marko/docker-development-youtube-series
1
0
Fork 0
mirror of https://github.com/marcel-dempers/docker-development-youtube-series.git synced 2025-06-06 17:01:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
marcel-dempers 2020-07-17 13:00:33 +10:00
parent 877810d147
commit 837f69f019
6 changed files with 97 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
kubernetes/cloud/azure/terraform/main.tf
View File

@ -1,5 +1,11 @@
provider "azurerm" { provider "azurerm" {
version = "=2.0.0" version = "=2.5.0"
subscription_id = var.subscription_id
client_id = var.serviceprinciple_id
client_secret = var.serviceprinciple_key
tenant_id = var.tenant_id
features {} features {}
} }

4
kubernetes/cloud/azure/terraform/modules/cluster/cluster.tf
View File

@ -17,7 +17,7 @@ resource "azurerm_kubernetes_cluster" "aks-getting-started" {
type = "VirtualMachineScaleSets" type = "VirtualMachineScaleSets"
os_disk_size_gb = 250 os_disk_size_gb = 250
} }
service_principal { service_principal {
client_id = var.serviceprinciple_id client_id = var.serviceprinciple_id
client_secret = var.serviceprinciple_key client_secret = var.serviceprinciple_key
@ -29,7 +29,6 @@ resource "azurerm_kubernetes_cluster" "aks-getting-started" {
key_data = var.ssh_key key_data = var.ssh_key
} }
} }
network_profile { network_profile {
network_plugin = "kubenet" network_plugin = "kubenet"
@ -57,6 +56,7 @@ resource "azurerm_kubernetes_cluster" "aks-getting-started" {
enabled = false enabled = false
} }
} }
} }
/* /*

8
kubernetes/cloud/azure/terraform/modules/cluster/variables.tf
View File

@ -4,13 +4,13 @@ variable "serviceprinciple_id" {
variable "serviceprinciple_key" { variable "serviceprinciple_key" {
} }
variable "ssh_key" {
}
variable "location" { variable "location" {
default = "australiaeast" default = "australiaeast"
} }
variable "kubernetes_version" { variable "kubernetes_version" {
default = "1.16.10" default = "1.16.10"
} }
variable "ssh_key" {
}

18
kubernetes/cloud/azure/terraform/modules/k8s/k8s.tf
View File

@ -7,6 +7,7 @@ provider "kubernetes" {
cluster_ca_certificate = var.cluster_ca_certificate cluster_ca_certificate = var.cluster_ca_certificate
} }
resource "kubernetes_deployment" "example" { resource "kubernetes_deployment" "example" {
metadata { metadata {
name = "terraform-example" name = "terraform-example"
@ -66,3 +67,20 @@ resource "kubernetes_deployment" "example" {
} }
} }
} }
resource "kubernetes_service" "example" {
metadata {
name = "terraform-example"
}
spec {
selector = {
test = "MyExampleApp"
}
port {
port = 80
target_port = 80
}
type = "LoadBalancer"
}
}

83
kubernetes/cloud/azure/terraform/readme.md
View File

@ -6,22 +6,13 @@ Terraform provider for Azure [here](https://github.com/terraform-providers/terra
## Azure CLI ## Azure CLI
You can get the Azure CLI on [Docker-Hub](https://hub.docker.com/_/microsoft-azure-cli) <br/>
We'll need the Azure CLI to gather information so we can build our Terraform file. We'll need the Azure CLI to gather information so we can build our Terraform file.
``` ```
# Run Azure CLI # Run Azure CLI
docker run -it --rm -v ${PWD}:/work -w /work --entrypoint /bin/sh mcr.microsoft.com/azure-cli:2.6.0 docker run -it --rm -v ${PWD}:/work -w /work --entrypoint /bin/sh mcr.microsoft.com/azure-cli:2.6.0
# Get Terraform
curl -o /tmp/terraform.zip -LO https://releases.hashicorp.com/terraform/0.12.28/terraform_0.12.28_linux_amd64.zip
unzip /tmp/terraform.zip
chmod +x terraform && mv terraform /usr/local/bin/
cd kubernetes/cloud/azure/terraform/
terraform init
``` ```
## Login to Azure ## Login to Azure
@ -29,6 +20,7 @@ terraform init
``` ```
#login and follow prompts #login and follow prompts
az login az login
TENTANT_ID=<your-tenant-id>
# view and select your subscription account # view and select your subscription account
@ -38,13 +30,6 @@ az account set --subscription $SUBSCRIPTION
``` ```
## Create our Resource Group
```
RESOURCEGROUP=aks-getting-started
RESOURCEGROUP_ID=$(az group create -n $RESOURCEGROUP -l australiaeast | jq -r '.id')
```
## Create Service Principal ## Create Service Principal
@ -55,20 +40,36 @@ Lets create one! </br>
SERVICE_PRINCIPAL_JSON=$(az ad sp create-for-rbac --skip-assignment --name aks-getting-started-sp -o json) SERVICE_PRINCIPAL_JSON=$(az ad sp create-for-rbac --skip-assignment --name aks-getting-started-sp -o json)
#Keep the `appId` and `password` for later use! # Keep the `appId` and `password` for later use!
SERVICE_PRINCIPAL=$(echo $SERVICE_PRINCIPAL_JSON | jq -r '.appId') SERVICE_PRINCIPAL=$(echo $SERVICE_PRINCIPAL_JSON | jq -r '.appId')
SERVICE_PRINCIPAL_SECRET=$(echo $SERVICE_PRINCIPAL_JSON | jq -r '.password') SERVICE_PRINCIPAL_SECRET=$(echo $SERVICE_PRINCIPAL_JSON | jq -r '.password')
#grant contributor role over the resource group to our service principal #note: reset the credential if you have any sinlge or double quote on password
az ad sp credential reset --name "aks-getting-started-sp"
# Grant contributor role over the subscription to our service principal
az role assignment create --assignee $SERVICE_PRINCIPAL \ az role assignment create --assignee $SERVICE_PRINCIPAL \
--scope "/subscriptions/$SUBSCRIPTION/resourceGroups/$RESOURCEGROUP" \ --scope "/subscriptions/$SUBSCRIPTION" \
--role Contributor --role Contributor
``` ```
For extra reference you can also take a look at the Microsoft Docs: [here](https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/aks/kubernetes-service-principal.md) </br> For extra reference you can also take a look at the Microsoft Docs: [here](https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/aks/kubernetes-service-principal.md) </br>
```
# Get Terraform
curl -o /tmp/terraform.zip -LO https://releases.hashicorp.com/terraform/0.12.28/terraform_0.12.28_linux_amd64.zip
unzip /tmp/terraform.zip
chmod +x terraform && mv terraform /usr/local/bin/
cd kubernetes/cloud/azure/terraform/
```
# Generate SSH key # Generate SSH key
``` ```
@ -81,9 +82,43 @@ SSH_KEY=$(cat ~/.ssh/id_rsa.pub)
Documentation on all the Kubernetes fields for terraform [here](https://www.terraform.io/docs/providers/azurerm/r/kubernetes_cluster.html) Documentation on all the Kubernetes fields for terraform [here](https://www.terraform.io/docs/providers/azurerm/r/kubernetes_cluster.html)
``` ```
terraform plan -var serviceprinciple_id=$SERVICE_PRINCIPAL -var serviceprinciple_key="$SERVICE_PRINCIPAL_SECRET" -var ssh_key="$SSH_KEY" terraform init
# Import existing resource group terraform plan -var serviceprinciple_id=$SERVICE_PRINCIPAL \
terraform import -var serviceprinciple_id=$SERVICE_PRINCIPAL -var serviceprinciple_key="$SERVICE_PRINCIPAL_SECRET" -var ssh_key="$SSH_KEY" module.cluster.azurerm_resource_group.aks-getting-started $RESOURCEGROUP_ID -var serviceprinciple_key="$SERVICE_PRINCIPAL_SECRET" \
terraform apply -var serviceprinciple_id=$SERVICE_PRINCIPAL -var serviceprinciple_key="$SERVICE_PRINCIPAL_SECRET" -var ssh_key="$SSH_KEY" -var tenant_id=$TENTANT_ID \
-var subscription_id=$SUBSCRIPTION \
-var ssh_key="$SSH_KEY"
terraform apply -var serviceprinciple_id=$SERVICE_PRINCIPAL \
-var serviceprinciple_key="$SERVICE_PRINCIPAL_SECRET" \
-var tenant_id=$TENTANT_ID \
-var subscription_id=$SUBSCRIPTION \
-var ssh_key="$SSH_KEY"
```
# Lets see what we deployed
```
# grab our AKS config
az aks get-credentials -n aks-getting-started -g aks-getting-started
# Get kubectl
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
chmod +x ./kubectl
mv ./kubectl /usr/local/bin/kubectl
kubectl get svc
```
# Clean up
```
terraform destroy -var serviceprinciple_id=$SERVICE_PRINCIPAL \
-var serviceprinciple_key="$SERVICE_PRINCIPAL_SECRET" \
-var tenant_id=$TENTANT_ID \
-var subscription_id=$SUBSCRIPTION \
-var ssh_key="$SSH_KEY"
``` ```

7
kubernetes/cloud/azure/terraform/variables.tf
View File

@ -4,6 +4,13 @@ variable "serviceprinciple_id" {
variable "serviceprinciple_key" { variable "serviceprinciple_key" {
} }
variable "tenant_id" {
}
variable "subscription_id" {
}
variable "ssh_key" { variable "ssh_key" {
} }