Skip to content

Latest commit

 

History

History
74 lines (64 loc) · 7.03 KB

README.md

File metadata and controls

74 lines (64 loc) · 7.03 KB

Azure - Kubernetes Module

Introduction

This module will create a managed Kubernetes cluster using Azure Kubernetes Service.

Providers

Name Version
azurerm >= 2.57.0

Inputs

Name Description Type Default Required
acr_pull_access map of ACR ids to allow AcrPull map(string) {} no
api_server_authorized_ip_ranges authorized IP ranges to communicate with K8s API map(string) n/a yes
cluster_name Name of AKS cluster. string n/a yes
configure_network_role Add Network Contributor role for identity on input subnets. bool true no
default_node_pool Default node pool. Value refers to key within node_pools variable. string "default" no
dns_prefix DNS prefix specified when creating the managed cluster. string n/a yes
enable_azure_policy to apply at-scale enforcements and safeguards on your clusters in a centralized, consistent manner bool false no
enable_kube_dashboard enable kubernetes dashboard bool false no
identity_type SystemAssigned or UserAssigned. string "UserAssigned" no
kubernetes_version kubernetes version string n/a yes
location Azure region. string n/a yes
log_analytics_workspace_id ID of the Azure Log Analytics Workspace string n/a yes
names Names to be applied to resources. map(string) n/a yes
network_plugin network plugin to use for networking (azure or kubenet) string "kubenet" no
network_policy Sets up network policy to be used with Azure CNI. string n/a yes
network_profile_options docker_bridge_cidr, dns_service_ip and service_cidr should all be empty or all should be set 
object({
    docker_bridge_cidr = string
    dns_service_ip     = string
    service_cidr       = string
  })
 n/a yes
node_pool_defaults node pool defaults 
object({
    vm_size                      = string
    availability_zones           = list(number)
    node_count                   = number
    enable_auto_scaling          = bool
    min_count                    = number
    max_count                    = number
    enable_host_encryption       = bool
    enable_node_public_ip        = bool
    max_pods                     = number
    node_labels                  = map(string)
    only_critical_addons_enabled = bool
    orchestrator_version         = string
    os_disk_size_gb              = number
    os_disk_type                 = string
    type                         = string
    tags                         = map(string)
    subnet                       = string # must be key from node_pool_subnets variable

    # settings below not available in default node pools
    mode                         = string
    node_taints                  = list(string)
    max_surge                    = string
    eviction_policy              = string
    os_type                      = string
    priority                     = string
    proximity_placement_group_id = string
    spot_max_price               = number
  })
 
{
  "availability_zones": [
    1,
    2,
    3
  ],
  "enable_auto_scaling": false,
  "enable_host_encryption": false,
  "enable_node_public_ip": false,
  "eviction_policy": null,
  "max_count": null,
  "max_pods": null,
  "max_surge": "1",
  "min_count": null,
  "mode": "User",
  "name": null,
  "node_count": 1,
  "node_labels": null,
  "node_taints": null,
  "only_critical_addons_enabled": false,
  "orchestrator_version": null,
  "os_disk_size_gb": null,
  "os_disk_type": "Managed",
  "os_type": "Linux",
  "priority": "Regular",
  "proximity_placement_group_id": null,
  "spot_max_price": null,
  "subnet": null,
  "tags": null,
  "type": "VirtualMachineScaleSets",
  "vm_size": "Standard_B2s"
}
 no
node_pools node pools any 
{
  "default": {}
}
 no
node_resource_group The name of the Resource Group where the Kubernetes Nodes should exist. string n/a yes
outbound_type outbound (egress) routing method which should be used for this Kubernetes Cluster string "loadBalancer" no
pod_cidr used for pod IP addresses string n/a yes
private_cluster_enabled Private Cluster string "false" no
rbac role based access control settings 
object({
    enabled        = bool
    ad_integration = bool
  })
 
{
  "ad_integration": false,
  "enabled": true
}
 no
rbac_admin_object_ids Admin group object ids for use with rbac active directory integration map(string) {} no
resource_group_name Resource group name. string n/a yes
sku_tier Sets the cluster's SKU tier. The paid tier has a financially-backed uptime SLA. Read doc here. string "Free" no
tags Tags to be applied to resources. map(string) n/a yes
user_assigned_identity User assigned identity for the manged cluster (leave and the module will create one). 
object({
    id           = string
    principal_id = string
    client_id    = string
  })
 n/a yes
user_assigned_identity_name Name of user assigned identity to be created (if applicable). string n/a yes
virtual_network Virtual network info. 
object({
    subnets = map(object({
      id = string
    }))
    route_table_id = string
  })
 n/a yes
windows_profile windows profile admin user/pass 
object({
    admin_username = string
    admin_password = string
  })
 n/a yes

Outputs

Name Description
client_certificate kubernetes client certificate
client_key kubernetes client key
cluster_ca_certificate kubernetes cluster ca certificate
effective_outbound_ips_ids The outcome (resource IDs) of the specified arguments.
fqdn kubernetes managed cluster fqdn
host kubernetes host
id kubernetes managed cluster id
kube_config kubernetes config to be used by kubectl and other compatible tools
kube_config_raw raw kubernetes config to be used by kubectl and other compatible tools
kubelet_identity kubelet identity information
name kubernetes managed cluster name
node_resource_group auto-generated resource group which contains the resources for this managed kubernetes cluster
password kubernetes password
principal_id id of the principal used by this managed kubernetes cluster
username kubernetes username

Examples

See examples folder. These are designed to test module updates and use random_string to run without any user input.