How to create Azure Kubernetes Service using Terraform
We have seen recently how to setup the?kubernetes?cluster on the?bare-metal, now lets see how to setup the kubernetes cluster on cloud providers like AWS and Azure. Part of that lets see how to create the Azure kubernetes services using Terraform. You can create even via UI, but it will be too easy, so we want to cover the automation way.
What is AKS?
Azure Kubernetes Service (AKS) simplifies deploying a managed Kubernetes cluster in Azure by offloading the operational overhead to Azure. As a hosted?Kubernetes?service, Azure handles critical tasks, like health monitoring and maintenance. Since Kubernetes masters are managed by Azure, you only manage and maintain the agent nodes. Thus, AKS is free; you only pay for the agent nodes within your clusters, not for the masters.
Pre-requisites
Install Terraform
Follow the?instructions here?to install Terraform. When you’re done, you should be able to run the terraform command:
# terraform
Create your Azure Service Principal
Before we start, we need to create the service principal, for that please run following command. Follow the instruction suggested by the command.
# az login
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code A9F39EFUE to authenticate.
[
{
"cloudName": "AzureCloud",
"homeTenantId": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"id": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"isDefault": true,
"managedByTenants": [],
"name": "azureftworkspace",
"state": "Enabled",
"tenantId": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"user": {
"name": "[email protected]",
"type": "user"
}
}
]
Some case we may need to manage more then one subscription, so I suggest to set the subscription you like the use or declare in terraform variables correctly. If you like to set via azure CLI, please use following command to set it.
# az account set --subscription="SUBSCRIPTION_ID"
We can now create the?Service Principal?which will have permissions to manage resources in the specified subscription using the following command:
领英推荐
# az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/SUBSCRIPTION_ID
"Creating a role assignment under the scope of "/subscriptions/xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
{
"appId": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"displayName": "azure-cli-2022-04-27-16-16-09",
"password": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"tenant": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
These values map to the Terraform variables like so:
# az login --service-principal -u CLIENT_ID -p CLIENT_SECRET --tenant TENANT_ID
[
{
"cloudName": "AzureCloud",
"id": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"isDefault": true,
"name": "Azureftworkspace",
"state": "Enabled",
"tenantId": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"user": {
"name": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"type": "servicePrincipal"
}
}
]
Configure Azure storage to store Terraform state
Terraform tracks state locally via the?terraform.tfstate?file. This pattern works well in a single-person environment. However, in a more practical multi-person environment, you need to track state on the server using?Azure storage. In this section, you learn to retrieve the necessary storage account information and create a storage container. The Terraform state information is then stored in that container.
Use one of the following options to create an Azure storage account and container:
Hope with this we have all required resources as following,
All set! Let’s deploy it.
Let’s Start Terraform
Before we start the terraform, lets create separate the data folder or use your git repository. Once you have all required the folders, create following files,
Continue reading this articles on How to create Azure Kubernetes Service using Terraform - FoxuTech