Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
terraform-azure/quickstart/201-aks-helm/readme.md
Joey Lorich 415e3caa97 reorganize, add scaffold folder 
update readmes

clean up tf provider

add readme and initial templates

add initial pass at readmes

more readme updates

update various quickstarts

finish cleaning up 101s

more updates

lots fo template updates

add remaining

more updates
2019-11-06 16:39:59 -05:00

244 lines
8.9 KiB
Markdown
Raw Blame History

# AKS with Helm
This template deploys an Azure Kubernetes Service cluster then leverages the Kubernetes provider to configure Helm (v2) to manage deployed packages. Once stood up a basic blog demo is deployed.
## Variables
| Name | Description |
|-|-|
| name | Name of the deployment |
| environment | The depolyment environment name (used for postfixing resource names) |
| prefix | A prefix for globally-unique dns-based resources |
| location | The Azure Region to deploy these resources in |
| node_type | The type of node to deploy on (e.g. d1v2) |
| node_count | The number of nodes to deploy |
| dns_prefix | A unique dns prefix |
## Sample
```bash
> terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
data.azurerm_subscription.current: Refreshing state...
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# azuread_application.default will be created
+ resource "azuread_application" "default" {
+ application_id = (known after apply)
+ homepage = (known after apply)
+ id = (known after apply)
+ identifier_uris = (known after apply)
+ name = "quickstart-aks-dev"
+ object_id = (known after apply)
+ public_client = (known after apply)
+ reply_urls = (known after apply)
+ type = "webapp/api"
+ oauth2_permissions {
+ admin_consent_description = (known after apply)
+ admin_consent_display_name = (known after apply)
+ id = (known after apply)
+ is_enabled = (known after apply)
+ type = (known after apply)
+ user_consent_description = (known after apply)
+ user_consent_display_name = (known after apply)
+ value = (known after apply)
}
}
# azuread_service_principal.default will be created
+ resource "azuread_service_principal" "default" {
+ application_id = (known after apply)
+ display_name = (known after apply)
+ id = (known after apply)
+ object_id = (known after apply)
+ oauth2_permissions {
+ admin_consent_description = (known after apply)
+ admin_consent_display_name = (known after apply)
+ id = (known after apply)
+ is_enabled = (known after apply)
+ type = (known after apply)
+ user_consent_description = (known after apply)
+ user_consent_display_name = (known after apply)
+ value = (known after apply)
}
}
# azuread_service_principal_password.default will be created
+ resource "azuread_service_principal_password" "default" {
+ end_date = "2099-01-01T01:00:00Z"
+ id = (known after apply)
+ key_id = (known after apply)
+ service_principal_id = (known after apply)
+ start_date = (known after apply)
+ value = (sensitive value)
}
# azurerm_kubernetes_cluster.default will be created
+ resource "azurerm_kubernetes_cluster" "default" {
+ dns_prefix = "tfquickstart-quickstart-aks-aks-dev"
+ enable_pod_security_policy = (known after apply)
+ fqdn = (known after apply)
+ id = (known after apply)
+ kube_admin_config = (known after apply)
+ kube_admin_config_raw = (sensitive value)
+ kube_config = (known after apply)
+ kube_config_raw = (sensitive value)
+ kubernetes_version = (known after apply)
+ location = "westus2"
+ name = "quickstart-aks-aks"
+ node_resource_group = (known after apply)
+ resource_group_name = "quickstart-aks-dev-rg"
+ tags = (known after apply)
+ addon_profile {
+ aci_connector_linux {
+ enabled = (known after apply)
+ subnet_name = (known after apply)
}
+ azure_policy {
+ enabled = (known after apply)
}
+ http_application_routing {
+ enabled = (known after apply)
+ http_application_routing_zone_name = (known after apply)
}
+ kube_dashboard {
+ enabled = (known after apply)
}
+ oms_agent {
+ enabled = (known after apply)
+ log_analytics_workspace_id = (known after apply)
}
}
+ agent_pool_profile {
+ count = 3
+ dns_prefix = (known after apply)
+ fqdn = (known after apply)
+ max_pods = (known after apply)
+ name = "default"
+ os_disk_size_gb = 30
+ os_type = "Linux"
+ type = "AvailabilitySet"
+ vm_size = "Standard_D1_v2"
}
+ network_profile {
+ dns_service_ip = (known after apply)
+ docker_bridge_cidr = (known after apply)
+ load_balancer_sku = (known after apply)
+ network_plugin = (known after apply)
+ network_policy = (known after apply)
+ pod_cidr = (known after apply)
+ service_cidr = (known after apply)
}
+ role_based_access_control {
+ enabled = true
}
+ service_principal {
+ client_id = (known after apply)
+ client_secret = (sensitive value)
}
}
# azurerm_resource_group.default will be created
+ resource "azurerm_resource_group" "default" {
+ id = (known after apply)
+ location = "westus2"
+ name = "quickstart-aks-dev-rg"
+ tags = (known after apply)
}
# azurerm_role_assignment.default will be created
+ resource "azurerm_role_assignment" "default" {
+ id = (known after apply)
+ name = (known after apply)
+ principal_id = (known after apply)
+ principal_type = (known after apply)
+ role_definition_id = (known after apply)
+ role_definition_name = "Network Contributor"
+ scope = "/subscriptions/b0e04a4a-a321-4b66-b8fd-13715262ba3c/resourceGroups/quickstart-aks-dev-rg"
+ skip_service_principal_aad_check = (known after apply)
}
# kubernetes_cluster_role_binding.tiller will be created
+ resource "kubernetes_cluster_role_binding" "tiller" {
+ id = (known after apply)
+ metadata {
+ generation = (known after apply)
+ name = "tiller"
+ resource_version = (known after apply)
+ self_link = (known after apply)
+ uid = (known after apply)
}
+ role_ref {
+ api_group = "rbac.authorization.k8s.io"
+ kind = "ClusterRole"
+ name = "cluster-admin"
}
+ subject {
+ api_group = (known after apply)
+ kind = "ServiceAccount"
+ name = "tiller"
+ namespace = "kube-system"
}
}
# kubernetes_service_account.tiller will be created
+ resource "kubernetes_service_account" "tiller" {
+ default_secret_name = (known after apply)
+ id = (known after apply)
+ metadata {
+ generation = (known after apply)
+ name = "tiller"
+ namespace = "kube-system"
+ resource_version = (known after apply)
+ self_link = (known after apply)
+ uid = (known after apply)
}
}
# random_string.password will be created
+ resource "random_string" "password" {
+ id = (known after apply)
+ length = 32
+ lower = true
+ min_lower = 0
+ min_numeric = 0
+ min_special = 0
+ min_upper = 0
+ number = true
+ result = (known after apply)
+ special = true
+ upper = true
}
Plan: 9 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
```
\* Example shown with [Bash](https://www.gnu.org/software/bash/). For [Powershell](https://docs.microsoft.com/en-us/powershell/) replace backslashes with backticks.
Reference in New Issue View Git Blame Copy Permalink