Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/truefoundry/terraform-azure-truefoundry-cluster

Truefoundry Azure Cluster Module
https://github.com/truefoundry/terraform-azure-truefoundry-cluster

Last synced: 4 months ago
JSON representation

Truefoundry Azure Cluster Module

Awesome Lists containing this project

README 

          
# terraform-azure-truefoundry-cluster

Truefoundry Azure Cluster Module



## Requirements



| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 1.8 |

|  [azurerm](#requirement\_azurerm) | >= 3.107.0 |



## Providers



| Name | Version |

|------|---------|

|  [azurerm](#provider\_azurerm) | >= 3.107.0 |



## Modules



| Name | Source | Version |

|------|--------|---------|

|  [aks](#module\_aks) | Azure/aks/azurerm | 10.2.0 |



## Resources



| Name | Type |

|------|------|

| [azurerm_monitor_diagnostic_setting.cluster_autoscaler_diagnostic](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_diagnostic_setting) | resource |

| [azurerm_role_assignment.network_contributor_cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |

| [azurerm_user_assigned_identity.cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) | resource |

| [azurerm_kubernetes_cluster.cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_cluster) | data source |



## Inputs



| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [allowed\_ip\_ranges](#input\_allowed\_ip\_ranges) | Allowed IP ranges to connect to the cluster | `list(string)` | 
[
  "0.0.0.0/0"
]
 | no |

|  [autoscaler\_profile\_expander](#input\_autoscaler\_profile\_expander) | Expander for the autoscaler profile. Possible values are `least-waste`, `priority`, `most-pods` and `random`. Defaults to `least-waste` | `string` | `"least-waste"` | no |

|  [autoscaler\_profile\_max\_graceful\_termination\_sec](#input\_autoscaler\_profile\_max\_graceful\_termination\_sec) | Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 180 | `number` | `180` | no |

|  [autoscaler\_profile\_max\_node\_provisioning\_time](#input\_autoscaler\_profile\_max\_node\_provisioning\_time) | Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15 minutes | `string` | `"15m"` | no |

|  [autoscaler\_profile\_max\_unready\_nodes](#input\_autoscaler\_profile\_max\_unready\_nodes) | Maximum Number of allowed unready nodes. Defaults to 3 | `number` | `3` | no |

|  [autoscaler\_profile\_scale\_down\_delay\_after\_add](#input\_autoscaler\_profile\_scale\_down\_delay\_after\_add) | Scale down delay after add for the autoscaler profile | `string` | `"2m"` | no |

|  [autoscaler\_profile\_scale\_down\_delay\_after\_delete](#input\_autoscaler\_profile\_scale\_down\_delay\_after\_delete) | Scale down delay after delete for the autoscaler profile | `string` | `"30s"` | no |

|  [autoscaler\_profile\_scale\_down\_unneeded](#input\_autoscaler\_profile\_scale\_down\_unneeded) | Scale down unneeded for the autoscaler profile | `string` | `"1m"` | no |

|  [autoscaler\_profile\_scale\_down\_unready](#input\_autoscaler\_profile\_scale\_down\_unready) | Scale down unready for the autoscaler profile | `string` | `"2m"` | no |

|  [autoscaler\_profile\_scale\_down\_utilization\_threshold](#input\_autoscaler\_profile\_scale\_down\_utilization\_threshold) | Scale down utilization threshold for the autoscaler profile | `number` | `0.7` | no |

|  [autoscaler\_profile\_skip\_nodes\_with\_local\_storage](#input\_autoscaler\_profile\_skip\_nodes\_with\_local\_storage) | Skip nodes with pods with local storage, for example, EmptyDir or HostPath | `bool` | `false` | no |

|  [autoscaler\_profile\_skip\_nodes\_with\_system\_pods](#input\_autoscaler\_profile\_skip\_nodes\_with\_system\_pods) | Skip nodes with system pods for the autoscaler profile | `bool` | `true` | no |

|  [cluster\_autoscaler\_diagnostic\_enable\_override](#input\_cluster\_autoscaler\_diagnostic\_enable\_override) | Enable overriding of the cluster autoscaler diagnostic setting name. | `bool` | `false` | no |

|  [cluster\_autoscaler\_diagnostic\_override\_name](#input\_cluster\_autoscaler\_diagnostic\_override\_name) | Cluster autoscaler diagnostic setting name. Default is '-cluster-autoscaler' | `string` | `""` | no |

|  [cluster\_cost\_analysis\_enabled](#input\_cluster\_cost\_analysis\_enabled) | Enable cluster cost analysis | `bool` | `false` | no |

|  [cluster\_data\_collection\_settings](#input\_cluster\_data\_collection\_settings) | Cluster data collection settings. `data_collection_interval` - Determines how often the agent collects data. Valid values are 1m - 30m in 1m intervals. Default is 1m. `namespace_filtering_mode_for_data_collection` - Can be 'Include', 'Exclude', or 'Off'. Determines how namespaces are filtered for data collection. `namespaces_for_data_collection` - List of Kubernetes namespaces for data collection based on the filtering mode. `container_log_v2_enabled` - Flag to enable the ContainerLogV2 schema for collecting logs. See more details: https://learn.microsoft.com/en-us/azure/azure-monitor/containers/container-insights-data-collection-configure?tabs=cli#configure-dcr-with-azure-portal-1 | 
object({
    data_collection_interval                     = string
    namespace_filtering_mode_for_data_collection = string
    namespaces_for_data_collection               = list(string)
    container_log_v2_enabled                     = bool
  })
 | 
{
  "container_log_v2_enabled": true,
  "data_collection_interval": "1m",
  "namespace_filtering_mode_for_data_collection": "Off",
  "namespaces_for_data_collection": [
    "kube-system",
    "gatekeeper-system",
    "azure-arc"
  ]
}
 | no |

|  [cluster\_monitor\_data\_collection\_rule\_data\_sources\_syslog\_facilities](#input\_cluster\_monitor\_data\_collection\_rule\_data\_sources\_syslog\_facilities) | Syslog supported facilities as documented here: https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-syslog | `list(string)` | 
[
  "auth",
  "authpriv",
  "cron",
  "daemon",
  "mark",
  "kern",
  "local0",
  "local1",
  "local2",
  "local3",
  "local4",
  "local5",
  "local6",
  "local7",
  "lpr",
  "mail",
  "news",
  "syslog",
  "user",
  "uucp"
]
 | no |

|  [cluster\_monitor\_data\_collection\_rule\_data\_sources\_syslog\_levels](#input\_cluster\_monitor\_data\_collection\_rule\_data\_sources\_syslog\_levels) | List of syslog levels | `list(string)` | 
[
  "Debug",
  "Info",
  "Notice",
  "Warning",
  "Error",
  "Critical",
  "Alert",
  "Emergency"
]
 | no |

|  [cluster\_monitor\_data\_collection\_rule\_enabled](#input\_cluster\_monitor\_data\_collection\_rule\_enabled) | Enable cluster monitor data collection rule | `bool` | `true` | no |

|  [cluster\_monitor\_data\_collection\_rule\_extensions\_streams](#input\_cluster\_monitor\_data\_collection\_rule\_extensions\_streams) | An array of container insights table streams. See documentation in DCR for a list of the valid streams and their corresponding table: https://learn.microsoft.com/en-us/azure/azure-monitor/containers/container-insights-data-collection-configure?tabs=portal#stream-values-in-dcr | `list(string)` | 
[
  "Microsoft-ContainerLog",
  "Microsoft-ContainerLogV2",
  "Microsoft-KubeEvents",
  "Microsoft-KubePodInventory",
  "Microsoft-KubeNodeInventory",
  "Microsoft-KubePVInventory",
  "Microsoft-KubeServices",
  "Microsoft-KubeMonAgentEvents",
  "Microsoft-InsightsMetrics",
  "Microsoft-ContainerInventory",
  "Microsoft-ContainerNodeInventory",
  "Microsoft-Perf"
]
 | no |

|  [cluster\_monitor\_metrics](#input\_cluster\_monitor\_metrics) | Specifies a Prometheus add-on profile for the Kubernetes Cluster object({ annotations\_allowed = '(Optional) Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.' labels\_allowed = '(Optional) Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.' }) | 
object({
    annotations_allowed = optional(string)
    labels_allowed      = optional(string)
  })
 | `null` | no |

|  [control\_plane](#input\_control\_plane) | Whether the cluster is control plane | `bool` | n/a | yes |

|  [control\_plane\_instance\_type](#input\_control\_plane\_instance\_type) | Control plane nodepool instance type | `string` | `"Standard_D4s_v5"` | no |

|  [cpu\_pools](#input\_cpu\_pools) | CPU pools to be attached | 
list(object({
    name                  = string
    instance_type         = string
    min_count             = optional(number, 0)
    max_count             = optional(number, 2)
    enable_spot_pool      = optional(bool, true)
    enable_on_demand_pool = optional(bool, true)
  }))
 | n/a | yes |

|  [critical\_node\_pool\_enabled](#input\_critical\_node\_pool\_enabled) | Enable Critical nodepool for the cluster | `bool` | `true` | no |

|  [critical\_node\_pool\_instance\_type](#input\_critical\_node\_pool\_instance\_type) | Critical nodepool instance type | `string` | `"Standard_D4s_v5"` | no |

|  [disk\_driver\_version](#input\_disk\_driver\_version) | Version of disk driver. Supported values `v1` and `v2` | `string` | `"v1"` | no |

|  [disk\_size](#input\_disk\_size) | Disk size of the initial node pool in GB | `string` | `"100"` | no |

|  [dns\_ip](#input\_dns\_ip) | IP from service CIDR used for internal DNS | `string` | `"10.255.0.10"` | no |

|  [enable\_auto\_scaling](#input\_enable\_auto\_scaling) | Enable auto scaling for the cluster | `bool` | `true` | no |

|  [enable\_autoscaler\_profile](#input\_enable\_autoscaler\_profile) | Enable autoscaler profile for the cluster | `bool` | `true` | no |

|  [enable\_blob\_driver](#input\_enable\_blob\_driver) | Enable blob storage provider | `bool` | `true` | no |

|  [enable\_disk\_driver](#input\_enable\_disk\_driver) | Enable disk storage provider | `bool` | `true` | no |

|  [enable\_file\_driver](#input\_enable\_file\_driver) | Enable file storage provider | `bool` | `true` | no |

|  [enable\_snapshot\_controller](#input\_enable\_snapshot\_controller) | Enable snapshot controller | `bool` | `true` | no |

|  [enable\_storage\_profile](#input\_enable\_storage\_profile) | Enable storage profile for the cluster. If disabled `enable_blob_driver`, `enable_file_driver`, `enable_disk_driver` and `enable_snapshot_controller` will have no impact | `bool` | `true` | no |

|  [gpu\_pools](#input\_gpu\_pools) | GPU pools to be attached | 
list(object({
    name                  = string
    instance_type         = string
    min_count             = optional(number, 0)
    max_count             = optional(number, 2)
    enable_spot_pool      = optional(bool, true)
    enable_on_demand_pool = optional(bool, true)
  }))
 | n/a | yes |

|  [initial\_node\_pool\_count](#input\_initial\_node\_pool\_count) | Count for the initial node pool. Used only when autoscaling is disabled | `number` | `2` | no |

|  [initial\_node\_pool\_instance\_type](#input\_initial\_node\_pool\_instance\_type) | Instance size of the initial node pool | `string` | `"Standard_D4s_v5"` | no |

|  [initial\_node\_pool\_max\_count](#input\_initial\_node\_pool\_max\_count) | Max count in the initial node pool | `number` | `2` | no |

|  [initial\_node\_pool\_max\_surge](#input\_initial\_node\_pool\_max\_surge) | Max surge in percentage for the intial node pool | `string` | `"10"` | no |

|  [initial\_node\_pool\_min\_count](#input\_initial\_node\_pool\_min\_count) | Min count in the initial node pool | `number` | `1` | no |

|  [initial\_node\_pool\_name](#input\_initial\_node\_pool\_name) | Name of the initial node pool | `string` | `"initial"` | no |

|  [kubernetes\_version](#input\_kubernetes\_version) | Version of the kubernetes engine | `string` | `"1.33"` | no |

|  [location](#input\_location) | Location of the resource group | `string` | n/a | yes |

|  [log\_analytics\_workspace\_enable\_override](#input\_log\_analytics\_workspace\_enable\_override) | Enable overriding of the log analytics workspace name. | `bool` | `false` | no |

|  [log\_analytics\_workspace\_enabled](#input\_log\_analytics\_workspace\_enabled) | value to enable log analytics workspace | `bool` | `true` | no |

|  [log\_analytics\_workspace\_override\_name](#input\_log\_analytics\_workspace\_override\_name) | Log analytics workspace name. Default is '-log-analytics' | `string` | `""` | no |

|  [max\_pods\_per\_node](#input\_max\_pods\_per\_node) | Max pods per node | `number` | `32` | no |

|  [name](#input\_name) | Name of the cluster. If use\_existing\_cluster is enabled name is used to fetch details of existing cluster | `string` | n/a | yes |

|  [network\_data\_plane](#input\_network\_data\_plane) | Network data plane to use for cluster.Possible values are `azure` and `cilium` | `string` | `"azure"` | no |

|  [network\_plugin](#input\_network\_plugin) | Network plugin to use for cluster | `string` | `"azure"` | no |

|  [network\_plugin\_mode](#input\_network\_plugin\_mode) | Network plugin mode to use for cluster | `string` | `"overlay"` | no |

|  [oidc\_issuer\_enabled](#input\_oidc\_issuer\_enabled) | Enable OIDC for the cluster | `bool` | `true` | no |

|  [orchestrator\_version](#input\_orchestrator\_version) | Kubernetes version for the orchestration layer (nodes). By default it will be derived with var.kubernetes\_version until passed explicitly | `string` | `"1.33"` | no |

|  [pod\_cidr](#input\_pod\_cidr) | CIDR of the pod in cluster | `string` | `"10.244.0.0/16"` | no |

|  [private\_cluster\_enabled](#input\_private\_cluster\_enabled) | Private cluster | `bool` | `false` | no |

|  [rbac\_aad](#input\_rbac\_aad) | Enable RBAC for the cluster | `bool` | `false` | no |

|  [rbac\_aad\_azure\_rbac\_enabled](#input\_rbac\_aad\_azure\_rbac\_enabled) | Enable Azure RBAC for the cluster | `bool` | `false` | no |

|  [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group | `string` | n/a | yes |

|  [role\_based\_access\_control\_enabled](#input\_role\_based\_access\_control\_enabled) | Enable role based access control for the cluster | `bool` | `true` | no |

|  [service\_cidr](#input\_service\_cidr) | CIDR of the services in cluster | `string` | `"10.255.0.0/16"` | no |

|  [sku\_tier](#input\_sku\_tier) | SKU tier of the cluster. Defaults to standard | `string` | `"Standard"` | no |

|  [subnet\_id](#input\_subnet\_id) | Subnet Id for the cluster | `string` | n/a | yes |

|  [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |

|  [use\_existing\_cluster](#input\_use\_existing\_cluster) | Flag to reuse existing cluster | `bool` | `false` | no |

|  [vnet\_id](#input\_vnet\_id) | Vnet ID for the cluster | `string` | n/a | yes |

|  [workload\_identity\_enabled](#input\_workload\_identity\_enabled) | Enable workload identity in the cluster | `bool` | `true` | no |



## Outputs



| Name | Description |

|------|-------------|

|  [cluster\_endpoint](#output\_cluster\_endpoint) | Endpoint for your Kubernetes API server |

|  [cluster\_host](#output\_cluster\_host) | The `host` in the `azurerm_kubernetes_cluster`'s `kube_config` block. The Kubernetes cluster server host. |

|  [cluster\_id](#output\_cluster\_id) | The name/id of the EKS cluster. Will block on cluster creation until the cluster is really ready |

|  [cluster\_identity](#output\_cluster\_identity) | The `azurerm_kubernetes_cluster`'s `identity` block. |

|  [cluster\_name](#output\_cluster\_name) | Name of the cluster |

|  [cluster\_networking\_profile](#output\_cluster\_networking\_profile) | Networking profile of the cluster |

|  [cluster\_oidc\_issuer\_url](#output\_cluster\_oidc\_issuer\_url) | OIDC issuer url of the cluster |

|  [use\_existing\_cluster](#output\_use\_existing\_cluster) | Flag to check if an existing cluster is used |