Initial commit

adamrushuk · Nov 8, 2020 · 86bd045 · 86bd045
1 parent bdec6ec
commit 86bd045
Show file tree

Hide file tree

Showing 4 changed files with 146 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -1,2 +1,3 @@
 # terraform-azurerm-aks
+
 Azure Kubernetes Service (AKS) Terraform module
diff --git a/aks.tf b/aks.tf
@@ -0,0 +1,57 @@
+# AKS
+resource "azurerm_kubernetes_cluster" "aks" {
+  name                = var.name
+  location            = var.location
+  resource_group_name = var.resource_group_name
+  dns_prefix          = var.name
+  kubernetes_version  = var.kubernetes_version
+  sku_tier            = var.sla_sku
+
+  default_node_pool {
+    name                = local.default_node_pool.name
+    node_count          = local.default_node_pool.count
+    vm_size             = local.default_node_pool.vm_size
+    availability_zones  = local.default_node_pool.availability_zones
+    enable_auto_scaling = local.default_node_pool.enable_auto_scaling
+    min_count           = local.default_node_pool.min_count
+    max_count           = local.default_node_pool.max_count
+    max_pods            = local.default_node_pool.max_pods
+    os_disk_size_gb     = local.default_node_pool.os_disk_size_gb
+    type                = local.default_node_pool.type
+    node_taints         = local.default_node_pool.node_taints
+    # TODO: add custom vnet support
+    # vnet_subnet_id      = local.default_node_pool.vnet_subnet_id
+  }
+
+  # managed identity block: https://www.terraform.io/docs/providers/azurerm/r/kubernetes_cluster.html#type-1
+  identity {
+    type = "SystemAssigned"
+  }
+
+  role_based_access_control {
+    enabled = true
+
+    # TODO: Enable AAD auth: https://app.zenhub.com/workspaces/aks-nexus-velero-5e602702ee332f0fc76d35dd/issues/adamrushuk/aks-nexus-velero/105
+    # azure_active_directory {
+    #   managed = true
+    #   admin_group_object_ids = [
+    #     data.azuread_group.aks.id
+    #   ]
+    # }
+  }
+
+  addon_profile {
+    # cannot remove this deprecated block yet, due to this issue:
+    # https://github.com/terraform-providers/terraform-provider-azurerm/issues/7716
+    kube_dashboard {
+      enabled = false
+    }
+
+    # oms_agent {
+    #   enabled                    = var.aks_container_insights_enabled
+    #   log_analytics_workspace_id = var.aks_container_insights_enabled ? azurerm_log_analytics_workspace.aks[0].id : null
+    # }
+  }
+
+  tags = var.tags
+}
diff --git a/locals.tf b/locals.tf
@@ -0,0 +1,24 @@
+
+locals {
+  # TODO: consider moving defaults to object var, as per: https://binx.io/blog/2020/01/02/module-parameter-defaults-with-the-terraform-object-type/
+  default_agent_profile = {
+    name                  = "default"
+    count                 = 1
+    orchestrator_version  = var.kubernetes_version
+    vm_size               = "Standard_D2s_v3"
+    os_type               = "Linux"
+    availability_zones    = [1, 2, 3]
+    enable_auto_scaling   = false
+    min_count             = null
+    max_count             = null
+    type                  = "VirtualMachineScaleSets"
+    node_taints           = null
+    # TODO: add custom vnet support
+    # vnet_subnet_id        = var.nodes_subnet_id
+    max_pods              = 30
+    os_disk_size_gb       = 32
+    enable_node_public_ip = false
+  }
+
+  default_node_pool = merge(local.default_agent_profile, var.default_node_pool)
+}
diff --git a/variables.tf b/variables.tf
@@ -0,0 +1,64 @@
+variable "location" {
+  description = "Location of Azure region in use"
+  type        = string
+}
+
+variable "resource_group_name" {
+  description = "AKS resource group name"
+  type        = string
+}
+
+variable "name" {
+  description = "AKS cluster name"
+  type        = string
+}
+
+# version used for both main AKS API service, and default node pool
+# https://github.com/Azure/AKS/releases
+# az aks get-versions --location uksouth --output table
+variable "kubernetes_version" {
+  description = "Version for both main AKS API service, and default node pool"
+  type        = string
+  default     = "1.16.15"
+}
+
+variable "sla_sku" {
+  description = "Defines the SLA under which the managed master control plane of AKS is running"
+  type        = string
+  default     = "Free"
+}
+
+variable "tags" {
+  description = "A map of the tags to use on the resources"
+  type        = map(string)
+  default = {
+    Source = "terraform"
+  }
+}
+
+variable "default_node_pool" {
+  description = <<EOD
+Default node pool configuration. Overrides/merges with locals.default_agent_profile:
+```
+map(object({
+    name                  = string
+    count                 = number
+    vm_size               = string
+    os_type               = string
+    availability_zones    = list(number)
+    enable_auto_scaling   = bool
+    min_count             = number
+    max_count             = number
+    type                  = string
+    node_taints           = list(string)
+    vnet_subnet_id        = string
+    max_pods              = number
+    os_disk_size_gb       = number
+    enable_node_public_ip = bool
+}))
+```
+EOD
+
+  type    = map(any)
+  default = {}
+}
Original file line number	Diff line number	Diff line change
		@@ -1,2 +1,3 @@
		# terraform-azurerm-aks

		Azure Kubernetes Service (AKS) Terraform module