Azure Kubernetes service help developers & administrators to deploy and manged the containerized application without container orchestration expertise.This eliminates the burden of ongoing operations and maintenance by provisioning, upgrading, and scaling resources on demand, without taking your applications offline.
What is Terrraform?
Infrastructure deployment through GUI may be cumbersome task, when we have to deploy a large environment and it has many possibility to do happen configuration changes and errors. To avoid those we can use Infrastructure as a Code approach. So any azure admins or architect will tell “We can Use ARM template for that”, YES its true, we can use ARM template for the deployment of AKS cluster.
Terraform will benefit for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.
The benefit of use of Terraform is its easy to write template and more human readable. Few benefits are as below.
Infrastructure as Code
Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used.
Execution Plans
Terraform has a “planning” step where it generates an execution plan. The execution plan shows what Terraform will do when you call apply. This lets you avoid any surprises when Terraform manipulates infrastructure.
Resource Graph
Terraform builds a graph of all your resources, and parallelizes the creation and modification of any non-dependent resources. Because of this, Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure.
Change Automation
Complex changesets can be applied to your infrastructure with minimal human interaction. With the previously mentioned execution plan and resource graph, you know exactly what Terraform will change and in what order, avoiding many possible human errors.
So lets jump in to how we can create/ run an AKS cluster from Terraform template
Step 1- Few housekeeping before we begin
- Install Terraform
- Install Text Editor – VS Code
- Install VS Code Extension (Optional)
- Azure CLI or Azure PowerShell Module
Step 2 – Create a SPN (Service Principal Name)
Create SPN fron Azure CLI
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/your_subscription_id"Step 3 – Create Terraform Files in VS Code
To create this we need to create two Terraform files, one for the resource deceleration and other works as variable file.
resource decleration end with extension <name>.tf and variable file ends with <name>.tfvars
Step 4 – Create Variables
We need to populate the variable file with following. The variable file should add to gitignore if your maintaining source control, beacuse it may contain sensitive data as below.
arm_subscription_id=xxxxxxxx
arm_client_id=xxxxxxx
arm_client_secret=xxxxxxx
arm_tenent_id=xxxxxxxxarm_subscription_id– It can find from the Azure subscriptions Active directory settings. If already authenticated with Azure using CLI or PowerShell we can execute following commands to get subscription ID
Get-AzSubscription -SubscriptionName "<SUB_NAME>" | Select-Object SubscriptionId
arm_client_id – App ID of the SPN created before.
arm_client_secret- Client secret can be found at SPN Settings. The secret can be visible for you at the creation you have to keep it in safe place if using for future use.
arm_tenent_id- In Azure when we sign up for use for the first time it creates a tenant for the email sign up
Get-AzSubscription -SubscriptionName "SUB_NAME" | Select-Object TenantId
Lets add few variables we need to deploy this.
resource_group_name = "k8terraform"
location= "East US"
cluster_name = "k8terraform"
dns_prifix = "k8terraform1232"
ssh_public_key = "E:\\DevOps\\Terraform\\Azure\\AKS\\aksdeploy"
agent_count = 3Step 5 – Create the Terraform file
First we need to add the provider (Azure RM)
#Add Azure Provider
provider "azurerm" {
}Create a Resource Group to deploy resources
#Create Resource Group
resource "azurerm_resource_group" "k8terraform" {
name = "${var.resource_group_name}"
location = "${var.location}"
}Step 6 Create the Azure Kubernetes Service
Variables File – “NAME”.tfvars
#variables file
arm_subscription_id = "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
arm_client_id = "XXXXXXXXXXXXXXXXXXXXXXX"
arm_client_secret = "XXXXXXXXXXXXXXXXXXX"
arm_tenent_id = "XXXXXXXXXXXXXXX"
resource_group_name = "k8terraform"
location = "East US"
cluster_name = "k8terraform"
dns_prifix = "k8terraform1232"
#Running on a Windows add front slash to ignore characters
ssh_public_key = "E:\\DevOps\\Terraform\\Azure\\AKS\\aksdeploy"
agent_count = 3Resource File – “NAME”.tf
#Variable
variable "arm_subscription_id" {
}
variable "arm_client_id" {
}
variable "arm_client_secret" {
}
variable "arm_tenent_id" {
}
variable "location" {
}
variable "cluster_name" {
}
variable "dns_prifix" {
}
variable "ssh_public_key" {
}
variable "agent_count" {
default = 3
}
variable "resource_group_name" {
}
#Add Azure Provider
provider "azurerm" {
}
#Create Resource Group
resource "azurerm_resource_group" "k8terraform" {
name = "${var.resource_group_name}"
location = "${var.location}"
}
#Create AKS Cluster
resource "azurerm_kubernetes_cluster" "k8cluster" {
name = "${var.cluster_name}"
location = "${azurerm_resource_group.k8terraform.location}"
resource_group_name = "${azurerm_resource_group.k8terraform.name}"
dns_prefix = "${var.dns_prifix}"
linux_profile{
admin_username = "localadmin"
ssh_key{
key_data = "${file("${var.ssh_public_key}")}"
}
}
agent_pool_profile{
name = "aksterraform"
count = "${var.agent_count}"
vm_size = "Standard_B2ms"
os_type = "Linux"
os_disk_size_gb = 30
}
service_principal{
client_id = "${var.arm_client_id}"
client_secret = "${var.arm_client_secret}"
}
tags{
Environment = "Development"
}
}
#Outputs -Optional
#output "kube_config" {
# value = "${azurerm_kubernetes_cluster.k8s.kube_config_raw}"
#}
#output "host" {
# value = "${azurerm_kubernetes_cluster.k8s.kube_config.0.host}"
#}
To deploy full infrastructure it will take 15 to 20 minutes for 3 nodes, but it will be more depending how many nodes to deploy.
Open Cloud Shell from Azure Portal and use below command to get the AKS cluster config.
az aks get-credentials --resource-group k8terraform --name k8terraformNext post we will go through how to deploy Kubernetes resources from Terraform.
Thank you !!!!