Installation of AKS via Terraform — Provision AKS Cluster
In my last meeting here on medium I made a post showing step by step the installation of an AKS cluster done through the Azure portal. Now everything will be in azure-cli mode.
# Requirements:
- Azure Account
- Azure-CLI
- Kubectl
## Provision an AKS cluster (Azure)
Azure Kubernetes Service (AKS) is a fully managed Kubernetes service for deploying, managing, and scaling containerized applications on Azure.
In this tutorial, you will deploy a 2-node AKS cluster into your default VPC using Terraform and access your Kubernetes dashboard.
Warning! If you are not using a qualifying account in the Azure Free Tier, you may be charged to run these samples. The most you should be charged should only be a few dollars, but we are not responsible for any charges that may occur.
Why deploy with Terraform?
While you can use Azure’s built-in provisioning processes (UI, CLI) for AKS clusters, Terraform offers several benefits:
Unified Workflow — If you are already deploying infrastructure on Azure with Terraform, your AKS cluster can fit into this workflow. You can also deploy applications to your AKS cluster using Terraform.
Full lifecycle management — Terraform not only creates resources, but updates and deletes tracked resources without requiring you to inspect the API to identify those resources.
Relationship Graph — Terraform understands dependency relationships between resources. For example, an Azure Kubernetes cluster needs to be associated with a resource group, Terraform will not attempt to create the cluster if the resource group is not created.
Requirements
The tutorial assumes some basic familiarity with Kubernetes and kubectl, but does not assume any pre-existing deployments.
Configure and initialize your Terraform workspace
Terminal
$ git clone https://github.com/hashicorp/learn-terraform-provision-aks-cluster
You can explore this repository by changing directories or navigating its UI.
$ cd learn-terraform-provision-aks-cluster
Here you will find three files used to provision the AKS cluster.
1 — aks-cluster.tf provisions a resource group and an AKS cluster. The default_node_pool defines the number of VMs and the type of VM that the cluster uses.
2 — variables.tf declares the appID and password so Terraform can reference your configuration
3 — terraform.tfvars sets appId and password variables to authenticate to Azure
4 — outputs.tf declares values that can be useful to interact with your AKS cluster
5 — Versions.tf sets the Terraform version to at least 0.14 and sets the required_provider block
Create an Active Directory Service Master Account
There are many ways to authenticate to the Azure provider. In this tutorial, you will use an Active Directory service principal account. You can learn how to authenticate using a different method here.
First, you need to create a primary Active Directory service account using the Azure CLI. You should see something like the following.
az ad sp create-for-rbac — skip-assignment
{ “appId”: “aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa”, “displayName”: “azure-cli-2019–04–11–00–46–05”, “name”: “http://azure- cli-2019–04–11–00–46–05”, “password”: “aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaaaaa”, “tenant”: “aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa” }
There are many ways to authenticate to the Azure provider. In this tutorial, you will use an Active Directory service principal account. You can learn how to authenticate using a different method here.
First, you need to create a primary Active Directory service account using the Azure CLI. You should see something like the following.
az ad sp create-for-rbac --skip-assignment
» Update your terraform.tfvars file
Replace the values in your terraform.tfvars file with your appId and password. Terraform will use these values to authenticate to Azure before provisioning your resources. Your terraform.tfvars file should look like the following.
» Initialize Terraform
After saving your custom variables file, initialize your Terraform workspace, which will download the provider and initialize it with the values provided in your terraform.tfvars file.
terraform init
terraform init Initializing the backend...
Initializing provider plugins...
Reusing previous version of hashicorp/random from the dependency lock file
Reusing previous version of hashicorp/azurerm from the dependency lock file
Installing hashicorp/random v3.0.0...
Installed hashicorp/random v3.0.0 (signed by HashiCorp)
Installing hashicorp/azurerm v3.0.2...
Installed hashicorp/azurerm v3.0.2 (signed by HashiCorp)Terraform has been successfully initialized!
You may now begin working with Terraform. Try running “terraform plan” to see any changes that are required for your infrastructure. All Terraform commands should now work.
If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.
Provision the AKS cluster
In the initialized directory, run terraform apply and review the planned actions. Your terminal output should indicate that the plan is running and what resources will be created.
$ terraform apply
An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols:
create
Terraform will perform the following actions:
Plan: 1 to add, 0 to change, 0 to destroy.
You can see that this terraform apply will provision an Azure resource group and an AKS cluster. Confirm the application with a yes. This process should take approximately 5 minutes. Upon successful application, your terminal prints the outputs defined in aks-cluster.tf. Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Outputs:
kubernetes_cluster_name = light-eagle-aks resource_group_name = light-eagle-rg
It's Finish!!!
