Skip to content

Files

terraform

Requirements

Azure Kubernetes Service (AKS) Deployment with Terraform

This project provisions and manages Azure Kubernetes Service (AKS) clusters using Terraform. The code is modular, allowing for dynamic creation of multiple AKS clusters and associated resources like virtual networks and subnets.


Project Structure

terraform/ ├── modules/ │ ├── aks/ # AKS module │ ├── vnet/ # Virtual Network module ├── environments/ │ ├── dev/ # Development environment │ ├── prod/ # Production environment ├── provider.tf # Azure provider configuration ├── versions.tf 

Terraform version and providers

How It Works

Check Azure Login:

It first verifies if the user is logged into Azure using az account show. If not logged in, it runs az login and waits for the user to complete the login process.

  • Install kubectl:

Checks if kubectl is installed and installs it if missing.

  • Download kubeconfig:

Fetches the kubeconfig file for the specified AKS cluster.

  • Test Configuration:

Runs kubectl get nodes to verify the connection to the Kubernetes cluster.

Modules

  1. AKS Module (modules/aks/)
    Provisions Azure Kubernetes clusters.
  2. VNet Module (modules/vnet/)
    Provisions Azure Virtual Networks and Subnets.
  3. aApp gateway (modules/app_gateway/)
    Provisions Azure application gateway for each cluster.
  4. Public IP Module (modules/public_ip/)
    Provisions Azure Virtual public IP for each cluster

Environments

Each environment (e.g., dev, prod) includes its specific configurations and uses the modules for deployment.


Prerequisites

  1. Terraform: Install Terraform (version 1.3.0 or later).
  2. Azure CLI: Install and authenticate using az login.
  3. Azure Subscription: Ensure you have access to an Azure subscription.

Providers

No providers.

Modules

Name Source Version
aks_clusters ../../modules/aks n/a
app_gateways ../../modules/app_gateway n/a
appgw_ip ../../modules/public_ip n/a
vnet ../../modules/vnet n/a

Resources

No resources.

Inputs

Name Description Type Default Required
client_id n/a any n/a yes
client_secret n/a any n/a yes
subscription_id n/a any n/a yes
tenant_id n/a any n/a yes

Outputs

No outputs.

Deployment

Prerequisites

  1. Terraform: Install Terraform (version 1.3.0 or later).
  2. Azure CLI: Install and authenticate using az login.
  3. Azure Subscription: Ensure you have access to an Azure subscription.

Getting Started

1. Clone the Repository

  • git clone repo
  • cd terraform

cd environments/dev

Change directory to terraform/environments/dev

Choose the environment to deploy to, e.g., dev:

To add or remove clusters

  • go to locals.tf
  • Update cluster configuration
  • Add or remove entries to create or delete cluster

Create a new terraform.tfvars file with the following details

subscription_id = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
tenant_id       = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
client_id       = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
client_secret   = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"

Next run terraform init to initialize terraform environment

terraform init
terraform plan
terraform apply

Option 2: Create multiple tenants in pre-prod environment by setting the cluster count to the required number of clusters (cluster_count = 3) to create

Change directory to terraform/environments/pre-prod

Choose the environment to deploy to, e.g., proprod:

Create a new terraform.tfvars file with the following details

subscription_id = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
tenant_id       = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
client_id       = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
client_secret   = "xxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx"
cluster_count   = 0
  base_config = {
    location                  = "WEST US"
    dns_prefix_base           = "cluster"
    default_node_pool_name    = "default"
    default_node_pool_count   = 2
    default_node_pool_vm_size = "Standard_DS2_v2"
    vnet_name_base            = "vnet"
    subnet_name_base          = "subnet"
    resource_group_name_base  = "rg"
    address_space_base        = "10.0.0.0/16"
    subnet_prefixes_base      = "10.0.0.0/16"
    tags                      = { environment = "dev", type = "primary" }
    app_gateway = {
      name_base      = "appgw"
      sku_name       = "Standard_v2"
      sku_tier       = "Standard_v2"
      capacity       = 2
      frontend_port  = 80
      backend_port   = 80
      tags           = { environment = "dev", gateway = "primary" }
    }
  }

Next run terraform init to initialize terraform environment

terraform init
terraform plan
terraform apply

To configure your service principal, run the following command

A Service Principal is a non-interactive way to log in, commonly used for automation.

Steps Create a Service Principal: Run the following command to create a Service Principal with the necessary role for your AKS cluster:

az login
az ad sp create-for-rbac --name "myServicePrincipal" --role Contributor --scopes /subscriptions/<your-subscription-id>
Replace <your-subscription-id> with your Azure subscription ID. The output will look like this:

To configure KUBECONFIG and gain access to your cluster

Next change directory to the root (folder) In the get-kube-config.sh script, you'll need to define the following variables

SP_APP_ID="xxxxxx-xxx-xxxx-xxxx-xxxxx"       # Service Principal app ID
SP_PASSWORD="xxxxxx-xxx-xxxx-xxxx-xxxxx"   # Service Principal password
SP_TENANT="xxxxxx-xxx-xxxx-xxxx-xxxxx"   # Tenant ID
RESOURCE_GROUP="dev-rg-1"  # AKS Resource Group
CLUSTER_NAME="dev-aks-1"      # AKS Cluster Name
KUBECONFIG_FILE="$HOME/.kube/config"   # Output path for kubeconfig

Ensure you are in the root directory and run the following to download and configure kubeconfig file for your cluster and gain access

run chmod +x get-kube-config.sh
./get-kube-config.sh

Notes

Azure Sizing Options: