Welcome to Stack Simplify

Author: stacksimplify

24-Azure-AKS-Terraform/24-03-Create-AKS-Cluster/README.md

@@ -110,92 +110,121 @@ resource "azuread_group" "aks_administrators" {
 - This is going to be a very big terraform template when compared to what we created so far  we will do it slowly step by step.
 
 ```
+# Provision AKS Cluster
+/*
+1. Add Basic Cluster Settings
+  - Get Latest Kubernetes Version from datasource (kubernetes_version)
+  - Add Node Resource Group (node_resource_group)
+2. Add Default Node Pool Settings
+  - orchestrator_version (latest kubernetes version using datasource)
+  - availability_zones
+  - enable_auto_scaling
+  - max_count, min_count
+  - os_disk_size_gb
+  - type
+  - node_labels
+  - tags
+3. Enable MSI
+4. Add On Profiles 
+  - Azure Policy
+  - Azure Monitor (Reference Log Analytics Workspace id)
+5. RBAC & Azure AD Integration
+6. Admin Profiles
+  - Windows Admin Profile
+  - Linux Profile
+7. Network Profile
+8. Cluster Tags  
+*/
+
 resource "azurerm_kubernetes_cluster" "aks_cluster" {
-  dns_prefix          = "${azurerm_resource_group.aks_rg.name}-cluster"
-  location            = azurerm_resource_group.aks_rg.location
   name                = "${azurerm_resource_group.aks_rg.name}-cluster"
+  location            = azurerm_resource_group.aks_rg.location
   resource_group_name = azurerm_resource_group.aks_rg.name
+  dns_prefix          = "${azurerm_resource_group.aks_rg.name}-cluster"
   kubernetes_version  = data.azurerm_kubernetes_service_versions.current.latest_version
   node_resource_group = "${azurerm_resource_group.aks_rg.name}-nrg"
 
-
   default_node_pool {
-    name       = "systempool"
-    vm_size    = "Standard_DS2_v2"
+    name                 = "systempool"
+    vm_size              = "Standard_DS2_v2"
     orchestrator_version = data.azurerm_kubernetes_service_versions.current.latest_version
     availability_zones   = [1, 2, 3]
     enable_auto_scaling  = true
     max_count            = 3
     min_count            = 1
     os_disk_size_gb      = 30
-    type           = "VirtualMachineScaleSets"
+    type                 = "VirtualMachineScaleSets"
     node_labels = {
-      "nodepool-type" = "system"
-      "environment"   = "production"
-      "nodepoolos"    = "linux"
-      "app"           = "system-apps"
-    }
-    tags = {
-      "nodepool-type" = "system"
-      "environment"   = "production"
-      "nodepoolos"    = "linux"
-      "app"           = "system-apps"
-    }    
+      "nodepool-type"    = "system"
+      "environment"      = "dev"
+      "nodepoolos"       = "linux"
+      "app"              = "system-apps" 
+    } 
+   tags = {
+      "nodepool-type"    = "system"
+      "environment"      = "dev"
+      "nodepoolos"       = "linux"
+      "app"              = "system-apps" 
+   } 
   }
 
 # Identity (System Assigned or Service Principal)
-  identity { type = "SystemAssigned" }
+  identity {
+    type = "SystemAssigned"
+  }
 
 # Add On Profiles
   addon_profile {
-    azure_policy { enabled = true }
+    azure_policy {enabled =  true}
     oms_agent {
-      enabled                    = true
+      enabled =  true
       log_analytics_workspace_id = azurerm_log_analytics_workspace.insights.id
     }
   }
 
 # RBAC and Azure AD Integration Block
-role_based_access_control {
-  enabled = true
-  azure_active_directory {
-    managed                = true
-    admin_group_object_ids = [azuread_group.aks_administrators.object_id]
+  role_based_access_control {
+    enabled = true
+    azure_active_directory {
+      managed = true
+      admin_group_object_ids = [azuread_group.aks_administrators.id]
+    }
   }
-}  
 
-# Windows Admin Profile
-windows_profile {
-  admin_username            = var.windows_admin_username
-  admin_password            = var.windows_admin_password
-}
+# Windows Profile
+  windows_profile {
+    admin_username = var.windows_admin_username
+    admin_password = var.windows_admin_password
+  }
 
 # Linux Profile
-linux_profile {
-  admin_username = "ubuntu"
-  ssh_key {
+  linux_profile {
+    admin_username = "ubuntu"
+    ssh_key {
       key_data = file(var.ssh_public_key)
+    }
   }
-}
 
 # Network Profile
-network_profile {
-  load_balancer_sku = "Standard"
-  network_plugin = "azure"
-}
+  network_profile {
+    network_plugin = "azure"
+    load_balancer_sku = "Standard"
+  }
 
-# AKS Cluster Tags 
-tags = {
-  Environment = "prod"
+  tags = {
+    Environment = "dev"
+  }
 }
 
-
-}
 ```
 
 ## Step-08: Create Terraform Output Values for AKS Cluster
 - Create a file named **08-outputs.tf**
 ```
+# Create Outputs
+# 1. Resource Group Location
+# 2. Resource Group Id
+# 3. Resource Group Name
 
 # Resource Group Outputs
 output "location" {
@@ -210,6 +239,24 @@ output "resource_group_name" {
   value = azurerm_resource_group.aks_rg.name
 }
 
+# Azure AKS Versions Datasource
+output "versions" {
+  value = data.azurerm_kubernetes_service_versions.current.versions
+}
+
+output "latest_version" {
+  value = data.azurerm_kubernetes_service_versions.current.latest_version
+}
+
+# Azure AD Group Object Id
+output "azure_ad_group_id" {
+  value = azuread_group.aks_administrators.id
+}
+output "azure_ad_group_objectid" {
+  value = azuread_group.aks_administrators.object_id
+}
+
+
 # Azure AKS Outputs
 
 output "aks_cluster_id" {
@@ -223,6 +270,7 @@ output "aks_cluster_name" {
 output "aks_cluster_kubernetes_version" {
   value = azurerm_kubernetes_cluster.aks_cluster.kubernetes_version
 }
+
 ```