Skip to content

Commit

Permalink
Refresh Terraform code to April 2024 provider and modules versions
Browse files Browse the repository at this point in the history
  • Loading branch information
zioproto committed Apr 12, 2024
1 parent 34940be commit c238306
Show file tree
Hide file tree
Showing 4 changed files with 47 additions and 55 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ resource "azurerm_private_endpoint" "example" {
name = "${random_string.random.result}-endpoint"
location = "westeurope"
resource_group_name = azurerm_resource_group.example.name
subnet_id = module.network.vnet_subnets[0]
subnet_id = module.network.vnet_subnets_name_id["subnet1"]

private_service_connection {
name = "${random_string.random.result}-privateserviceconnection"
Expand Down
Original file line number Diff line number Diff line change
@@ -1,14 +1,17 @@

module "network" {
source = "Azure/network/azurerm"
source = "Azure/subnets/azurerm"
version = "1.0.0"

resource_group_name = azurerm_resource_group.example.name
address_space = "10.52.0.0/16"
subnet_prefixes = ["10.52.0.0/24"]
subnet_names = ["subnet1"]
depends_on = [azurerm_resource_group.example]
subnet_enforce_private_link_endpoint_network_policies = {
"subnet1" : true
subnets = {
subnet1 = {
address_prefixes = ["10.52.0.0/24"]
private_endpoint_network_policies_enabled = true
}
}
virtual_network_address_space = ["10.52.0.0/16"]
virtual_network_location = azurerm_resource_group.example.location
virtual_network_name = "subnet1"
}

resource "azurerm_container_registry" "example" {
Expand All @@ -26,44 +29,35 @@ resource "azurerm_role_assignment" "example" {
depends_on = [module.aks]
}

# Grant AKS cluster access to use AKS subnet
resource "azurerm_role_assignment" "aks" {
principal_id = module.aks.system_assigned_identity[0].principal_id
role_definition_name = "Network Contributor"
scope = module.network.vnet_subnets[0]
depends_on = [module.aks]
}

module "aks" {
source = "Azure/aks/azurerm"
version = "4.16.0"
resource_group_name = azurerm_resource_group.example.name
client_id = var.client_id
client_secret = var.client_secret
kubernetes_version = "1.23.5"
orchestrator_version = "1.23.5"
prefix = "default"
cluster_name = var.cluster_name
network_plugin = "azure"
vnet_subnet_id = module.network.vnet_subnets[0]
os_disk_size_gb = 50
sku_tier = "Paid" # defaults to Free
enable_role_based_access_control = true
rbac_aad_admin_group_object_ids = var.rbac_aad_admin_group_object_ids
rbac_aad_managed = true
private_cluster_enabled = false
enable_http_application_routing = true
enable_azure_policy = true
enable_auto_scaling = true
enable_host_encryption = false
agents_min_count = 1
agents_max_count = 1
agents_count = null # Please set `agents_count` `null` while `enable_auto_scaling` is `true` to avoid possible `agents_count` changes.
agents_max_pods = 100
agents_pool_name = "exnodepool"
agents_availability_zones = ["1", "2"]
agents_type = "VirtualMachineScaleSets"
agents_size = "standard_dc2s_v2"
source = "Azure/aks/azurerm"
version = "8.0.0"
resource_group_name = azurerm_resource_group.example.name
client_id = var.client_id
client_secret = var.client_secret
kubernetes_version = "1.29.2"
orchestrator_version = "1.29.2"
prefix = "default"
cluster_name = var.cluster_name
network_plugin = "azure"
vnet_subnet_id = module.network.vnet_subnets_name_id["subnet1"]
os_disk_size_gb = 50
sku_tier = "Standard"
role_based_access_control_enabled = true
rbac_aad_admin_group_object_ids = var.rbac_aad_admin_group_object_ids
rbac_aad_managed = true
private_cluster_enabled = false
web_app_routing = { dns_zone_id = "" }
enable_auto_scaling = true
enable_host_encryption = false
agents_min_count = 1
agents_max_count = 1
agents_count = null # Please set `agents_count` `null` while `enable_auto_scaling` is `true` to avoid possible `agents_count` changes.
agents_max_pods = 100
agents_pool_name = "exnodepool"
agents_availability_zones = ["1", "2"]
agents_type = "VirtualMachineScaleSets"
agents_size = "standard_dc2s_v2"

agents_labels = {
"nodepool" : "defaultnodepool"
Expand All @@ -73,14 +67,12 @@ module "aks" {
"Agent" : "defaultnodepoolagent"
}

enable_ingress_application_gateway = true
ingress_application_gateway_name = "aks-agw"
ingress_application_gateway_subnet_cidr = "10.52.1.0/24"
network_policy = "azure"
net_profile_dns_service_ip = "10.0.0.10"
net_profile_service_cidr = "10.0.0.0/16"

network_policy = "azure"
net_profile_dns_service_ip = "10.0.0.10"
net_profile_docker_bridge_cidr = "172.16.0.1/16"
net_profile_service_cidr = "10.0.0.0/16"
# Grant AKS cluster access to use AKS subnet
network_contributor_role_assigned_subnet_ids = { "subnet1" = module.network.vnet_subnets_name_id["subnet1"] }

depends_on = [module.network]
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 2.46"
version = ">= 3.99"
}
}

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
agents_size = "standard_dc2s_v2"
agents_size = "Standard_D2d_v5"
rbac_aad_admin_group_object_ids = [""]
resource_group_name = ""
identity_type = "SystemAssigned"
Expand Down

0 comments on commit c238306

Please sign in to comment.