validation passes

Author: dak1n1

_examples/aks/aks-cluster/main.tf

@@ -3,15 +3,15 @@ provider "azurerm" {
 }
 
 resource "azurerm_resource_group" "test" {
-  name     = local.cluster_name
+  name     = var.cluster_name
   location = var.location
 }
 
 resource "azurerm_kubernetes_cluster" "test" {
-  name                = local.cluster_name
+  name                = var.cluster_name
   location            = azurerm_resource_group.test.location
   resource_group_name = azurerm_resource_group.test.name
-  dns_prefix          = local.cluster_name
+  dns_prefix          = var.cluster_name
 
   default_node_pool {
     name       = "default"
@@ -22,28 +22,6 @@ resource "azurerm_kubernetes_cluster" "test" {
   identity {
     type = "SystemAssigned"
   }
-
-  addon_profile {
-    aci_connector_linux {
-      enabled = false
-    }
-
-    azure_policy {
-      enabled = false
-    }
-
-    http_application_routing {
-      enabled = false
-    }
-
-    kube_dashboard {
-      enabled = true
-    }
-
-    oms_agent {
-      enabled = false
-    }
-  }
 }
 
 resource "local_file" "kubeconfig" {

_examples/aks/aks-cluster/output.tf

@@ -1,11 +1,16 @@
 output "cluster_ca_cert" {
-  value = azurerm_kubernetes_cluster.example.kube_config.0.client_certificate
+  value = azurerm_kubernetes_cluster.test.kube_config.0.client_certificate
 }
 
 output "cluster_endpoint" {
-  value = azurerm_kubernetes_cluster.example.kube_config.0.endpoint
+  value = azurerm_kubernetes_cluster.test.kube_config.0.host
+}
+
+output "cluster_name" {
+  value = azurerm_kubernetes_cluster.test.id
 }
 
 output "data_disk_uri" {
   value = azurerm_managed_disk.test.id
 }
+

_examples/aks/aks-cluster/variables.tf

@@ -9,3 +9,7 @@ variable "workers_count" {
 variable "cluster_name" {
   type = string
 }
+
+variable "location" {
+  type = string
+}

_examples/aks/kubernetes-config/main.tf

@@ -1,14 +1,21 @@
-# This fetches a new token, which will expire in 1 hour.
+provider "azurerm" {
+  features {}
+}
+
+# The client certificate used for authenticating into the AKS cluster will eventually expire,
+# (especially true if your clusters are created and destroyed periodically).
+# This data source fetches new authentication certificates.
+# Alternatively, use `terraform refresh` to fetch them manually.
 data "azurerm_kubernetes_cluster" "main" {
   name                = var.cluster_name
   resource_group_name = var.cluster_name
 }
 
 provider "kubernetes" {
-  host                   = "${data.azurerm_kubernetes_cluster.main.kube_config.0.host}"
-  client_certificate     = "${base64decode(data.azurerm_kubernetes_cluster.main.kube_config.0.client_certificate)}"
-  client_key             = "${base64decode(data.azurerm_kubernetes_cluster.main.kube_config.0.client_key)}"
-  cluster_ca_certificate = "${base64decode(data.azurerm_kubernetes_cluster.main.kube_config.0.cluster_ca_certificate)}"
+  host                   = var.cluster_endpoint
+  cluster_ca_certificate = var.cluster_ca_cert
+  client_key             = base64decode(data.azurerm_kubernetes_cluster.main.kube_config.0.client_key)
+  client_certificate     = base64decode(data.azurerm_kubernetes_cluster.main.kube_config.0.client_certificate)
 }
 
 resource "kubernetes_namespace" "test" {
@@ -31,7 +38,7 @@ depends_on = [var.cluster_name]
     persistent_volume_source {
       azure_disk {
         caching_mode = "None"
-        data_disk_uri = var.disk_uri
+        data_disk_uri = var.data_disk_uri
         disk_name = "managed"
         kind = "Managed"
       }
@@ -80,9 +87,10 @@ resource "kubernetes_deployment" "test" {
 
 provider "helm" {
   kubernetes {
-    host = var.cluster_endpoint
-    token = data.google_client_config.default.access_token
-    cluster_ca_certificate = base64decode(var.cluster_ca_cert)
+    host                   = var.cluster_endpoint
+    client_certificate     = var.cluster_ca_cert
+    client_key             = base64decode(data.azurerm_kubernetes_cluster.main.kube_config.0.client_key)
+    cluster_ca_certificate = base64decode(data.azurerm_kubernetes_cluster.main.kube_config.0.cluster_ca_certificate)
   }
 }
 
@@ -97,21 +105,3 @@ resource helm_release nginx_ingress {
     value = "ClusterIP"
   }
 }
-
-data "template_file" "kubeconfig" {
-  template = file("${path.module}/kubeconfig-template.yaml")
-
-  vars = {
-    cluster_name    = var.cluster_name
-    endpoint        = var.cluster_endpoint
-    cluster_ca      = var.cluster_ca_cert
-    cluster_token   = data.google_client_config.default.access_token
-  }
-}
-
-resource "local_file" "kubeconfig" {
-  depends_on = [var.cluster_id]
-  content  = data.template_file.kubeconfig.rendered
-  filename = "${path.root}/kubeconfig"
-}
-

_examples/aks/kubernetes-config/variables.tf

@@ -1 +1,15 @@
-azurerm_managed_disk.test.id
+variable "cluster_ca_cert" {
+  type = string
+}
+
+variable "cluster_endpoint" {
+  type = string
+}
+
+variable "cluster_name" {
+  type = string
+}
+
+variable "data_disk_uri" {
+  type = string
+}

_examples/aks/main.tf

@@ -1,35 +1,37 @@
 terraform {
-  required_providers {
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-#      version = "2.0"
-    }
-    google = {
-      source  = "hashicorp/azure"
-      version = "2.42"
-    }
-    helm = {
-      source  = "hashicorp/helm"
-      version = "2.0.1"
-    }
-  }
+  required_providers {
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "9.9.9"
+    }
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "2.42"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "2.0.1"
+    }
+  }
 }
 
 resource "random_id" "cluster_name" {
   byte_length = 5
 }
 
-
 module "aks-cluster" {
   source                  = "./aks-cluster"
   cluster_name            = local.cluster_name
+  location                = var.location
 }
 
+# By referencing the aks-cluster module as inputs to the kubernetes-config module,
+# we establish a dependency between the two. This will create the AKS cluster before
+# any Kubernetes resources are created.
 module "kubernetes-config" {
   source                  = "./kubernetes-config"
   cluster_name            = module.aks-cluster.cluster_name
-  cluster_id              = module.aks-cluster.cluster_id # creates dependency on cluster creation
   cluster_endpoint        = module.aks-cluster.cluster_endpoint
   cluster_ca_cert         = module.aks-cluster.cluster_ca_cert
+  data_disk_uri           = module.aks-cluster.data_disk_uri
 }
-