https://github.com/shalb/cdev-azure-aks

https://github.com/shalb/cdev-azure-aks

Last synced: about 1 month ago
JSON representation

• Host: GitHub
• URL: https://github.com/shalb/cdev-azure-aks
• Owner: shalb
• License: apache-2.0
• Created: 2023-10-27T07:44:27.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2024-03-05T14:41:25.000Z (10 months ago)
• Last Synced: 2024-03-05T15:58:42.667Z (10 months ago)
• Size: 22.5 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Azure-AKS

Cluster.dev uses [stack templates](https://docs.cluster.dev/stack-templates-overview/) to generate users' projects in a desired cloud. AKS-Azure is a stack template that creates and provisions Kubernetes clusters in Azure cloud by means of Azure Kubernetes Service (AKS).

In this repository you will find all information and samples necessary to start an AKS cluster on Azure with Cluster.dev. 

The resources to be created:

* Azure DNS Zone

* Azure Virtual Network

* AKS Kubernetes cluster with addons:

  * cert-manager

  * ingress-nginx

  * external-secrets (with Azure Key Vault backend)

  * external-dns

  * argocd

## Prerequisites

1. Terraform version >= 1.4

2. Azure account and a subscription.

3. Azure CLI installed and configured with your Azure account.

4. kubectl installed.

5. [Cluster.dev client installed](https://docs.cluster.dev/get-started-install/).

6. Parent Domain

## Quick Start

1. Clone example project:

    ```

    git clone https://github.com/shalb/cdev-azure-aks.git

    cd examples/

    ```

2. Update project.yaml

    ```

    name: demo-project

    kind: Project

    backend: azure-backend

    variables:

      location: eastus

      domain: azure.cluster.dev

      resource_group_name: cdevResourceGroup

      state_storage_account_name: cdevstates

      state_container_name: tfstate

      kubernetes_version: 1.27.9

    ```

3. Create Azure Storage Account and a container for terraform backend

    ```

    az group create --name cdevResourceGroup --location EastUS

    az storage account create --name cdevstates --resource-group cdevResourceGroup --location EastUS --sku Standard_LRS

    az storage container create --name tfstate --account-name cdevstates

    ```

4. It may be necessary to assign the `Storage Blob Data Contributor` and `Storage Queue Data Contributor` roles to your user account for the storage account

    ```

    STORAGE_ACCOUNT_ID=$(az storage account show --name cdevstates --query id --output tsv)

    USER_OBJECT_ID=$(az ad signed-in-user show --query id --output tsv)

    az role assignment create --assignee "$USER_OBJECT_ID" --role "Storage Blob Data Contributor" --scope "$STORAGE_ACCOUNT_ID"

    az role assignment create --assignee "$USER_OBJECT_ID" --role "Storage Queue Data Contributor" --scope "$STORAGE_ACCOUNT_ID"

    ```

5. Edit variables in the example's files, if necessary.

6. Run `cdev plan`

7. Run `cdev apply`

8. Setup DNS delegation for subdomain by creating

   NS records for subdomain in parent domain.

   Run `cdev output`

   ```

   domain = demo.azure.cluster.dev.

   name_servers = [

     "ns1-36.azure-dns.com.",

     "ns2-36.azure-dns.net.",

     "ns3-36.azure-dns.org.",

     "ns4-36.azure-dns.info."

   ]

   ```

   add records from name_server list

9. Connect to AKS cluster. Run `cdev output`.

   ```

   kubeconfig_cmd = az aks get-credentials --name  --resource-group  --overwrite-existing

   ```

   Execute command in `kubeconfig_cmd`

10. Retrieve ArgoCD admin password

   ```

   kubectl -n argocd get secret argocd-initial-admin-secret  -o jsonpath="{.data.password}" | base64 -d; echo

   ```

## Destroy Sample Architecture

1. Run `cdev destroy`

2. Remove NS records for subdomain in parent domain

3. Delete Azure Storage Account and a container for terraform backend

    ```

    az group delete --name cdevResourceGroup

    ```