Skip to content

bcochofel/terraform-azure-k8s

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits

samples/prometheus-operator-thanos

samples/prometheus-operator-thanos

 
 

templates

templates

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

aks.tf

aks.tf

 
 

main.tf

main.tf

 
 

network.tf

network.tf

 
 

output.tf

output.tf

 
 

storage.tf

storage.tf

 
 

variables.tf

variables.tf

 
 

Repository files navigation

terraform-azure-k8s

Terraform Azure AKS

Terraform Cloud

Fork this repo to your account and configure Terraform Cloud.

Add the following vars to Terraform Cloud Workspace:

  • client_id
  • client_secret

Configure kubectl

To merge the configuration for the new k8s cluster execute:

az aks get-credentials --resource-group <resource_group_name> --name <cluster_name>

Execute with tfstate on Azure

  • Create Blob Storage on Azure (for tfstate file);
  • Create a Container on that Blob Storage (name=tfstate);
  • Get your storage account name and access key;
  • Edit the file main.tf and add the backend:
provider "azurerm" {
  # The "feature" block is required for AzureRM provider 2.x. 
  # If you are using version 1.x, the "features" block is not allowed.
  version = "~>2.0"
  features {}
}

terraform {
  backend "azurerm" {}
}

initialize terraform and the backend with the following command:

terraform init -backend-config="storage_account_name=<YourAzureStorageAccountName>" -backend-config="container_name=tfstate" -backend-config="access_key=<YourStorageAccountAccessKey>" -backend-config="key=codelab.microsoft.tfstate"

export TF_VAR_client_id=<service-principal-appid>
export TF_VAR_client_secret=<service-principal-password>

terraform plan -out out.plan

terraform apply out.plan

Test the Kubernetes cluster

echo "$(terraform output kube_config)" > ./azurek8s
export KUBECONFIG=./azurek8s
kubectl get nodes

Install Helm

install helm with rbac

# initialize helm
helm init --history-max 200

# Create the Tiller service account 
kubectl create serviceaccount tiller --namespace kube-system

# Bind the Tiller service account to the cluster-admin role
cat <<EOF | kubectl apply -f -
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: tiller-clusterrolebinding
subjects:
- kind: ServiceAccount
  name: tiller
  namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: ""
EOF

# Update the existing Tiller deployment
helm init --service-account tiller --upgrade

# Test the new Helm RBAC rules
helm ls

References

About

Terraform Azure AKS

Topics

azure terraform aks

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages