-
Notifications
You must be signed in to change notification settings - Fork 396
/
Copy pathaks.bicep
188 lines (169 loc) · 5.09 KB
/
aks.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.
@description('The name of the Managed Cluster resource.')
param clusterName string
@description('The location of the Managed Cluster resource.')
param location string = resourceGroup().location
@description('The workspace id of the Log Analytics resource.')
param logAnalyticsWorkspaceId string
@description('The auto-upgrade profile.')
param autoUpgradeProfile object = {
nodeOsUpgradeChannel: 'NodeImage'
upgradeChannel: 'node-image'
}
@description('Optional DNS prefix to use with hosted Kubernetes API server FQDN.')
param dnsPrefix string = ''
@description('Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize.')
@minValue(0)
@maxValue(1023)
param systemOsDiskSizeGB int = 128
@description('The number of nodes for the system node pool.')
@minValue(1)
@maxValue(50)
param systemNodeCount int = 1
@description('The size of the system Virtual Machine.')
param systemVMSize string = 'standard_d4s_v5'
@description('The number of nodes for the graphrag node pool.')
@minValue(1)
@maxValue(50)
param graphragNodeCount int = 1
@description('The size of the GraphRAG Virtual Machine.')
param graphragVMSize string = 'standard_e16as_v5' // 16 vcpus, 128 GiB memory
@description('User name for the Linux Virtual Machines.')
param linuxAdminUsername string = 'azureuser'
@description('Configure all linux machines with the SSH RSA public key string. Your key should include three parts, for example \'ssh-rsa AAAAB...snip...UcyupgH azureuser@linuxvm\'')
param sshRSAPublicKey string
@description('Enable encryption at host')
param enableEncryptionAtHost bool = false
@description('Resource ID of subnet to use for all node pools.')
param vnetSubnetId string = ''
var vnetSubnetIdVar = !empty(vnetSubnetId) ? vnetSubnetId : null
resource aks 'Microsoft.ContainerService/managedClusters@2023-10-01' = {
name: clusterName
location: location
identity: {
type: 'SystemAssigned'
}
properties: {
enableRBAC: true
dnsPrefix: !empty(dnsPrefix) ? dnsPrefix : toLower(clusterName)
addonProfiles: {
omsagent: {
enabled: true
config: {
logAnalyticsWorkspaceResourceID: logAnalyticsWorkspaceId
}
}
}
agentPoolProfiles: [
{
name: 'agentpool'
enableAutoScaling: true
upgradeSettings: {
maxSurge: '50%'
}
minCount: 1
maxCount: 10
osDiskSizeGB: systemOsDiskSizeGB
count: systemNodeCount
vmSize: systemVMSize
osType: 'Linux'
mode: 'System'
enableEncryptionAtHost: enableEncryptionAtHost
vnetSubnetID: vnetSubnetIdVar
type: 'VirtualMachineScaleSets'
}
]
autoScalerProfile: {
expander: 'least-waste'
}
linuxProfile: {
adminUsername: linuxAdminUsername
ssh: {
publicKeys: [
{
keyData: sshRSAPublicKey
}
]
}
}
networkProfile: {
serviceCidr: '10.2.0.0/16'
dnsServiceIP: '10.2.0.10'
}
autoUpgradeProfile: autoUpgradeProfile
oidcIssuerProfile: {
enabled: true
}
securityProfile: {
workloadIdentity: {
enabled: true
}
}
}
resource graphragNodePool 'agentPools@2024-02-01' = {
name: 'graphrag'
properties: {
enableAutoScaling: true
upgradeSettings: {
maxSurge: '50%'
}
minCount: 1
maxCount: 10
osDiskSizeGB: systemOsDiskSizeGB
count: graphragNodeCount
vmSize: graphragVMSize
osType: 'Linux'
mode: 'User'
enableEncryptionAtHost: enableEncryptionAtHost
vnetSubnetID: vnetSubnetIdVar
nodeLabels: {
workload: 'graphrag'
}
tags: {
workload: 'graphrag'
}
type: 'VirtualMachineScaleSets'
}
}
}
resource aksManagedAutoUpgradeSchedule 'Microsoft.ContainerService/managedClusters/maintenanceConfigurations@2024-03-02-preview' = {
parent: aks
name: 'aksManagedAutoUpgradeSchedule'
properties: {
maintenanceWindow: {
schedule: {
weekly: {
intervalWeeks: 1
dayOfWeek: 'Sunday'
}
}
durationHours: 4
startDate: '2024-06-11'
startTime: '12:00'
}
}
}
resource aksManagedNodeOSUpgradeSchedule 'Microsoft.ContainerService/managedClusters/maintenanceConfigurations@2024-03-02-preview' = {
parent: aks
name: 'aksManagedNodeOSUpgradeSchedule'
properties: {
maintenanceWindow: {
schedule: {
weekly: {
intervalWeeks: 1
dayOfWeek: 'Saturday'
}
}
durationHours: 4
startDate: '2024-06-11'
startTime: '12:00'
}
}
}
output name string = aks.name
output managedResourceGroup string = aks.properties.nodeResourceGroup
output controlPlaneFQDN string = aks.properties.fqdn
output principalId string = aks.identity.principalId
output kubeletPrincipalId string = aks.properties.identityProfile.kubeletidentity.objectId
output issuer string = aks.properties.oidcIssuerProfile.issuerURL