Tips-Of-Mine/terraform
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
terraform/quickstart/301-aks-private-cluster/README.md

56 lines
2.3 KiB
Markdown
Raw Blame History

# Private Azure Kubernetes Service with Custom DNS Server
This template deploys a private Azure Kubernetes Service cluster configured with custom DNS server. A new VNet with provided
custom DNS server would be provisioned and the AKS cluster is deployed into this new VNet. The DNS server's VNet would
also be linked to AKS provisioned private DNS zone, so that AKS cluster's private FQDN could be resolved successfully on
custom DNS server.
To use this template, ensure the following pre-requirements have been set:
* Azure CLI and terraform installed locally
* Pre-configure DNS servers outside of AKS VNet
* Forward AKS cluster FQDN `azmk8s.io` (or only private cluster FQDN `privatelink.<region>.azmk8s.io`) to Azure DNS `168.63.129.16`
* Get the DNS servers IP address, which would be set in `custom_dns`
* Get the DNS server's VNet resource ID, which would be set in `custom_dns_vnet_id`
## Resources
| Terraform Resource Type | Description |
|-------------------------|-------------|
| `azurerm_resource_group` | The resource group all resources are deployed into |
| `azurerm_virtual_network` | The VNet that AKS cluster would be deployed on |
| `azurerm_subnet` | The subnet that AKS cluster would be deployed on |
| `azurerm_kubernetes_cluster` | The AKS cluster |
| `null_resource.dns_zone_link` | Link custom DNS server's VNet to AKS private DNS zone|
## Variables
| Name | Description |
|------|-------------|
| `resource_group_name` | Name of the Azure resource group|
| `cluster_name` | Name of the AKS cluster|
| `custom_dns` | IP of custom DNS server|
| `custom_dns_vnet_id` |Resource ID of the Azure VNet that holds custom DNS server|
| `client_id` | The service principal ID|
| `client_secret` | The service principal password|
| `agent_count` | The number of K8S nodes to provision|
| `kubernetes_version` | The version of K8S to provision|
| `ssh_public_key` | The SSH public key of K8S nodes |
| `dns_prefix` | The DNS prefix of AKS cluster |
| `location` | The location of Azure resources |
## Usage
```sh
terraform plan \
-var 'resource_group_name=aks-quickstart' \
-var 'cluster_name=aks' \
-var 'custom_dns=<your-custom-dns-IP>' \
-var 'custom_dns_vnet_id=<your-custom-dns-vnet-id>' \
-var 'client_id=<your-client-id>' \
-var 'client_secret=<your-client-secret>' \
-out demo.tfplan
terraform apply demo.tfplan
```
Reference in New Issue View Git Blame Copy Permalink