diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/TestRecord.md b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/TestRecord.md deleted file mode 100644 index 37e97f42..00000000 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/TestRecord.md +++ /dev/null @@ -1,504 +0,0 @@ -## 30 Jul 23 00:44 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 16 Jul 23 05:09 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 09 Jul 23 00:48 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 02 Jul 23 00:41 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 25 Jun 23 00:48 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 18 Jun 23 00:47 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 11 Jun 23 00:46 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 04 Jun 23 00:46 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 28 May 23 00:35 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 21 May 23 05:12 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 14 May 23 04:45 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 07 May 23 00:33 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 30 Apr 23 00:37 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 23 Apr 23 04:52 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 16 Apr 23 00:45 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 09 Apr 23 00:41 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 02 Apr 23 04:49 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 26 Mar 23 00:09 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 19 Mar 23 04:52 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 12 Mar 23 05:22 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 08 Mar 23 19:08 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 19 Feb 23 00:34 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 12 Feb 23 00:25 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - -## 05 Feb 23 00:40 UTC - -Success: false - -### Versions - - - -### Error - - -Initializing the backend... -╷ -│ Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "": storage.AccountsClient#ListKeys: Invalid input: autorest/validation: validation failed: parameter=resourceGroupName constraint=Pattern value="" details: value doesn't match pattern ^[-\w\._\(\)]+$ -│  -│  -╵ - - ---- - diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/main.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/main.tf index 7d872a78..918cbc5e 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/main.tf +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/main.tf @@ -24,8 +24,6 @@ resource "azurerm_user_assigned_identity" "testIdentity" { location = azurerm_resource_group.rg.location name = "identity1" - - tags = var.tags } resource "azurerm_virtual_network" "test" { @@ -43,22 +41,18 @@ resource "azurerm_virtual_network" "test" { name = "appgwsubnet" address_prefix = var.app_gateway_subnet_address_prefix } - - tags = var.tags } data "azurerm_subnet" "kubesubnet" { name = var.aks_subnet_name virtual_network_name = azurerm_virtual_network.test.name resource_group_name = azurerm_resource_group.rg.name - depends_on = [azurerm_virtual_network.test] } data "azurerm_subnet" "appgwsubnet" { name = "appgwsubnet" virtual_network_name = azurerm_virtual_network.test.name resource_group_name = azurerm_resource_group.rg.name - depends_on = [azurerm_virtual_network.test] } # Public Ip @@ -68,8 +62,6 @@ resource "azurerm_public_ip" "test" { resource_group_name = azurerm_resource_group.rg.name allocation_method = "Static" sku = "Standard" - - tags = var.tags } resource "azurerm_application_gateway" "network" { @@ -128,56 +120,28 @@ resource "azurerm_application_gateway" "network" { http_listener_name = local.listener_name backend_address_pool_name = local.backend_address_pool_name backend_http_settings_name = local.http_setting_name + priority = 1 } - - tags = var.tags - - depends_on = [azurerm_virtual_network.test, azurerm_public_ip.test] -} - -resource "azurerm_role_assignment" "ra1" { - scope = data.azurerm_subnet.kubesubnet.id - role_definition_name = "Network Contributor" - principal_id = var.aks_service_principal_object_id - - depends_on = [azurerm_virtual_network.test] -} - -resource "azurerm_role_assignment" "ra2" { - scope = azurerm_user_assigned_identity.testIdentity.id - role_definition_name = "Managed Identity Operator" - principal_id = var.aks_service_principal_object_id - depends_on = [azurerm_user_assigned_identity.testIdentity] -} - -resource "azurerm_role_assignment" "ra3" { - scope = azurerm_application_gateway.network.id - role_definition_name = "Contributor" - principal_id = azurerm_user_assigned_identity.testIdentity.principal_id - depends_on = [azurerm_user_assigned_identity.testIdentity, azurerm_application_gateway.network] -} - -resource "azurerm_role_assignment" "ra4" { - scope = azurerm_resource_group.rg.id - role_definition_name = "Reader" - principal_id = azurerm_user_assigned_identity.testIdentity.principal_id - depends_on = [azurerm_user_assigned_identity.testIdentity, azurerm_application_gateway.network] } resource "azurerm_kubernetes_cluster" "k8s" { - name = var.aks_name + name = var.aks_cluster_name location = azurerm_resource_group.rg.location dns_prefix = var.aks_dns_prefix + identity { + type = "SystemAssigned" + } + resource_group_name = azurerm_resource_group.rg.name http_application_routing_enabled = false linux_profile { - admin_username = var.vm_user_name + admin_username = var.vm_username ssh_key { - key_data = file(var.public_ssh_key_path) + key_data = jsondecode(azapi_resource_action.ssh_public_key_gen.output).publicKey } } @@ -189,22 +153,10 @@ resource "azurerm_kubernetes_cluster" "k8s" { vnet_subnet_id = data.azurerm_subnet.kubesubnet.id } - service_principal { - client_id = var.aks_service_principal_app_id - client_secret = var.aks_service_principal_client_secret - } - network_profile { network_plugin = "azure" dns_service_ip = var.aks_dns_service_ip docker_bridge_cidr = var.aks_docker_bridge_cidr service_cidr = var.aks_service_cidr } - - role_based_access_control { - enabled = var.aks_enable_rbac - } - - depends_on = [azurerm_virtual_network.test, azurerm_application_gateway.network] - tags = var.tags } \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/output.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/outputs.tf similarity index 50% rename from quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/output.tf rename to quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/outputs.tf index 287f119e..b98f8cb8 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/output.tf +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/outputs.tf @@ -2,24 +2,33 @@ output "resource_group_name" { value = azurerm_resource_group.rg.name } +output "aks_cluster_name" { + value = azurerm_kubernetes_cluster.k8s.name +} + output "client_key" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + sensitive = true } output "client_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + sensitive = true } output "cluster_ca_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + sensitive = true } output "cluster_username" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + sensitive = true } output "cluster_password" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + sensitive = true } output "kube_config" { @@ -28,7 +37,8 @@ output "kube_config" { } output "host" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + sensitive = true } output "identity_resource_id" { @@ -41,4 +51,4 @@ output "identity_client_id" { output "application_ip_address" { value = azurerm_public_ip.test.ip_address -} +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/providers.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/providers.tf index bbcf9cbd..cfba5824 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/providers.tf +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/providers.tf @@ -1,21 +1,22 @@ terraform { - - required_version = ">=0.12" + required_version = ">=1.0" required_providers { + azapi = { + source = "azure/azapi" + version = "~>1.5" + } azurerm = { source = "hashicorp/azurerm" - version = "~>2.0" + version = "~>3.0" + } + random = { + source = "hashicorp/random" + version = "~>3.0" } - } - backend "azurerm" { - resource_group_name = "" - storage_account_name = "" - container_name = "tfstate" - key = "codelab.microsoft.tfstate" } } provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/readme.md b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/readme.md index dc5e4864..55d18161 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/readme.md +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/readme.md @@ -1,4 +1,4 @@ -# Create an Application Gateway Ingress Controller in Azure Kubernetes Service using Terraform +# Application Gateway Ingress Controller in Azure Kubernetes Service using Terraform This template creates an Application Gateway Ingress Controller in Azure Kubernetes Service using Terraform. @@ -11,18 +11,17 @@ This template creates an Application Gateway Ingress Controller in Azure Kuberne - [azurerm_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) - [azurerm_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) - [azurerm_application_gateway](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway) -- [azurerm_role_assignment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) - [azurerm_kubernetes_cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster) +## Terraform data sources +- [azurerm_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) + ## Variables | Name | Description | Default value | |-|-|-| -| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | -| `location` | (Optional) Azure region in which to deploy demo resources.| eastus | -| `aks_service_principal_app_id` | Application ID/Client ID of the service principal. Used by AKS to manage AKS related resources on Azure like vms, subnets.| | -| `aks_service_principal_client_secret` | Secret of the service principal. Used by AKS to manage Azure. | | -| `aks_service_principal_object_id` | Object ID of the service principal. | | +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | | `virtual_network_name` | Virtual network name. | aksVirtualNetwork | | `virtual_network_address_prefix` | VNET address prefix. | 192.168.0.0/16 | | `aks_subnet_name` | Subnet name. | kubesubnet | @@ -41,6 +40,7 @@ This template creates an Application Gateway Ingress Controller in Azure Kuberne | `aks_dns_service_ip` | DNS server IP address. | 10.0.0.10 | | `aks_docker_bridge_cidr` | CIDR notation IP for Docker bridge. | 172.17.0.1/16 | | `aks_enable_rbac` | Enable RBAC on the AKS cluster. | false | +| `msi_id` | The Managed Service Identity ID. Set this value if you're running this example using Managed Identity as the authentication method. | null | | `vm_user_name` | User name for the VM. | vmuser1 | | `public_ssh_key_path` | Public key path for SSH. | ~/.ssh/id_rsa.pub | diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/ssh.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/ssh.tf new file mode 100644 index 00000000..b7a8a2e5 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/ssh.tf @@ -0,0 +1,24 @@ +resource "random_pet" "ssh_key_name" { + prefix = "ssh" + separator = "" +} + +resource "azapi_resource_action" "ssh_public_key_gen" { + type = "Microsoft.Compute/sshPublicKeys@2022-11-01" + resource_id = azapi_resource.ssh_public_key.id + action = "generateKeyPair" + method = "POST" + + response_export_values = ["publicKey", "privateKey"] +} + +resource "azapi_resource" "ssh_public_key" { + type = "Microsoft.Compute/sshPublicKeys@2022-11-01" + name = random_pet.ssh_key_name.id + location = azurerm_resource_group.rg.location + parent_id = azurerm_resource_group.rg.id +} + +output "key_data" { + value = jsondecode(azapi_resource_action.ssh_public_key_gen.output).publicKey +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/terraform.tfvars b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/terraform.tfvars deleted file mode 100644 index 5e0e0e0f..00000000 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/terraform.tfvars +++ /dev/null @@ -1,5 +0,0 @@ -aks_service_principal_app_id = "" - -aks_service_principal_client_secret = "" - -aks_service_principal_object_id = "" diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/variables.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/variables.tf index 5fb867f0..08f54f36 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/variables.tf +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/variables.tf @@ -1,128 +1,131 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." -} - variable "resource_group_location" { + type = string default = "eastus" description = "Location of the resource group." } -variable "aks_service_principal_app_id" { - description = "Application ID/Client ID of the service principal. Used by AKS to manage AKS related resources on Azure like vms, subnets." -} - -variable "aks_service_principal_client_secret" { - description = "Secret of the service principal. Used by AKS to manage Azure." -} - -variable "aks_service_principal_object_id" { - description = "Object ID of the service principal." +variable "resource_group_name_prefix" { + type = string + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." } variable "virtual_network_name" { + type = string description = "Virtual network name" default = "aksVirtualNetwork" } variable "virtual_network_address_prefix" { + type = string description = "VNET address prefix" default = "192.168.0.0/16" } variable "aks_subnet_name" { + type = string description = "Subnet Name." default = "kubesubnet" } variable "aks_subnet_address_prefix" { + type = string description = "Subnet address prefix." default = "192.168.0.0/24" } variable "app_gateway_subnet_address_prefix" { + type = string description = "Subnet server IP address." default = "192.168.1.0/24" } variable "app_gateway_name" { + type = string description = "Name of the Application Gateway" default = "ApplicationGateway1" } variable "app_gateway_sku" { + type = string description = "Name of the Application Gateway SKU" default = "Standard_v2" } variable "app_gateway_tier" { + type = string description = "Tier of the Application Gateway tier" default = "Standard_v2" } -variable "aks_name" { +variable "aks_cluster_name" { + type = string description = "AKS cluster name" default = "aks-cluster1" } + variable "aks_dns_prefix" { + type = string description = "Optional DNS prefix to use with hosted Kubernetes API server FQDN." default = "aks" } variable "aks_agent_os_disk_size" { + type = number description = "Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 applies the default disk size for that agentVMSize." default = 40 } variable "aks_agent_count" { + type = number description = "The number of agent nodes for the cluster." default = 3 } variable "aks_agent_vm_size" { + type = string description = "VM size" default = "Standard_D3_v2" } variable "kubernetes_version" { + type = string description = "Kubernetes version" default = "1.11.5" } variable "aks_service_cidr" { + type = string description = "CIDR notation IP range from which to assign service cluster IPs" default = "10.0.0.0/16" } variable "aks_dns_service_ip" { + type = string description = "DNS server IP address" default = "10.0.0.10" } variable "aks_docker_bridge_cidr" { + type = string description = "CIDR notation IP for Docker bridge." default = "172.17.0.1/16" } variable "aks_enable_rbac" { + type = bool description = "Enable RBAC on the AKS cluster. Defaults to false." default = "false" } -variable "vm_user_name" { +variable "msi_id" { + type = string + description = "The Managed Service Identity ID. Set this value if you're running this example using Managed Identity as the authentication method." + default = null +} + +variable "vm_username" { + type = string description = "User name for the VM" default = "vmuser1" -} - -variable "public_ssh_key_path" { - description = "Public key path for SSH." - default = "~/.ssh/id_rsa.pub" -} - -variable "tags" { - type = map(string) - - default = { - source = "terraform" - } -} +} \ No newline at end of file