diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/main.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/main.tf index 4b953057..7d872a78 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/main.tf +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/main.tf @@ -1,21 +1,210 @@ -terraform { +resource "random_pet" "rg-name" { + prefix = var.resource_group_name_prefix +} - required_version = ">=0.12" +resource "azurerm_resource_group" "rg" { + name = random_pet.rg-name.id + location = var.resource_group_location +} - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "~>2.0" +# Locals block for hardcoded names +locals { + backend_address_pool_name = "${azurerm_virtual_network.test.name}-beap" + frontend_port_name = "${azurerm_virtual_network.test.name}-feport" + frontend_ip_configuration_name = "${azurerm_virtual_network.test.name}-feip" + http_setting_name = "${azurerm_virtual_network.test.name}-be-htst" + listener_name = "${azurerm_virtual_network.test.name}-httplstn" + request_routing_rule_name = "${azurerm_virtual_network.test.name}-rqrt" + app_gateway_subnet_name = "appgwsubnet" +} + +# User Assigned Identities +resource "azurerm_user_assigned_identity" "testIdentity" { + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + + name = "identity1" + + tags = var.tags +} + +resource "azurerm_virtual_network" "test" { + name = var.virtual_network_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + address_space = [var.virtual_network_address_prefix] + + subnet { + name = var.aks_subnet_name + address_prefix = var.aks_subnet_address_prefix + } + + subnet { + name = "appgwsubnet" + address_prefix = var.app_gateway_subnet_address_prefix + } + + tags = var.tags +} + +data "azurerm_subnet" "kubesubnet" { + name = var.aks_subnet_name + virtual_network_name = azurerm_virtual_network.test.name + resource_group_name = azurerm_resource_group.rg.name + depends_on = [azurerm_virtual_network.test] +} + +data "azurerm_subnet" "appgwsubnet" { + name = "appgwsubnet" + virtual_network_name = azurerm_virtual_network.test.name + resource_group_name = azurerm_resource_group.rg.name + depends_on = [azurerm_virtual_network.test] +} + +# Public Ip +resource "azurerm_public_ip" "test" { + name = "publicIp1" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + allocation_method = "Static" + sku = "Standard" + + tags = var.tags +} + +resource "azurerm_application_gateway" "network" { + name = var.app_gateway_name + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + + sku { + name = var.app_gateway_sku + tier = "Standard_v2" + capacity = 2 + } + + gateway_ip_configuration { + name = "appGatewayIpConfig" + subnet_id = data.azurerm_subnet.appgwsubnet.id + } + + frontend_port { + name = local.frontend_port_name + port = 80 + } + + frontend_port { + name = "httpsPort" + port = 443 + } + + frontend_ip_configuration { + name = local.frontend_ip_configuration_name + public_ip_address_id = azurerm_public_ip.test.id + } + + backend_address_pool { + name = local.backend_address_pool_name + } + + backend_http_settings { + name = local.http_setting_name + cookie_based_affinity = "Disabled" + port = 80 + protocol = "Http" + request_timeout = 1 + } + + http_listener { + name = local.listener_name + frontend_ip_configuration_name = local.frontend_ip_configuration_name + frontend_port_name = local.frontend_port_name + protocol = "Http" + } + + request_routing_rule { + name = local.request_routing_rule_name + rule_type = "Basic" + http_listener_name = local.listener_name + backend_address_pool_name = local.backend_address_pool_name + backend_http_settings_name = local.http_setting_name + } + + tags = var.tags + + depends_on = [azurerm_virtual_network.test, azurerm_public_ip.test] +} + +resource "azurerm_role_assignment" "ra1" { + scope = data.azurerm_subnet.kubesubnet.id + role_definition_name = "Network Contributor" + principal_id = var.aks_service_principal_object_id + + depends_on = [azurerm_virtual_network.test] +} + +resource "azurerm_role_assignment" "ra2" { + scope = azurerm_user_assigned_identity.testIdentity.id + role_definition_name = "Managed Identity Operator" + principal_id = var.aks_service_principal_object_id + depends_on = [azurerm_user_assigned_identity.testIdentity] +} + +resource "azurerm_role_assignment" "ra3" { + scope = azurerm_application_gateway.network.id + role_definition_name = "Contributor" + principal_id = azurerm_user_assigned_identity.testIdentity.principal_id + depends_on = [azurerm_user_assigned_identity.testIdentity, azurerm_application_gateway.network] +} + +resource "azurerm_role_assignment" "ra4" { + scope = azurerm_resource_group.rg.id + role_definition_name = "Reader" + principal_id = azurerm_user_assigned_identity.testIdentity.principal_id + depends_on = [azurerm_user_assigned_identity.testIdentity, azurerm_application_gateway.network] +} + +resource "azurerm_kubernetes_cluster" "k8s" { + name = var.aks_name + location = azurerm_resource_group.rg.location + dns_prefix = var.aks_dns_prefix + + resource_group_name = azurerm_resource_group.rg.name + + http_application_routing_enabled = false + + linux_profile { + admin_username = var.vm_user_name + + ssh_key { + key_data = file(var.public_ssh_key_path) } } - backend "azurerm" { - resource_group_name = var.resource_group_name - storage_account_name = var.storage_account_name - container_name = "tfstate" - key = "codelab.microsoft.tfstate" - } + + default_node_pool { + name = "agentpool" + node_count = var.aks_agent_count + vm_size = var.aks_agent_vm_size + os_disk_size_gb = var.aks_agent_os_disk_size + vnet_subnet_id = data.azurerm_subnet.kubesubnet.id } - provider "azurerm" { - features {} -} + service_principal { + client_id = var.aks_service_principal_app_id + client_secret = var.aks_service_principal_client_secret + } + + network_profile { + network_plugin = "azure" + dns_service_ip = var.aks_dns_service_ip + docker_bridge_cidr = var.aks_docker_bridge_cidr + service_cidr = var.aks_service_cidr + } + + role_based_access_control { + enabled = var.aks_enable_rbac + } + + depends_on = [azurerm_virtual_network.test, azurerm_application_gateway.network] + tags = var.tags +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/output.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/output.tf index 6d59e7fb..287f119e 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/output.tf +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/output.tf @@ -1,36 +1,44 @@ +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} + output "client_key" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key } output "client_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate } output "cluster_ca_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate } output "cluster_username" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + value = azurerm_kubernetes_cluster.k8s.kube_config.0.username } output "cluster_password" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + value = azurerm_kubernetes_cluster.k8s.kube_config.0.password } output "kube_config" { - value = azurerm_kubernetes_cluster.k8s.kube_config_raw - sensitive = true + value = azurerm_kubernetes_cluster.k8s.kube_config_raw + sensitive = true } output "host" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + value = azurerm_kubernetes_cluster.k8s.kube_config.0.host } output "identity_resource_id" { - value = azurerm_user_assigned_identity.testIdentity.id + value = azurerm_user_assigned_identity.testIdentity.id } output "identity_client_id" { - value = azurerm_user_assigned_identity.testIdentity.client_id + value = azurerm_user_assigned_identity.testIdentity.client_id +} + +output "application_ip_address" { + value = azurerm_public_ip.test.ip_address } diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/providers.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/providers.tf new file mode 100644 index 00000000..bbcf9cbd --- /dev/null +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/providers.tf @@ -0,0 +1,21 @@ +terraform { + + required_version = ">=0.12" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>2.0" + } + } + backend "azurerm" { + resource_group_name = "" + storage_account_name = "" + container_name = "tfstate" + key = "codelab.microsoft.tfstate" + } +} + +provider "azurerm" { + features {} +} diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/readme.md b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/readme.md new file mode 100644 index 00000000..72315176 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/readme.md @@ -0,0 +1,50 @@ +# Create an Application Gateway Ingress Controller in Azure Kubernetes Service using Terraform + +This template creates an Application Gateway Ingress Controller in Azure Kubernetes Service using Terraform. + +## Terraform resource types + +- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) +- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) +- [azurerm_user_assigned_identity](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) +- [azurerm_virtual_network](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) +- [azurerm_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) +- [azurerm_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) +- [azurerm_application_gateway](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway) +- [azurerm_role_assignment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) +- [azurerm_kubernetes_cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster) + +## Variables + +| Name | Description | Default value | +|-|-|-| + +| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `location` | (Optional) Azure region in which to deploy demo resources.| eastus | +| `aks_service_principal_app_id` | Application ID/Client ID of the service principal. Used by AKS to manage AKS related resources on Azure like vms, subnets.| | +| `aks_service_principal_client_secret` | Secret of the service principal. Used by AKS to manage Azure. | | +| `aks_service_principal_object_id` | Object ID of the service principal. | | +| `virtual_network_name` | Virtual network name. | aksVirtualNetwork | +| `virtual_network_address_prefix` | VNET address prefix. | 192.168.0.0/16 | +| `aks_subnet_name` | Subnet name. | kubesubnet | +| `aks_subnet_address_prefix` | Subnet address prefix. | 192.168.0.0/24 | +| `app_gateway_subnet_address_prefix` | Subnet server IP address. | 192.168.1.0/24 | +| `app_gateway_name` | Name of the Application Gateway. | ApplicationGateway1 | +| `app_gateway_sku` | Name of the Application Gateway SKU. | Standard_v2 | +| `app_gateway_tier` | Tier of the Application Gateway tier. | Standard_v2 | +| `aks_name` | AKS cluster name. | aks-cluster1 | +| `aks_dns_prefix` | (Optional) DNS prefix to use with hosted Kubernetes API server FQDN. | aks | +| `aks_agent_os_disk_size` | Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Value of 0 applies the default disk size for that agentVMSize. | 40 | +| `aks_agent_count` | The number of agent nodes for the cluster. | 3 | +| `aks_agent_vm_size` | VM size. | Standard_D3_v2 | +| `kubernetes_version` | Kubernetes version | 1.11.5 | +| `aks_service_cidr` | CIDR notation IP range from which to assign service cluster IPs. | 10.0.0.0/16 | +| `aks_dns_service_ip` | DNS server IP address. | 10.0.0.10 | +| `aks_docker_bridge_cidr` | CIDR notation IP for Docker bridge. | 172.17.0.1/16 | +| `aks_enable_rbac` | Enable RBAC on the AKS cluster. | false | +| `vm_user_name` | User name for the VM. | vmuser1 | +| `public_ssh_key_path` | Public key path for SSH. | ~/.ssh/id_rsa.pub | + +## Example + +To see how to run this example, see [Create an Application Gateway Ingress Controller in Azure Kubernetes Service using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-k8s-cluster-with-aks-applicationgateway-ingress). diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/resources.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/resources.tf deleted file mode 100644 index 2fb7acc0..00000000 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/resources.tf +++ /dev/null @@ -1,209 +0,0 @@ -# # Locals block for hardcoded names. -locals { - backend_address_pool_name = "${azurerm_virtual_network.test.name}-beap" - frontend_port_name = "${azurerm_virtual_network.test.name}-feport" - frontend_ip_configuration_name = "${azurerm_virtual_network.test.name}-feip" - http_setting_name = "${azurerm_virtual_network.test.name}-be-htst" - listener_name = "${azurerm_virtual_network.test.name}-httplstn" - request_routing_rule_name = "${azurerm_virtual_network.test.name}-rqrt" - app_gateway_subnet_name = "appgwsubnet" -} - -data "azurerm_resource_group" "rg" { - name = var.resource_group_name -} - -# User Assigned Identities -resource "azurerm_user_assigned_identity" "testIdentity" { - resource_group_name = data.azurerm_resource_group.rg.name - location = data.azurerm_resource_group.rg.location - - name = "identity1" - - tags = var.tags -} - -resource "azurerm_virtual_network" "test" { - name = var.virtual_network_name - location = data.azurerm_resource_group.rg.location - resource_group_name = data.azurerm_resource_group.rg.name - address_space = [var.virtual_network_address_prefix] - - subnet { - name = var.aks_subnet_name - address_prefix = var.aks_subnet_address_prefix - } - - subnet { - name = "appgwsubnet" - address_prefix = var.app_gateway_subnet_address_prefix - } - - tags = var.tags -} - -data "azurerm_subnet" "kubesubnet" { - name = var.aks_subnet_name - virtual_network_name = azurerm_virtual_network.test.name - resource_group_name = data.azurerm_resource_group.rg.name - depends_on = [azurerm_virtual_network.test] -} - -data "azurerm_subnet" "appgwsubnet" { - name = "appgwsubnet" - virtual_network_name = azurerm_virtual_network.test.name - resource_group_name = data.azurerm_resource_group.rg.name - depends_on = [azurerm_virtual_network.test] -} - -# Public Ip -resource "azurerm_public_ip" "test" { - name = "publicIp1" - location = data.azurerm_resource_group.rg.location - resource_group_name = data.azurerm_resource_group.rg.name - allocation_method = "Static" - sku = "Standard" - - tags = var.tags -} - -resource "azurerm_application_gateway" "network" { - name = var.app_gateway_name - resource_group_name = data.azurerm_resource_group.rg.name - location = data.azurerm_resource_group.rg.location - - sku { - name = var.app_gateway_sku - tier = "Standard_v2" - capacity = 2 - } - - gateway_ip_configuration { - name = "appGatewayIpConfig" - subnet_id = data.azurerm_subnet.appgwsubnet.id - } - - frontend_port { - name = local.frontend_port_name - port = 80 - } - - frontend_port { - name = "httpsPort" - port = 443 - } - - frontend_ip_configuration { - name = local.frontend_ip_configuration_name - public_ip_address_id = azurerm_public_ip.test.id - } - - backend_address_pool { - name = local.backend_address_pool_name - } - - backend_http_settings { - name = local.http_setting_name - cookie_based_affinity = "Disabled" - port = 80 - protocol = "Http" - request_timeout = 1 - } - - http_listener { - name = local.listener_name - frontend_ip_configuration_name = local.frontend_ip_configuration_name - frontend_port_name = local.frontend_port_name - protocol = "Http" - } - - request_routing_rule { - name = local.request_routing_rule_name - rule_type = "Basic" - http_listener_name = local.listener_name - backend_address_pool_name = local.backend_address_pool_name - backend_http_settings_name = local.http_setting_name - } - - tags = var.tags - - depends_on = [azurerm_virtual_network.test, azurerm_public_ip.test] -} - -resource "azurerm_role_assignment" "ra1" { - scope = data.azurerm_subnet.kubesubnet.id - role_definition_name = "Network Contributor" - principal_id = var.aks_service_principal_object_id - - depends_on = [azurerm_virtual_network.test] -} - -resource "azurerm_role_assignment" "ra2" { - scope = azurerm_user_assigned_identity.testIdentity.id - role_definition_name = "Managed Identity Operator" - principal_id = var.aks_service_principal_object_id - depends_on = [azurerm_user_assigned_identity.testIdentity] -} - -resource "azurerm_role_assignment" "ra3" { - scope = azurerm_application_gateway.network.id - role_definition_name = "Contributor" - principal_id = azurerm_user_assigned_identity.testIdentity.principal_id - depends_on = [azurerm_user_assigned_identity.testIdentity, azurerm_application_gateway.network] -} - -resource "azurerm_role_assignment" "ra4" { - scope = data.azurerm_resource_group.rg.id - role_definition_name = "Reader" - principal_id = azurerm_user_assigned_identity.testIdentity.principal_id - depends_on = [azurerm_user_assigned_identity.testIdentity, azurerm_application_gateway.network] -} - -resource "azurerm_kubernetes_cluster" "k8s" { - name = var.aks_name - location = data.azurerm_resource_group.rg.location - dns_prefix = var.aks_dns_prefix - - resource_group_name = data.azurerm_resource_group.rg.name - - linux_profile { - admin_username = var.vm_user_name - - ssh_key { - key_data = file(var.public_ssh_key_path) - } - } - - addon_profile { - http_application_routing { - enabled = false - } - } - - default_node_pool { - name = "agentpool" - node_count = var.aks_agent_count - vm_size = var.aks_agent_vm_size - os_disk_size_gb = var.aks_agent_os_disk_size - vnet_subnet_id = data.azurerm_subnet.kubesubnet.id - } - - service_principal { - client_id = var.aks_service_principal_app_id - client_secret = var.aks_service_principal_client_secret - } - - network_profile { - network_plugin = "azure" - dns_service_ip = var.aks_dns_service_ip - docker_bridge_cidr = var.aks_docker_bridge_cidr - service_cidr = var.aks_service_cidr - } - - role_based_access_control { - enabled = var.aks_enable_rbac - } - - depends_on = [azurerm_virtual_network.test, azurerm_application_gateway.network] - tags = var.tags -} diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/terraform.tfvars b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/terraform.tfvars index 138c0712..5e0e0e0f 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/terraform.tfvars +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/terraform.tfvars @@ -1,9 +1,5 @@ -resource_group_name = "" +aks_service_principal_app_id = "" -location = "" - -aks_service_principal_app_id = "" - -aks_service_principal_client_secret = "" - -aks_service_principal_object_id = "" +aks_service_principal_client_secret = "" + +aks_service_principal_object_id = "" diff --git a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/variables.tf b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/variables.tf index db3d508e..5fb867f0 100644 --- a/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/variables.tf +++ b/quickstart/201-k8s-cluster-with-aks-applicationgateway-ingress/variables.tf @@ -1,130 +1,128 @@ -variable "resource_group_name" { - description = "Name of the resource group." +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." } -variable "location" { - description = "Location of the cluster." +variable "resource_group_location" { + default = "eastus" + description = "Location of the resource group." } variable "aks_service_principal_app_id" { - description = "Application ID/Client ID of the service principal. Used by AKS to manage AKS related resources on Azure like vms, subnets." + description = "Application ID/Client ID of the service principal. Used by AKS to manage AKS related resources on Azure like vms, subnets." } variable "aks_service_principal_client_secret" { - description = "Secret of the service principal. Used by AKS to manage Azure." + description = "Secret of the service principal. Used by AKS to manage Azure." } variable "aks_service_principal_object_id" { - description = "Object ID of the service principal." + description = "Object ID of the service principal." } variable "virtual_network_name" { - description = "Virtual network name" - default = "aksVirtualNetwork" + description = "Virtual network name" + default = "aksVirtualNetwork" } variable "virtual_network_address_prefix" { - description = "VNET address prefix" - default = "15.0.0.0/8" + description = "VNET address prefix" + default = "192.168.0.0/16" } variable "aks_subnet_name" { - description = "Subnet Name." - default = "kubesubnet" + description = "Subnet Name." + default = "kubesubnet" } variable "aks_subnet_address_prefix" { - description = "Subnet address prefix." - default = "15.0.0.0/16" + description = "Subnet address prefix." + default = "192.168.0.0/24" } variable "app_gateway_subnet_address_prefix" { - description = "Subnet server IP address." - default = "15.1.0.0/16" + description = "Subnet server IP address." + default = "192.168.1.0/24" } variable "app_gateway_name" { - description = "Name of the Application Gateway" - default = "ApplicationGateway1" + description = "Name of the Application Gateway" + default = "ApplicationGateway1" } variable "app_gateway_sku" { - description = "Name of the Application Gateway SKU" - default = "Standard_v2" + description = "Name of the Application Gateway SKU" + default = "Standard_v2" } variable "app_gateway_tier" { - description = "Tier of the Application Gateway tier" - default = "Standard_v2" + description = "Tier of the Application Gateway tier" + default = "Standard_v2" } variable "aks_name" { - description = "AKS cluster name" - default = "aks-cluster1" + description = "AKS cluster name" + default = "aks-cluster1" } variable "aks_dns_prefix" { - description = "Optional DNS prefix to use with hosted Kubernetes API server FQDN." - default = "aks" + description = "Optional DNS prefix to use with hosted Kubernetes API server FQDN." + default = "aks" } variable "aks_agent_os_disk_size" { - description = "Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 applies the default disk size for that agentVMSize." - default = 40 + description = "Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 applies the default disk size for that agentVMSize." + default = 40 } variable "aks_agent_count" { - description = "The number of agent nodes for the cluster." - default = 3 + description = "The number of agent nodes for the cluster." + default = 3 } variable "aks_agent_vm_size" { - description = "VM size" - default = "Standard_D3_v2" + description = "VM size" + default = "Standard_D3_v2" } variable "kubernetes_version" { - description = "Kubernetes version" - default = "1.11.5" + description = "Kubernetes version" + default = "1.11.5" } variable "aks_service_cidr" { - description = "CIDR notation IP range from which to assign service cluster IPs" - default = "10.0.0.0/16" + description = "CIDR notation IP range from which to assign service cluster IPs" + default = "10.0.0.0/16" } variable "aks_dns_service_ip" { - description = "DNS server IP address" - default = "10.0.0.10" + description = "DNS server IP address" + default = "10.0.0.10" } variable "aks_docker_bridge_cidr" { - description = "CIDR notation IP for Docker bridge." - default = "172.17.0.1/16" + description = "CIDR notation IP for Docker bridge." + default = "172.17.0.1/16" } variable "aks_enable_rbac" { - description = "Enable RBAC on the AKS cluster. Defaults to false." - default = "false" + description = "Enable RBAC on the AKS cluster. Defaults to false." + default = "false" } variable "vm_user_name" { - description = "User name for the VM" - default = "vmuser1" + description = "User name for the VM" + default = "vmuser1" } variable "public_ssh_key_path" { - description = "Public key path for SSH." - default = "~/.ssh/id_rsa.pub" + description = "Public key path for SSH." + default = "~/.ssh/id_rsa.pub" } variable "tags" { - type = map(string) + type = map(string) - default = { + default = { source = "terraform" - } -} - -variable "storage_account_name" { - description = "Name of storage account" + } }