This project provisions and manages Azure Kubernetes Service (AKS) clusters using Terraform. The code is modular, allowing for dynamic creation of multiple AKS clusters and associated resources like virtual networks and subnets.
terraform/ ├── modules/ │ ├── aks/ # AKS module │ ├── vnet/ # Virtual Network module ├── environments/ │ ├── dev/ # Development environment │ ├── prod/ # Production environment ├── provider.tf # Azure provider configuration ├── versions.tf
Check Azure Login:
It first verifies if the user is logged into Azure using az account show. If not logged in, it runs az login and waits for the user to complete the login process.
- Install kubectl:
Checks if kubectl is installed and installs it if missing.
- Download kubeconfig:
Fetches the kubeconfig file for the specified AKS cluster.
- Test Configuration:
Runs kubectl get nodes to verify the connection to the Kubernetes cluster.
- AKS Module (
modules/aks/
)
Provisions Azure Kubernetes clusters. - VNet Module (
modules/vnet/
)
Provisions Azure Virtual Networks and Subnets. - aApp gateway (
modules/app_gateway/
)
Provisions Azure application gateway for each cluster. - Public IP Module (
modules/public_ip/
)
Provisions Azure Virtual public IP for each cluster
Each environment (e.g., dev
, prod
) includes its specific configurations and uses the modules for deployment.
- Terraform: Install Terraform (version
1.3.0
or later). - Azure CLI: Install and authenticate using
az login
. - Azure Subscription: Ensure you have access to an Azure subscription.
No providers.
Name | Source | Version |
---|---|---|
aks_clusters | ../../modules/aks | n/a |
app_gateways | ../../modules/app_gateway | n/a |
appgw_ip | ../../modules/public_ip | n/a |
vnet | ../../modules/vnet | n/a |
No resources.
Name | Description | Type | Default | Required |
---|---|---|---|---|
client_id | n/a | any |
n/a | yes |
client_secret | n/a | any |
n/a | yes |
subscription_id | n/a | any |
n/a | yes |
tenant_id | n/a | any |
n/a | yes |
No outputs.
- Terraform: Install Terraform (version
1.3.0
or later). - Azure CLI: Install and authenticate using
az login
. - Azure Subscription: Ensure you have access to an Azure subscription.
- git clone repo
- cd terraform
cd environments/dev
Choose the environment to deploy to, e.g., dev:
To add or remove clusters
- go to locals.tf
- Update cluster configuration
- Add or remove entries to create or delete cluster
subscription_id = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
tenant_id = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
client_id = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
client_secret = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
terraform init
terraform plan
terraform apply
Option 2: Create multiple tenants in pre-prod environment by setting the cluster count to the required number of clusters (cluster_count = 3) to create
Choose the environment to deploy to, e.g., proprod:
subscription_id = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
tenant_id = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
client_id = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
client_secret = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
cluster_count = 0
base_config = {
location = "WEST US"
dns_prefix_base = "cluster"
default_node_pool_name = "default"
default_node_pool_count = 2
default_node_pool_vm_size = "Standard_DS2_v2"
vnet_name_base = "vnet"
subnet_name_base = "subnet"
resource_group_name_base = "rg"
address_space_base = "10.0.0.0/16"
subnet_prefixes_base = "10.0.0.0/16"
tags = { environment = "dev", type = "primary" }
app_gateway = {
name_base = "appgw"
sku_name = "Standard_v2"
sku_tier = "Standard_v2"
capacity = 2
frontend_port = 80
backend_port = 80
tags = { environment = "dev", gateway = "primary" }
}
}
terraform init
terraform plan
terraform apply
A Service Principal is a non-interactive way to log in, commonly used for automation.
Steps Create a Service Principal: Run the following command to create a Service Principal with the necessary role for your AKS cluster:
az login
az ad sp create-for-rbac --name "myServicePrincipal" --role Contributor --scopes /subscriptions/<your-subscription-id>
Replace <your-subscription-id> with your Azure subscription ID. The output will look like this:
Next change directory to the root (folder) In the get-kube-config.sh script, you'll need to define the following variables
SP_APP_ID="xxxxxx-xxx-xxxx-xxxx-xxxxx" # Service Principal app ID
SP_PASSWORD="xxxxxx-xxx-xxxx-xxxx-xxxxx" # Service Principal password
SP_TENANT="xxxxxx-xxx-xxxx-xxxx-xxxxx" # Tenant ID
RESOURCE_GROUP="dev-rg-1" # AKS Resource Group
CLUSTER_NAME="dev-aks-1" # AKS Cluster Name
KUBECONFIG_FILE="$HOME/.kube/config" # Output path for kubeconfig
Ensure you are in the root directory and run the following to download and configure kubeconfig file for your cluster and gain access
run chmod +x get-kube-config.sh
./get-kube-config.sh
Azure Sizing Options: