aks cluster demo for terraform.
when executing this terraform script be sure to configure these values in the env.tf
- cluster_name
- customer_name
- short_name
- environment (tst/int/prd)
- run
az loginand follow the on screen instructions - check you are using the right subscription with
az account list - if the subscription is wrong switch by running
az account set ${subscription_name}
- run
terraform init -upgradeto download all necessary plugins (-upgrade checks if any new versions are available) - run
terraform plan -out main.tfplanto see what changes will be applied - run
terraform apply main.tfplanto apply changes
!! as of now missing permissions to create role_assignment to allow aks cluster to pull images from registry !!
To push a localy built image run the following commands
- docker login loginserver
- docker build . -t image:tag
- docker image tag image:tag login-server/registry/image:tag
- docker push login-server/registry/image:tag
ArgoCD?
How to solve imutability issue with terraform?
| Subject | Description | yes/no |
|---|---|---|
| AKS | can connection be established through kubeconfig | yes |
| AKS | can internal dns resolution be run | yes |
| AKS | can images be pulled from Acr | no lacking permission to create azurerm_role_assignment might need image pull secret in k8s |
| ACR | can docker login to Acr | yes |
| ACR | can images be pushed to Acr | yes |
| ACR | does communication run through internal network | needs to be tested |
| FW | do set rules work | needs to be tested |