Skip to content
This repository has been archived by the owner on Jul 28, 2021. It is now read-only.

Latest commit

 

History

History
119 lines (87 loc) · 2.8 KB

README.md

File metadata and controls

119 lines (87 loc) · 2.8 KB

ACE Infrastructure Automation for Azure

This repository contains Infrastrucutre as Code for runnong the ACE platform on public Azure using HashiCorp Terraform.

Prerequisites

Create Azure Client

Generate Azure Client ID and secret.

az ad sp create-for-rbac \
  --name="TerraformAKS" \
  --role="Contributor" \
  --scopes="/subscriptions/YOUR_SUBSCRIPTION_ID"

Expected output:

{
  "appId": "00000000-0000-0000-0000-000000000000",
  "displayName": "Kubernetes AKS Terraform",
  "name": "http://kubernetes-aks-terraform",
  "password": "0000-0000-0000-0000-000000000000",
  "tenant": "00000000-0000-0000-0000-000000000000"
}

Create a new file inside the /secrets directory. The name of the file should be on the following format <cluster>.secrets.tfvars where <cluster> is the name of the new cluster.

subscription_id = "<subscription>"
client_id = "<appId>"
client_secret = "<password>"
tenant_id = "<tenant>"

Create SSH Key

ssh-keygen -t rsa -b 4096 -C "<cluster>@<corp>.com"

The public part (the one ending in .pub) of this key should be added to the <cluster>.secrets.tfvars file above like this:

ssh_public_key = "ssh-rsa ..."

Terraform Init

Set up the Terraform backend with the required authentication settings that can not be stored in a file.

terraform init \
  -backend-config="subscription_id=YOUR_SUBSCRIPTION_ID" \
  -backend-config="client_id=YOUR_CLIENT_ID" \
  -backend-config="client_secret=YOUR_CLIENT_SECRET" \
  -backend-config="tenant_id=YOUR_TENANT_ID"

Terraform Plan

Replace <cluster> with the name of the cluster you want to change.

terraform plan \
  -var-file clusters/<cluster>.tfvars \
  -var-file secrets/<cluster>.secrets.tfvars

Terraform Apply

Replace <cluster> with the name of the cluster you want to change.

terraform apply \
  -var-file clusters/<cluster>.tfvars \
  -var-file secrets/<cluster>.secrets.tfvars

Note: Creating a new Azure AKS cluster can take up to 15 minutes.

Kubeconfig

Save kubernetes config file to ~/.kube/<cluster>

terraform output kube_config > ~/.kube/<cluster>

Set KUBECONFIG environment variable to the kubernetes config file

export KUBECONFIG=~/.kube/<cluster>

Test Kubeconfig

kubectl get nodes
NAME                     STATUS    ROLES     AGE       VERSION
aks-default-75135322-0   Ready     agent     23m       v1.9.6
aks-default-75135322-1   Ready     agent     23m       v1.9.6
aks-default-75135322-2   Ready     agent     23m       v1.9.6