Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
205 lines (205 sloc) 8.48 KB
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"version": {
"metadata": {
"description": "Kubernetes Version"
},
"type": "string",
"defaultValue": "1.12.6"
},
"workspaceName": {
"metadata": {
"description": "Name of the Log Analytics workspace"
},
"type": "string"
},
"clusterName": {
"metadata": {
"description": "Name of the cluster (and DNS Prefix)"
},
"type": "string"
},
"principalAppId": {
"metadata": {
"description": "App ID of the Service Principal"
},
"type": "string"
},
"principalObjectId": {
"metadata": {
"description": "Object ID of the Service Principal"
},
"type": "string"
},
"principalSecret": {
"metadata": {
"description": "Secret of the Service Principal"
},
"type": "securestring"
}
},
"variables": {
"Max Pods": 200,
"Network Contributor Role": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/', '4d97b98b-1d4f-4787-a291-c67834d212e7')]",
"VNET Name": "cluster-vnet",
"VNET Address Space": "172.16.0.0/18",
"AKS Subnet Address Space": "172.16.0.0/20",
"Service Subnet Address Space": "172.16.16.0/20",
"NSG": "servicesNsg",
"Role Assignment Name": "[concat(variables('VNET Name'), '/Microsoft.Authorization/', guid(concat(resourceGroup().id), variables('Network Contributor Role')))]",
"Pod Cidr": "10.16.0.1/16",
"Cluster-IPs Service Cidr": "10.0.0.0/16",
"Dns Service IP": "10.0.0.10",
"Docker Bridge Cidr": "10.2.0.1/16",
"VM Size": "Standard_B2ms",
"instance count": 1,
"ssh public key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/DWLnsCzgNo4rXoafDwXRjXBCIyX8m6sPJRVfDSmYgND739wQsfBF/B8RCyU1z+tjmOr+CZYCu6w2FmVL8JDY/aPJC9nDtO5aZSZtAdKJH51PwODsI8E4mthPuC01CxRageEDeEW9u4CCu3HXq6gFBscOEsC1iTYO5gsaxotiGdJS2pYnNHDVTWqhbzi7UPx8xPKJ1M8LKkG2paZLYBHKIhjrxjrAjnnsLkFb/dhfdr9D65Mqf5OGy40X1vQv+rfbLtnpb1DMajlfwQtBQpHY2SnEFbSwQva/l/chyhc4b854Uhpc1XdkIcQYiz7pRagRsJ1u5lMusCAsE5gnGoEJ vplauzon@MININT-BK6A5VR"
},
"resources": [
{
"type": "microsoft.operationalinsights/workspaces",
"name": "[parameters('workspaceName')]",
"apiVersion": "2015-11-01-preview",
"location": "canadacentral",
"properties": {
"sku": {
"name": "pergb2018"
}
},
"dependsOn": []
},
{
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[variables('NSG')]",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"tags": {},
"properties": {
"securityRules": [
{
"name": "Allow-HTTP-From-Internet",
"properties": {
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "80",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "[variables('Service Subnet Address Space')]",
"access": "Allow",
"priority": 100,
"direction": "Inbound"
}
}
],
"subnets": []
}
},
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2018-07-01",
"name": "[variables('VNet Name')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSG'))]"
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('VNET Address Space')]"
]
},
"subnets": [
{
"name": "aks",
"properties": {
"addressPrefix": "[variables('AKS Subnet Address Space')]"
}
},
{
"name": "services",
"properties": {
"addressPrefix": "[variables('Service Subnet Address Space')]",
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSG'))]"
}
}
}
]
},
"resources": []
},
{
"type": "Microsoft.Network/virtualNetworks/providers/roleAssignments",
"apiVersion": "2017-05-01",
"name": "[variables('Role Assignment Name')]",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', variables('VNET Name'))]"
],
"properties": {
"roleDefinitionId": "[variables('Network Contributor Role')]",
"principalId": "[parameters('principalObjectId')]"
}
},
{
"type": "Microsoft.ContainerService/managedClusters",
"name": "[parameters('clusterName')]",
"apiVersion": "2019-02-01",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', variables('VNET Name'))]",
"[resourceId('microsoft.operationalinsights/workspaces', parameters('workspaceName'))]"
],
"properties": {
"kubernetesVersion": "[parameters('version')]",
"dnsPrefix": "[parameters('clusterName')]",
"addonProfiles": {
"omsagent": {
"enabled": true,
"config": {
"logAnalyticsWorkspaceResourceID": "[resourceId('microsoft.operationalinsights/workspaces', parameters('workspaceName'))]"
}
}
},
"servicePrincipalProfile": {
"clientId": "[parameters('principalAppId')]",
"secret": "[parameters('principalSecret')]"
},
"agentPoolProfiles": [
{
"name": "agentpool",
"count": "[variables('instance count')]",
"vmSize": "[variables('VM Size')]",
"vnetSubnetID": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('VNET Name'), 'aks')]",
"maxPods": "[variables('Max Pods')]",
"osType": "Linux",
"storageProfile": "ManagedDisks"
}
],
"linuxProfile": {
"adminUsername": "hidden-admin",
"ssh": {
"publicKeys": [
{
"keyData": "[variables('ssh public key')]"
}
]
}
},
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "[variables('Pod Cidr')]",
"serviceCidr": "[variables('Cluster-IPs Service Cidr')]",
"dnsServiceIP": "[variables('Dns Service IP')]",
"dockerBridgeCidr": "[variables('Docker Bridge Cidr')]"
}
}
}
],
"outputs": {
"nodeResourceGroup": {
"type": "string",
"value": "[reference(parameters('clusterName')).nodeResourceGroup]"
}
}
}
You can’t perform that action at this time.