Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Welasco/Bicep

Last synced: about 2 months ago
JSON representation

Host: GitHub
URL: https://github.com/Welasco/Bicep
Owner: Welasco
Created: 2021-05-25T23:25:09.000Z (over 3 years ago)
Default Branch: master
Last Pushed: 2021-09-14T21:26:13.000Z (over 3 years ago)
Last Synced: 2024-08-03T17:11:23.497Z (5 months ago)
Language: Bicep
Size: 95.7 KB
Stars: 9
Watchers: 2
Forks: 20
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

AWESOME-Azure-Bicep - Welasco/Bicep - Create Private AKS Cluster using Bicep

README

# Create Private AKS Cluster using Bicep

## Overview

This is a blog on how to use modules approach for Infrastructure as Code and be able to provision a Private AKS cluster and few related resources. The bicep modules in the repository are designed keeping Base line architecture in mind. You can start using these modules as is or modify to suit the needs.

## Architecture

![PrivateCluster](PrivateCluster.jpg)

## Setup

The bicep modules will provision the following Azure Resources under subscription scope.

1. A Resource Group with Baseline variable
2. Hub VNET with required subnets
1. Azure Firewall Subnet
2. Azure Bastion Subnet
3. A jumpbox subnet
3. Spoke VNET with AKS cluster subnet and additional subnet for other services like Azure Container Registry etc.
4. Azure Firewall and required routes
5. Azure Bastion resource and a jumpbox VM without public IP for securing traffic
6. Azure Container Registry for storing images.
7. A Private Endpoint for ACR
8. Private DNS Zone
9. AAD Enabled, Managed Private AKS Cluster with monitoring Addon and Azure Policy enabled
1. Private AK Cluster need the UDR routes enabled via Firewall.

## Resource Provisioning

#### Clone the repo

```bash
git clone https://github.com/ssarwa/bicep
cd bicep
# You could use deploy.azcli as your working file. Don't run the script as is!
```

#### Login to Azure

```bash
az login

az account set -s
```

#### Initialize variables

```bash
# Change the variables as required (baseline and location) on deploy.azcli
# Deploy the bicep script
az deployment sub create -n $baseline'Dep' -l $location -f main.bicep
```

The deployment could take somewhere around 20 to 30 mins. Once provisioning is completed you can use the cluster for your needs.

## Next Steps

1. Enable GitOps using Flux operator for Application deployment
2. Enable IaC using CI/CD pipelines on Github Actions