-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathazure_aks_template.json
202 lines (202 loc) · 8.74 KB
/
azure_aks_template.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"managedClusters_myAKSCluster_name": {
"defaultValue": "myAKSCluster",
"type": "String"
},
"workspaces_DefaultWorkspace_ab6c2585_5c84_44be_9155_a7530e644e47_EUS_externalid": {
"defaultValue": "/subscriptions/ab6c2585-5c84-44be-9155-a7530e644e47/resourceGroups/DefaultResourceGroup-EUS/providers/Microsoft.OperationalInsights/workspaces/DefaultWorkspace-ab6c2585-5c84-44be-9155-a7530e644e47-EUS",
"type": "String"
},
"publicIPAddresses_4d04416c_347b_44cf_b0a8_d215de433f2f_externalid": {
"defaultValue": "/subscriptions/ab6c2585-5c84-44be-9155-a7530e644e47/resourceGroups/MC_myResourceGroup_myAKSCluster_eastus/providers/Microsoft.Network/publicIPAddresses/4d04416c-347b-44cf-b0a8-d215de433f2f",
"type": "String"
},
"userAssignedIdentities_myAKSCluster_agentpool_externalid": {
"defaultValue": "/subscriptions/ab6c2585-5c84-44be-9155-a7530e644e47/resourceGroups/MC_myResourceGroup_myAKSCluster_eastus/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myAKSCluster-agentpool",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.ContainerService/managedClusters",
"apiVersion": "2023-08-02-preview",
"name": "[parameters('managedClusters_myAKSCluster_name')]",
"location": "eastus",
"sku": {
"name": "Base",
"tier": "Free"
},
"identity": {
"type": "SystemAssigned"
},
"properties": {
"kubernetesVersion": "1.27",
"dnsPrefix": "myAKSClust-myResourceGroup-ab6c25",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 1,
"vmSize": "Standard_DS2_v2",
"osDiskSizeGB": 128,
"osDiskType": "Managed",
"kubeletDiskType": "OS",
"workloadRuntime": "OCIContainer",
"maxPods": 110,
"type": "VirtualMachineScaleSets",
"enableAutoScaling": false,
"powerState": {
"code": "Running"
},
"orchestratorVersion": "1.27.7",
"enableNodePublicIP": false,
"enableCustomCATrust": false,
"mode": "System",
"enableEncryptionAtHost": false,
"enableUltraSSD": false,
"osType": "Linux",
"osSKU": "Ubuntu",
"upgradeSettings": {},
"enableFIPS": false,
"networkProfile": {},
"securityProfile": {
"sshAccess": "LocalUser"
}
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCY1S/nCZIoBxMpXmC5gSBBZYCJ1AgDMBoXwVDda16STJHGQDXH0hiknMCDCcul9Ke9OeQt9S5hVqBpBSaOhtcsvM3lieQPEuToVxT6VCKz1ysRYFgFZtIYVZ3wVpvV1Iy1rKoDlqyQzf309300lqcBiBvFYp2V2x2XkI/7Lq+FZh6wvGAKo1d2LlHVGJsRZy7WZkrVSeOd7YQgZsxNFcXxFhSQKdTyaW7dq/JgnGhrVEPJer1+3Ck+w0Z1dwLGrHEQtlC2uoTv2M9uPKpz+kWQlyjA7hQimrKWUip0TFl3OkCGraIH60GAOccgexjPObn18N3RZZjEU/MySxFEfeDj"
}
]
}
},
"servicePrincipalProfile": {
"clientId": "msi"
},
"addonProfiles": {
"omsagent": {
"enabled": true,
"config": {
"logAnalyticsWorkspaceResourceID": "[parameters('workspaces_DefaultWorkspace_ab6c2585_5c84_44be_9155_a7530e644e47_EUS_externalid')]",
"useAADAuth": "true"
}
}
},
"nodeResourceGroup": "[concat('MC_myResourceGroup_', parameters('managedClusters_myAKSCluster_name'), '_eastus')]",
"enableRBAC": true,
"enablePodSecurityPolicy": false,
"supportPlan": "KubernetesOfficial",
"networkProfile": {
"networkPlugin": "kubenet",
"networkPolicy": "none",
"loadBalancerSku": "Standard",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 1
},
"effectiveOutboundIPs": [
{
"id": "[parameters('publicIPAddresses_4d04416c_347b_44cf_b0a8_d215de433f2f_externalid')]"
}
],
"backendPoolType": "nodeIPConfiguration"
},
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
]
},
"aadProfile": {
"managed": true,
"enableAzureRBAC": true,
"tenantID": "474cbbe4-ab8e-40ae-a518-715ca4c0ba5a"
},
"identityProfile": {
"kubeletidentity": {
"resourceId": "[parameters('userAssignedIdentities_myAKSCluster_agentpool_externalid')]",
"clientId": "82f49962-3a9e-4a1e-a9dd-4afdb87ca300",
"objectId": "18f4f022-6b1b-4c89-acd7-28441b121934"
}
},
"autoUpgradeProfile": {
"nodeOSUpgradeChannel": "NodeImage"
},
"disableLocalAccounts": false,
"securityProfile": {},
"storageProfile": {
"diskCSIDriver": {
"enabled": true,
"version": "v1"
},
"fileCSIDriver": {
"enabled": true
},
"snapshotController": {
"enabled": true
}
},
"oidcIssuerProfile": {
"enabled": false
},
"workloadAutoScalerProfile": {},
"metricsProfile": {
"costAnalysis": {
"enabled": false
}
}
}
},
{
"type": "Microsoft.ContainerService/managedClusters/agentPools",
"apiVersion": "2023-08-02-preview",
"name": "[concat(parameters('managedClusters_myAKSCluster_name'), '/nodepool1')]",
"dependsOn": [
"[resourceId('Microsoft.ContainerService/managedClusters', parameters('managedClusters_myAKSCluster_name'))]"
],
"properties": {
"count": 1,
"vmSize": "Standard_DS2_v2",
"osDiskSizeGB": 128,
"osDiskType": "Managed",
"kubeletDiskType": "OS",
"workloadRuntime": "OCIContainer",
"maxPods": 110,
"type": "VirtualMachineScaleSets",
"enableAutoScaling": false,
"powerState": {
"code": "Running"
},
"orchestratorVersion": "1.27.7",
"enableNodePublicIP": false,
"enableCustomCATrust": false,
"mode": "System",
"enableEncryptionAtHost": false,
"enableUltraSSD": false,
"osType": "Linux",
"osSKU": "Ubuntu",
"upgradeSettings": {},
"enableFIPS": false,
"networkProfile": {},
"securityProfile": {
"sshAccess": "LocalUser"
}
}
}
]
}