Created AKS example for Go (pulumi#577)

GlennPrince · Feb 25, 2020 · c877bbb · c877bbb
1 parent 46988ae
commit c877bbb
Show file tree

Hide file tree

Showing 4 changed files with 254 additions and 0 deletions.
diff --git a/azure-go-aks/Gopkg.toml b/azure-go-aks/Gopkg.toml
@@ -0,0 +1,38 @@
+# Gopkg.toml example
+#
+# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html
+# for detailed Gopkg.toml documentation.
+#
+# required = ["github.com/user/thing/cmd/thing"]
+# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
+#
+# [[constraint]]
+# name = "github.com/user/project"
+# version = "1.0.0"
+#
+# [[constraint]]
+# name = "github.com/user/project2"
+# branch = "dev"
+# source = "github.com/myfork/project2"
+#
+# [[override]]
+# name = "github.com/x/y"
+# version = "2.4.0"
+#
+# [prune]
+# non-go = false
+# go-tests = true
+# unused-packages = true
+
+
+[[constraint]]
+ name = "github.com/pulumi/pulumi"
+ version = "1.9.1"
+
+[[constraint]]
+ name = "github.com/pulumi/pulumi-azure"
+ version = "1.13.0"
+
+[prune]
+ go-tests = true
+ unused-packages = true
diff --git a/azure-go-aks/Pulumi.yaml b/azure-go-aks/Pulumi.yaml
@@ -0,0 +1,3 @@
+name: azure-go-aks
+description: Creates an Azure Kubernetes Service (AKS) cluster
+runtime: go
diff --git a/azure-go-aks/README.md b/azure-go-aks/README.md
@@ -0,0 +1,73 @@
+[![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new)
+
+# Azure Kubernetes Service (AKS) Cluster
+
+Stands up an [Azure Kubernetes Service](https://azure.microsoft.com/en-us/services/kubernetes-service/) (AKS) cluster.
+
+## Deploying the App
+
+To deploy your infrastructure, follow the below steps.
+
+### Prerequisites
+
+1. [Install Pulumi](https://www.pulumi.com/docs/get-started/install/)
+1. [Configure Azure](https://www.pulumi.com/docs/intro/cloud-providers/azure/setup/)
+
+### Steps
+
+1. Create a new stack:
+
+ ```bash
+ $ pulumi stack init dev
+ ```
+
+1. Login to Azure CLI (you will be prompted to do this during deployment if you forget this step):
+
+ ```bash
+ $ az login
+ ```
+
+1. Set the azure location in which to run the test:
+
+ ```bash
+ $ pulumi config set azure:location westus
+ ```
+
+1. Restore your Go dependencies. This example currently uses [Dep](https://github.com/golang/dep) to do so:
+
+ ```bash
+ $ dep ensure
+ ```
+
+1. Stand up the AKS cluster:
+
+  > **Note**: Due to an [issue](https://github.com/terraform-providers/terraform-provider-azuread/issues/156) in Azure Terraform Provider, the
+ > creation of an Azure Service Principal, which is needed to create the Kubernetes cluster, is delayed and may not
+ > be available when the cluster is created. If you get a "Service Principal not found" error, as a work around, you should be able to run `pulumi up`
+ > again, at which time the Service Principal replication should have been completed. See [this issue](https://github.com/Azure/AKS/issues/1206) and
+ > [this doc](https://docs.microsoft.com/en-us/azure/aks/troubleshooting#im-receiving-errors-that-my-service-principal-was-not-found-when-i-try-to-create-a-new-cluster-without-passing-in-an-existing-one)
+ > for further details.
+
+ ```bash
+ $ pulumi up
+ ```
+
+1. After 10-15 minutes, your cluster will be ready, and the kubeconfig YAML you'll use to connect to the cluster will be available as an output. You can save this kubeconfig to a file like so:
+
+ ```bash
+ $ pulumi stack output kubeconfig > kubeconfig.yaml
+ ```
+
+ Once you have this file in hand, you can interact with your new cluster as usual via `kubectl`:
+
+ ```bash
+ $ KUBECONFIG=./kubeconfig.yaml kubectl get nodes
+ ```
+1. From there, feel free to experiment. Simply making edits and running `pulumi up` will incrementally update your stack.
+
+1. Once you've finished experimenting, tear down your stack's resources by destroying and removing it:
+
+ ```bash
+ $ pulumi destroy --yes
+ $ pulumi stack rm --yes
+ ```
diff --git a/azure-go-aks/main.go b/azure-go-aks/main.go
@@ -0,0 +1,140 @@
+package main
+
+import (
+ "github.com/pulumi/pulumi-azure/sdk/go/azure/containerservice"
+ "github.com/pulumi/pulumi-azure/sdk/go/azure/core"
+ "github.com/pulumi/pulumi-azure/sdk/go/azure/network"
+ "github.com/pulumi/pulumi-azuread/sdk/go/azuread"
+ "github.com/pulumi/pulumi-random/sdk/go/random"
+ "github.com/pulumi/pulumi-tls/sdk/go/tls"
+
+ "github.com/pulumi/pulumi/sdk/go/pulumi"
+)
+
+func main() {
+ pulumi.Run(func(ctx *pulumi.Context) error {
+ // Create a resource group.
+ resourceGroup, err := core.NewResourceGroup(ctx, "aks-rg", nil)
+ if err != nil {
+ return err
+ }
+
+ // Create an AD service principal.
+ adApp, err := azuread.NewApplication(ctx, "aks", nil)
+ if err != nil {
+ return err
+ }
+
+ adSpArgs := azuread.ServicePrincipalArgs{
+ ApplicationId: adApp.ApplicationId,
+ }
+ adSp, err := azuread.NewServicePrincipal(ctx, "aksSp", &adSpArgs)
+ if err != nil {
+ return err
+ }
+
+ // Generate a random password.
+ passwordArgs := random.RandomPasswordArgs{
+ Length: pulumi.Int(20),
+ Special: pulumi.Bool(true),
+ }
+ password, err := random.NewRandomPassword(ctx, "password", &passwordArgs)
+ if err != nil {
+ return err
+ }
+
+ // Create the Service Principal Password.
+ adSpPasswordArgs := azuread.ServicePrincipalPasswordArgs{
+ ServicePrincipalId: adSp.ID(),
+ Value: password.Result,
+ EndDate: pulumi.String("2099-01-01T00:00:00Z"),
+ }
+ adSpPassword, err := azuread.NewServicePrincipalPassword(ctx, "aksSpPassword", &adSpPasswordArgs)
+ if err != nil {
+ return err
+ }
+
+ // Create a Virtual Network.
+ vnetArgs := network.VirtualNetworkArgs{
+ ResourceGroupName: resourceGroup.Name,
+ AddressSpaces: pulumi.StringArray{pulumi.String("10.2.0.0/16")},
+ }
+ vnet, err := network.NewVirtualNetwork(ctx, "vnet", &vnetArgs)
+ if err != nil {
+ return err
+ }
+
+ // Create a subnet.
+ subnetArgs := network.SubnetArgs{
+ ResourceGroupName: resourceGroup.Name,
+ VirtualNetworkName: vnet.Name,
+ AddressPrefix: pulumi.String("10.2.1.0/24"),
+ }
+ subnet, err := network.NewSubnet(ctx, "subnet", &subnetArgs)
+ if err != nil {
+ return err
+ }
+
+ // Generate an SSH key.
+ sshArgs := tls.PrivateKeyArgs{
+ Algorithm: pulumi.String("RSA"),
+ RsaBits: pulumi.Int(4096),
+ }
+ sshKey, err := tls.NewPrivateKey(ctx, "ssh-key", &sshArgs)
+ if err != nil {
+ return err
+ }
+
+ // Create our cluster specifications.
+ defaultNodePoolArgs := containerservice.KubernetesClusterDefaultNodePoolArgs{
+ Name: pulumi.String("aksagentpool"),
+ NodeCount: pulumi.Int(3),
+ VmSize: pulumi.String("Standard_B2s"),
+ OsDiskSizeGb: pulumi.Int(30),
+ VnetSubnetId: subnet.ID(),
+ }
+
+ linuxProfileArgs := containerservice.KubernetesClusterLinuxProfileArgs{
+ AdminUsername: pulumi.String("aksuser"),
+ SshKey: containerservice.KubernetesClusterLinuxProfileSshKeyArgs{
+ KeyData: sshKey.PublicKeyOpenssh,
+ },
+ }
+
+ spArgs := containerservice.KubernetesClusterServicePrincipalArgs{
+ ClientId: adApp.ApplicationId,
+ ClientSecret: adSpPassword.Value,
+ }
+
+ roleArgs := containerservice.KubernetesClusterRoleBasedAccessControlArgs{
+ Enabled: pulumi.Bool(true),
+ }
+
+ networkArgs := containerservice.KubernetesClusterNetworkProfileArgs{
+ NetworkPlugin: pulumi.String("azure"),
+ DnsServiceIp: pulumi.String("10.2.2.254"),
+ ServiceCidr: pulumi.String("10.2.2.0/24"),
+ DockerBridgeCidr: pulumi.String("172.17.0.1/16"),
+ }
+
+ // Allocate an AKS cluster.
+ clusterArgs := containerservice.KubernetesClusterArgs{
+ ResourceGroupName: resourceGroup.Name,
+ DefaultNodePool: defaultNodePoolArgs,
+ DnsPrefix: pulumi.String("sampleaks"),
+ LinuxProfile: linuxProfileArgs,
+ ServicePrincipal: spArgs,
+ KubernetesVersion: pulumi.String("1.15.5"),
+ RoleBasedAccessControl: roleArgs,
+ NetworkProfile: networkArgs,
+ }
+ cluster, err := containerservice.NewKubernetesCluster(ctx, "aksCluster", &clusterArgs)
+ if err != nil {
+ return err
+ }
+
+ // Export the raw kube config.
+ ctx.Export("kubeconfig", cluster.KubeConfigRaw)
+ return nil
+ })
+}