Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ljtill/terraform-cluster-api

[WIP] Kubernetes (AKS) with Cluster API
https://github.com/ljtill/terraform-cluster-api

azure cluster-api flux kubernetes

Last synced: 5 days ago
JSON representation

[WIP] Kubernetes (AKS) with Cluster API

Host: GitHub
URL: https://github.com/ljtill/terraform-cluster-api
Owner: ljtill
License: mit
Created: 2023-07-14T21:56:33.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-10-25T14:00:07.000Z (about 2 months ago)
Last Synced: 2024-10-29T18:22:21.274Z (about 2 months ago)
Topics: azure, cluster-api, flux, kubernetes
Language: HCL
Homepage:
Size: 216 KB
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Cluster API

This repository provides the source code for setting up Cluster API on Microsoft Azure using Terraform and Flux: You can use this repository to create a fully automated and scalable workflow for deploying and managing Kubernetes clusters on Azure.

The purpose of the repository is to:

- Deploy the management cluster with Terraform
- Bootstrap it with Flux to pull in the Kubernetes manifests and apply them
- Install Cluster API on top of the management cluster
- Start deploying additional AKS clusters using Cluster API

Through the use of Flux, we’re able to deploy workload clusters quickly after pull requests are merged. You can use this repository as a template or a reference for your own Cluster API projects on Azure.

_Please note this repository is under development and subject to change._

## Repository structure

- `clusters` - Kustomize manifests for cluster components
- `management` - Platform management cluster
- `workloads` - Distributed workload clusters
- `manifests` - Re-usable Kubernetes manifests for all clusters
- `resources` - Terraform files for deploying the management cluster

## Getting Started

### Generate Deployment Keys

1. Create `.ssh/` directory
2. Invoke `ssh-keygen -t ed25519 -C "[email protected]"`
3. Invoke `ssh-keygen -t rsa -b 4096 -C "[email protected]"`
4. Add the `id_ed25519.pub` file to your repository as "Deploy keys"

### Deploy Management Cluster

1. Navigate to the `resources` directory
2. Update the `resource_name` and `location` properties in `locals.tf` file
3. Update the `url` property in the `providers.tf` file
4. Authenticate Azure session `az login`
5. Select desired Azure Subscription `az account set -s '{SubscriptionName}'`
6. Initialize Terraform `terraform init`
7. Deploy Terraform resources `terraform deploy`
8. Authenticate Kubernetes context `az aks get-credentials -g '{ResourceGroup}' -n {Name}`

Configuring Terraform State Storage has been omitted for brevity

### Create Cluster Federation

1. Browse to the [Entra admin center](https://entra.microsoft.com/)
2. Create App registration
3. Navigate to "Certificates & Secrets"
4. Add Federated credential “Kubernetes accessing Azure resources”
5. Update cluster details:
- Cluster issuer URL `az aks show -g '{ResourceGroup}' -n '{Name}' --query 'oidcIssuerProfile.issuerUrl'`
- Namespace "capi-azure-system"
- Service account name "capz-manager"
6. Browse to the [Azure portal](https://portal.azure.com)
6. Navigate to the desired Subscription
7. Select 'Access control (IAM)' and 'Add role assignment'
8. Select Role - Owner and select 'Members'
9. Provide the 'Name' of the application from the previous steps

### Provision Workload Clusters

1. Navigate to the `manifest/config` directory
2. Update the `data` properties with desired values
- `global_public_key` needs to be base64 encoded version of `id_rsa.pub`
3. Deploy Kubernetes manifest `kubectl apply -f workloads.yaml`

Configuration of Workloads settings can also be deployed by Flux