-| -| `name_prefix` | (Optional) Prefix of the resource name. Value defaults to: tftest| -| `location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | +| Name | Description | Default | +|-|-|-| +| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. Value defaults to: rg| +| `resource_group_location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | ## Example diff --git a/quickstart/201-mysql-fs-db/variables.tf b/quickstart/201-mysql-fs-db/variables.tf index 7a27de0b..19f4680c 100644 --- a/quickstart/201-mysql-fs-db/variables.tf +++ b/quickstart/201-mysql-fs-db/variables.tf @@ -1,11 +1,9 @@ -variable "name_prefix" { - type = string - default = "tftest" - description = "Prefix of the resource name." +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." } -variable "location" { - type = string +variable "resource_group_location" { default = "eastus" - description = "Location of the resource." + description = "Location of the resource group." } From b6f52f38d39308fd535861a1a53c9b57687e7ca6 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 23:30:10 -0700 Subject: [PATCH 08/13] changes per tech review --- quickstart/101-attestation-provider/providers.tf | 5 +++++ quickstart/101-resource-group/providers.tf | 5 +++++ .../201-k8s-cluster-with-tf-and-aks/outputs.tf | 10 +++++----- .../201-k8s-cluster-with-tf-and-aks/providers.tf | 5 +++++ quickstart/201-mysql-fs-db/main.tf | 15 ++++++++------- quickstart/201-mysql-fs-db/mysql-fs-db.tf | 4 ++-- quickstart/201-mysql-fs-db/outputs.tf | 2 +- quickstart/201-mysql-fs-db/providers.tf | 5 +++++ 8 files changed, 36 insertions(+), 15 deletions(-) diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index 6bd52554..04123ebc 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -12,3 +12,8 @@ terraform { provider "azurerm" { features {} } + +random = { + source = "hashicorp/random" + version = "~>3.0" +} diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index 6bd52554..04123ebc 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -12,3 +12,8 @@ terraform { provider "azurerm" { features {} } + +random = { + source = "hashicorp/random" + version = "~>3.0" +} diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf index 52632b91..478852b0 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -3,27 +3,27 @@ output "resource_group_name" { } output "client_key" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_key sensitive = true } output "client_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate sensitive = true } output "cluster_ca_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config[0].cluster_ca_certificate sensitive = true } output "cluster_username" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + value = azurerm_kubernetes_cluster.k8s.kube_config[0].username sensitive = true } output "cluster_password" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + value = azurerm_kubernetes_cluster.k8s.kube_config[0].password sensitive = true } diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf index cbe3e719..965241cd 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -12,3 +12,8 @@ terraform { provider "azurerm" { features {} } + +random = { + source = "hashicorp/random" + version = "~>3.0" +} diff --git a/quickstart/201-mysql-fs-db/main.tf b/quickstart/201-mysql-fs-db/main.tf index 9ebacf65..9f6c3960 100644 --- a/quickstart/201-mysql-fs-db/main.tf +++ b/quickstart/201-mysql-fs-db/main.tf @@ -22,21 +22,22 @@ resource "random_password" "password" { upper = true lower = true special = true + numeric = false override_special = "_" } # Manages the Virtual Network resource "azurerm_virtual_network" "default" { name = "vnet-${random_string.name.result}" - location = azurerm_resource_group.default.location - resource_group_name = azurerm_resource_group.default.name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name address_space = ["10.0.0.0/16"] } # Manages the Subnet resource "azurerm_subnet" "default" { name = "subnet-${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.default.name address_prefixes = ["10.0.2.0/24"] service_endpoints = ["Microsoft.Storage"] @@ -57,7 +58,7 @@ resource "azurerm_subnet" "default" { # Enables you to manage Private DNS zones within Azure DNS resource "azurerm_private_dns_zone" "default" { name = "${random_string.name.result}.mysql.database.azure.com" - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name } # Enables you to manage Private DNS zone Virtual Network Links @@ -65,14 +66,14 @@ resource "azurerm_private_dns_zone_virtual_network_link" "default" { name = "mysqlfsVnetZone${random_string.name.result}.com" private_dns_zone_name = azurerm_private_dns_zone.default.name virtual_network_id = azurerm_virtual_network.default.id - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name } # Manages the MySQL Flexible Server resource "azurerm_mysql_flexible_server" "default" { name = "mysqlfs-${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name - location = azurerm_resource_group.default.location + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location administrator_login = random_string.name.result administrator_password = random_password.password.result zone = "1" diff --git a/quickstart/201-mysql-fs-db/mysql-fs-db.tf b/quickstart/201-mysql-fs-db/mysql-fs-db.tf index 7be11190..51598667 100644 --- a/quickstart/201-mysql-fs-db/mysql-fs-db.tf +++ b/quickstart/201-mysql-fs-db/mysql-fs-db.tf @@ -1,7 +1,7 @@ -// Manages the MySQL Flexible Server Database +# Manages the MySQL Flexible Server Database resource "azurerm_mysql_flexible_database" "default" { name = "mysqlfsdb_${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name server_name = azurerm_mysql_flexible_server.default.name charset = "utf8" collation = "utf8_unicode_ci" diff --git a/quickstart/201-mysql-fs-db/outputs.tf b/quickstart/201-mysql-fs-db/outputs.tf index a4c7915b..dca1b176 100644 --- a/quickstart/201-mysql-fs-db/outputs.tf +++ b/quickstart/201-mysql-fs-db/outputs.tf @@ -1,5 +1,5 @@ output "resource_group_name" { - value = azurerm_resource_group.default.name + value = azurerm_resource_group.rg.name } output "azurerm_mysql_flexible_server" { diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index cbe3e719..965241cd 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -12,3 +12,8 @@ terraform { provider "azurerm" { features {} } + +random = { + source = "hashicorp/random" + version = "~>3.0" +} From bd27b46fdc0612a9a983f22ab33710ea12816a8a Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 23:39:27 -0700 Subject: [PATCH 09/13] fixing random provider info --- quickstart/101-attestation-provider/providers.tf | 9 +++++---- quickstart/101-resource-group/providers.tf | 7 ++++++- quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf | 7 ++++++- quickstart/201-mysql-fs-db/providers.tf | 7 ++++++- 4 files changed, 23 insertions(+), 7 deletions(-) diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index 04123ebc..f47e31ec 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -6,6 +6,11 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } @@ -13,7 +18,3 @@ provider "azurerm" { features {} } -random = { - source = "hashicorp/random" - version = "~>3.0" -} diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index 04123ebc..0dea752c 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -6,6 +6,11 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } @@ -14,6 +19,6 @@ provider "azurerm" { } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "~>3.0" } diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf index 965241cd..b542ce25 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -6,6 +6,11 @@ terraform { source = "hashicorp/azurerm" version = "~>3.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } @@ -14,6 +19,6 @@ provider "azurerm" { } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "~>3.0" } diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index 965241cd..b542ce25 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -6,6 +6,11 @@ terraform { source = "hashicorp/azurerm" version = "~>3.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } @@ -14,6 +19,6 @@ provider "azurerm" { } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "~>3.0" } From 7305ee2a26e167c26c84ca98bb0574dc000ec6ac Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 23:45:08 -0700 Subject: [PATCH 10/13] changing array syntax --- quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf index 478852b0..e9d185bf 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -33,7 +33,7 @@ output "kube_config" { } output "host" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + value = azurerm_kubernetes_cluster.k8s.kube_config[0].host sensitive = true } \ No newline at end of file From dceafac08d00c29033d896ccf36bce2b7df8eb9e Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 23:51:22 -0700 Subject: [PATCH 11/13] more changes --- quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars | 2 -- quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf | 6 +----- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars index 5e0e0e0f..5c82a505 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars @@ -1,5 +1,3 @@ aks_service_principal_app_id = "" aks_service_principal_client_secret = "" - -aks_service_principal_object_id = "" diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf index e19ab7f6..61a5f3f6 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -38,7 +38,7 @@ variable "log_analytics_workspace_sku" { default = "PerGB2018" } -# The following three variable declarations are placeholder references. +# The following two variable declarations are placeholder references. # Set the values for these variable in terraform.tfvars variable "aks_service_principal_app_id" { default = "" @@ -47,7 +47,3 @@ variable "aks_service_principal_app_id" { variable "aks_service_principal_client_secret" { default = "" } - -variable "aks_service_principal_object_id" { - default = "" -} From 65cb9c7f0e7a01d1ddd5eef151940a89c60d76f7 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 00:05:42 -0700 Subject: [PATCH 12/13] more changes --- quickstart/101-attestation-provider/providers.tf | 1 - quickstart/101-resource-group/providers.tf | 5 ----- quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf | 5 ----- quickstart/201-mysql-fs-db/providers.tf | 5 ----- 4 files changed, 16 deletions(-) diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index f47e31ec..ba3e0dc7 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -17,4 +17,3 @@ terraform { provider "azurerm" { features {} } - diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index 0dea752c..ba3e0dc7 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -17,8 +17,3 @@ terraform { provider "azurerm" { features {} } - -random = { - source = "hashicorp/random" - version = "~>3.0" -} diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf index b542ce25..0d51fc35 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -17,8 +17,3 @@ terraform { provider "azurerm" { features {} } - -random = { - source = "hashicorp/random" - version = "~>3.0" -} diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index b542ce25..0d51fc35 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -17,8 +17,3 @@ terraform { provider "azurerm" { features {} } - -random = { - source = "hashicorp/random" - version = "~>3.0" -} From e3c66ca15dca8bb6cb84e87bb54536c3ceefc890 Mon Sep 17 00:00:00 2001 From: hezijie Date: Mon, 29 Aug 2022 17:03:29 +0800 Subject: [PATCH 13/13] Sort all variables, outputs, arguments and blocks in resource block. Adjust code file's style. Add `numeric = false` for `random_string.name` in `201-mysql-fs-db` module as the name is used as `azurerm_mysql_flexible_server.default`'s `administrator_login` and the login name doesn't support a name start with number. Add minimum constraints for `random_password.password` in `201-mysql-fs-db` module as the password required a minimum complexity. --- quickstart/101-attestation-provider/main.tf | 9 ++- .../101-attestation-provider/outputs.tf | 2 +- .../101-attestation-provider/providers.tf | 3 +- .../101-attestation-provider/variables.tf | 18 ++--- quickstart/101-resource-group/main.tf | 4 +- quickstart/101-resource-group/providers.tf | 3 +- quickstart/101-resource-group/variables.tf | 10 +-- .../201-k8s-cluster-with-tf-and-aks/main.tf | 38 +++++----- .../outputs.tf | 27 ++++--- .../providers.tf | 1 - .../terraform.tfvars | 3 +- .../variables.tf | 72 +++++++++---------- quickstart/201-mysql-fs-db/main.tf | 51 ++++++------- quickstart/201-mysql-fs-db/mysql-fs-db.tf | 4 +- quickstart/201-mysql-fs-db/outputs.tf | 8 +-- quickstart/201-mysql-fs-db/providers.tf | 2 +- quickstart/201-mysql-fs-db/variables.tf | 10 +-- 17 files changed, 128 insertions(+), 137 deletions(-) diff --git a/quickstart/101-attestation-provider/main.tf b/quickstart/101-attestation-provider/main.tf index 36091ab7..fc2fd724 100644 --- a/quickstart/101-attestation-provider/main.tf +++ b/quickstart/101-attestation-provider/main.tf @@ -3,14 +3,13 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location + name = random_pet.rg_name.id } resource "azurerm_attestation_provider" "corp_attestation" { - name = var.attestation_provider_name - resource_group_name = azurerm_resource_group.rg.name - location = azurerm_resource_group.rg.location - + location = azurerm_resource_group.rg.location + name = var.attestation_provider_name + resource_group_name = azurerm_resource_group.rg.name policy_signing_certificate_data = file(var.policy_file) } \ No newline at end of file diff --git a/quickstart/101-attestation-provider/outputs.tf b/quickstart/101-attestation-provider/outputs.tf index 62816bd7..c765da63 100644 --- a/quickstart/101-attestation-provider/outputs.tf +++ b/quickstart/101-attestation-provider/outputs.tf @@ -1,3 +1,3 @@ output "resource_group_name" { value = azurerm_resource_group.rg.name -} +} \ No newline at end of file diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index ba3e0dc7..5343d826 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -6,7 +6,6 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } - random = { source = "hashicorp/random" version = "~>3.0" @@ -16,4 +15,4 @@ terraform { provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/101-attestation-provider/variables.tf b/quickstart/101-attestation-provider/variables.tf index 7c14fc2b..d10d70d2 100644 --- a/quickstart/101-attestation-provider/variables.tf +++ b/quickstart/101-attestation-provider/variables.tf @@ -1,6 +1,9 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +variable "attestation_provider_name" { + default = "attestationprovider007" +} + +variable "policy_file" { + default = "~/.certs/cert.pem" } variable "resource_group_location" { @@ -8,10 +11,7 @@ variable "resource_group_location" { description = "Location of the resource group." } -variable "policy_file" { - default = "~/.certs/cert.pem" -} - -variable "attestation_provider_name" { - default = "attestationprovider007" +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." } \ No newline at end of file diff --git a/quickstart/101-resource-group/main.tf b/quickstart/101-resource-group/main.tf index b312f1af..ab4f9a5e 100644 --- a/quickstart/101-resource-group/main.tf +++ b/quickstart/101-resource-group/main.tf @@ -3,6 +3,6 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location -} + name = random_pet.rg_name.id +} \ No newline at end of file diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index ba3e0dc7..5343d826 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -6,7 +6,6 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } - random = { source = "hashicorp/random" version = "~>3.0" @@ -16,4 +15,4 @@ terraform { provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/101-resource-group/variables.tf b/quickstart/101-resource-group/variables.tf index 19f4680c..e8396125 100644 --- a/quickstart/101-resource-group/variables.tf +++ b/quickstart/101-resource-group/variables.tf @@ -1,9 +1,9 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." -} - variable "resource_group_location" { default = "eastus" description = "Location of the resource group." } + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf index bace6bb2..0069ac6f 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -4,8 +4,8 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location + name = random_pet.rg_name.id } resource "random_id" "log_analytics_workspace_name_suffix" { @@ -13,32 +13,40 @@ resource "random_id" "log_analytics_workspace_name_suffix" { } resource "azurerm_log_analytics_workspace" "test" { + location = var.log_analytics_workspace_location # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant. name = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}" - location = var.log_analytics_workspace_location resource_group_name = azurerm_resource_group.rg.name sku = var.log_analytics_workspace_sku } resource "azurerm_log_analytics_solution" "test" { - solution_name = "ContainerInsights" location = azurerm_log_analytics_workspace.test.location resource_group_name = azurerm_resource_group.rg.name - workspace_resource_id = azurerm_log_analytics_workspace.test.id + solution_name = "ContainerInsights" workspace_name = azurerm_log_analytics_workspace.test.name + workspace_resource_id = azurerm_log_analytics_workspace.test.id plan { - publisher = "Microsoft" product = "OMSGallery/ContainerInsights" + publisher = "Microsoft" } } resource "azurerm_kubernetes_cluster" "k8s" { - name = var.cluster_name location = azurerm_resource_group.rg.location + name = var.cluster_name resource_group_name = azurerm_resource_group.rg.name dns_prefix = var.dns_prefix + tags = { + Environment = "Development" + } + default_node_pool { + name = "agentpool" + vm_size = "Standard_D2_v2" + node_count = var.agent_count + } linux_profile { admin_username = "ubuntu" @@ -46,24 +54,12 @@ resource "azurerm_kubernetes_cluster" "k8s" { key_data = file(var.ssh_public_key) } } - - default_node_pool { - name = "agentpool" - node_count = var.agent_count - vm_size = "Standard_D2_v2" + network_profile { + network_plugin = "kubenet" + load_balancer_sku = "standard" } - service_principal { client_id = var.aks_service_principal_app_id client_secret = var.aks_service_principal_client_secret } - - network_profile { - load_balancer_sku = "standard" - network_plugin = "kubenet" - } - - tags = { - Environment = "Development" - } } diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf index e9d185bf..b41d7ae1 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -1,5 +1,6 @@ -output "resource_group_name" { - value = azurerm_resource_group.rg.name +output "client_certificate" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate + sensitive = true } output "client_key" { @@ -7,23 +8,23 @@ output "client_key" { sensitive = true } -output "client_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate - sensitive = true -} - output "cluster_ca_certificate" { value = azurerm_kubernetes_cluster.k8s.kube_config[0].cluster_ca_certificate sensitive = true } +output "cluster_password" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].password + sensitive = true +} + output "cluster_username" { value = azurerm_kubernetes_cluster.k8s.kube_config[0].username sensitive = true } -output "cluster_password" { - value = azurerm_kubernetes_cluster.k8s.kube_config[0].password +output "host" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].host sensitive = true } @@ -32,8 +33,6 @@ output "kube_config" { sensitive = true } -output "host" { - value = azurerm_kubernetes_cluster.k8s.kube_config[0].host - sensitive = true -} - \ No newline at end of file +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf index 0d51fc35..74dc62e1 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -6,7 +6,6 @@ terraform { source = "hashicorp/azurerm" version = "~>3.0" } - random = { source = "hashicorp/random" version = "~>3.0" diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars index 5c82a505..866eb921 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars @@ -1,3 +1,2 @@ aks_service_principal_app_id = "" - -aks_service_principal_client_secret = "" +aks_service_principal_client_secret = "" \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf index 61a5f3f6..c90da17d 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -1,43 +1,7 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." -} - -variable "resource_group_location" { - default = "eastus" - description = "Location of the resource group." -} - variable "agent_count" { default = 3 } -variable "ssh_public_key" { - default = "~/.ssh/id_rsa.pub" -} - -variable "dns_prefix" { - default = "k8stest" -} - -variable "cluster_name" { - default = "k8stest" -} - -variable "log_analytics_workspace_name" { - default = "testLogAnalyticsWorkspaceName" -} - -# Refer to https://azure.microsoft.com/global-infrastructure/services/?products=monitor for available Log Analytics regions. -variable "log_analytics_workspace_location" { - default = "eastus" -} - -# Refer to https://azure.microsoft.com/pricing/details/monitor/ for Log Analytics pricing -variable "log_analytics_workspace_sku" { - default = "PerGB2018" -} - # The following two variable declarations are placeholder references. # Set the values for these variable in terraform.tfvars variable "aks_service_principal_app_id" { @@ -47,3 +11,39 @@ variable "aks_service_principal_app_id" { variable "aks_service_principal_client_secret" { default = "" } + +variable "cluster_name" { + default = "k8stest" +} + +variable "dns_prefix" { + default = "k8stest" +} + +# Refer to https://azure.microsoft.com/global-infrastructure/services/?products=monitor for available Log Analytics regions. +variable "log_analytics_workspace_location" { + default = "eastus" +} + +variable "log_analytics_workspace_name" { + default = "testLogAnalyticsWorkspaceName" +} + +# Refer to https://azure.microsoft.com/pricing/details/monitor/ for Log Analytics pricing +variable "log_analytics_workspace_sku" { + default = "PerGB2018" +} + +variable "resource_group_location" { + default = "eastus" + description = "Location of the resource group." +} + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} + +variable "ssh_public_key" { + default = "~/.ssh/id_rsa.pub" +} diff --git a/quickstart/201-mysql-fs-db/main.tf b/quickstart/201-mysql-fs-db/main.tf index 9f6c3960..6d6a1238 100644 --- a/quickstart/201-mysql-fs-db/main.tf +++ b/quickstart/201-mysql-fs-db/main.tf @@ -4,50 +4,54 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location + name = random_pet.rg_name.id } # Generate random value for the name resource "random_string" "name" { length = 8 - upper = false lower = true + numeric = false special = false + upper = false } # Generate random value for the login password resource "random_password" "password" { length = 8 - upper = true lower = true - special = true - numeric = false + min_lower = 1 + min_numeric = 1 + min_special = 1 + min_upper = 1 + numeric = true override_special = "_" + special = true + upper = true } # Manages the Virtual Network resource "azurerm_virtual_network" "default" { - name = "vnet-${random_string.name.result}" - location = azurerm_resource_group.rg.location - resource_group_name = azurerm_resource_group.rg.name address_space = ["10.0.0.0/16"] + location = azurerm_resource_group.rg.location + name = "vnet-${random_string.name.result}" + resource_group_name = azurerm_resource_group.rg.name } # Manages the Subnet resource "azurerm_subnet" "default" { + address_prefixes = ["10.0.2.0/24"] name = "subnet-${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.default.name - address_prefixes = ["10.0.2.0/24"] service_endpoints = ["Microsoft.Storage"] delegation { name = "fs" service_delegation { - name = "Microsoft.DBforMySQL/flexibleServers" - + name = "Microsoft.DBforMySQL/flexibleServers" actions = [ "Microsoft.Network/virtualNetworks/subnets/join/action", ] @@ -65,41 +69,38 @@ resource "azurerm_private_dns_zone" "default" { resource "azurerm_private_dns_zone_virtual_network_link" "default" { name = "mysqlfsVnetZone${random_string.name.result}.com" private_dns_zone_name = azurerm_private_dns_zone.default.name - virtual_network_id = azurerm_virtual_network.default.id resource_group_name = azurerm_resource_group.rg.name + virtual_network_id = azurerm_virtual_network.default.id } # Manages the MySQL Flexible Server resource "azurerm_mysql_flexible_server" "default" { + location = azurerm_resource_group.rg.location name = "mysqlfs-${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name - location = azurerm_resource_group.rg.location administrator_login = random_string.name.result administrator_password = random_password.password.result - zone = "1" - version = "8.0.21" backup_retention_days = 7 + delegated_subnet_id = azurerm_subnet.default.id geo_redundant_backup_enabled = false - - storage { - size_gb = 20 - iops = 360 - } - - delegated_subnet_id = azurerm_subnet.default.id - private_dns_zone_id = azurerm_private_dns_zone.default.id - sku_name = "GP_Standard_D2ds_v4" + private_dns_zone_id = azurerm_private_dns_zone.default.id + sku_name = "GP_Standard_D2ds_v4" + version = "8.0.21" + zone = "1" high_availability { mode = "ZoneRedundant" standby_availability_zone = "2" } - maintenance_window { day_of_week = 0 start_hour = 8 start_minute = 0 } + storage { + iops = 360 + size_gb = 20 + } depends_on = [azurerm_private_dns_zone_virtual_network_link.default] } diff --git a/quickstart/201-mysql-fs-db/mysql-fs-db.tf b/quickstart/201-mysql-fs-db/mysql-fs-db.tf index 51598667..4ed02a76 100644 --- a/quickstart/201-mysql-fs-db/mysql-fs-db.tf +++ b/quickstart/201-mysql-fs-db/mysql-fs-db.tf @@ -1,8 +1,8 @@ # Manages the MySQL Flexible Server Database resource "azurerm_mysql_flexible_database" "default" { + charset = "utf8" + collation = "utf8_unicode_ci" name = "mysqlfsdb_${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name server_name = azurerm_mysql_flexible_server.default.name - charset = "utf8" - collation = "utf8_unicode_ci" } diff --git a/quickstart/201-mysql-fs-db/outputs.tf b/quickstart/201-mysql-fs-db/outputs.tf index dca1b176..74fb49c0 100644 --- a/quickstart/201-mysql-fs-db/outputs.tf +++ b/quickstart/201-mysql-fs-db/outputs.tf @@ -1,7 +1,3 @@ -output "resource_group_name" { - value = azurerm_resource_group.rg.name -} - output "azurerm_mysql_flexible_server" { value = azurerm_mysql_flexible_server.default.name } @@ -9,3 +5,7 @@ output "azurerm_mysql_flexible_server" { output "mysql_flexible_server_database_name" { value = azurerm_mysql_flexible_database.default.name } + +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} \ No newline at end of file diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index 0d51fc35..31d1f491 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -16,4 +16,4 @@ terraform { provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/201-mysql-fs-db/variables.tf b/quickstart/201-mysql-fs-db/variables.tf index 19f4680c..e8396125 100644 --- a/quickstart/201-mysql-fs-db/variables.tf +++ b/quickstart/201-mysql-fs-db/variables.tf @@ -1,9 +1,9 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." -} - variable "resource_group_location" { default = "eastus" description = "Location of the resource group." } + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} \ No newline at end of file