forked from pulumi/examples
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Created AKS example for Go (pulumi#577)
- Loading branch information
Tasia Halim
committed
Feb 25, 2020
1 parent
46988ae
commit c877bbb
Showing
4 changed files
with
254 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
# Gopkg.toml example | ||
# | ||
# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html | ||
# for detailed Gopkg.toml documentation. | ||
# | ||
# required = ["github.com/user/thing/cmd/thing"] | ||
# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"] | ||
# | ||
# [[constraint]] | ||
# name = "github.com/user/project" | ||
# version = "1.0.0" | ||
# | ||
# [[constraint]] | ||
# name = "github.com/user/project2" | ||
# branch = "dev" | ||
# source = "github.com/myfork/project2" | ||
# | ||
# [[override]] | ||
# name = "github.com/x/y" | ||
# version = "2.4.0" | ||
# | ||
# [prune] | ||
# non-go = false | ||
# go-tests = true | ||
# unused-packages = true | ||
|
||
|
||
[[constraint]] | ||
name = "github.com/pulumi/pulumi" | ||
version = "1.9.1" | ||
|
||
[[constraint]] | ||
name = "github.com/pulumi/pulumi-azure" | ||
version = "1.13.0" | ||
|
||
[prune] | ||
go-tests = true | ||
unused-packages = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
name: azure-go-aks | ||
description: Creates an Azure Kubernetes Service (AKS) cluster | ||
runtime: go |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
[![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new) | ||
|
||
# Azure Kubernetes Service (AKS) Cluster | ||
|
||
Stands up an [Azure Kubernetes Service](https://azure.microsoft.com/en-us/services/kubernetes-service/) (AKS) cluster. | ||
|
||
## Deploying the App | ||
|
||
To deploy your infrastructure, follow the below steps. | ||
|
||
### Prerequisites | ||
|
||
1. [Install Pulumi](https://www.pulumi.com/docs/get-started/install/) | ||
1. [Configure Azure](https://www.pulumi.com/docs/intro/cloud-providers/azure/setup/) | ||
|
||
### Steps | ||
|
||
1. Create a new stack: | ||
|
||
```bash | ||
$ pulumi stack init dev | ||
``` | ||
|
||
1. Login to Azure CLI (you will be prompted to do this during deployment if you forget this step): | ||
|
||
```bash | ||
$ az login | ||
``` | ||
|
||
1. Set the azure location in which to run the test: | ||
|
||
```bash | ||
$ pulumi config set azure:location westus | ||
``` | ||
|
||
1. Restore your Go dependencies. This example currently uses [Dep](https://github.com/golang/dep) to do so: | ||
|
||
```bash | ||
$ dep ensure | ||
``` | ||
|
||
1. Stand up the AKS cluster: | ||
|
||
> **Note**: Due to an [issue](https://github.com/terraform-providers/terraform-provider-azuread/issues/156) in Azure Terraform Provider, the | ||
> creation of an Azure Service Principal, which is needed to create the Kubernetes cluster, is delayed and may not | ||
> be available when the cluster is created. If you get a "Service Principal not found" error, as a work around, you should be able to run `pulumi up` | ||
> again, at which time the Service Principal replication should have been completed. See [this issue](https://github.com/Azure/AKS/issues/1206) and | ||
> [this doc](https://docs.microsoft.com/en-us/azure/aks/troubleshooting#im-receiving-errors-that-my-service-principal-was-not-found-when-i-try-to-create-a-new-cluster-without-passing-in-an-existing-one) | ||
> for further details. | ||
```bash | ||
$ pulumi up | ||
``` | ||
|
||
1. After 10-15 minutes, your cluster will be ready, and the kubeconfig YAML you'll use to connect to the cluster will be available as an output. You can save this kubeconfig to a file like so: | ||
|
||
```bash | ||
$ pulumi stack output kubeconfig > kubeconfig.yaml | ||
``` | ||
|
||
Once you have this file in hand, you can interact with your new cluster as usual via `kubectl`: | ||
|
||
```bash | ||
$ KUBECONFIG=./kubeconfig.yaml kubectl get nodes | ||
``` | ||
1. From there, feel free to experiment. Simply making edits and running `pulumi up` will incrementally update your stack. | ||
|
||
1. Once you've finished experimenting, tear down your stack's resources by destroying and removing it: | ||
|
||
```bash | ||
$ pulumi destroy --yes | ||
$ pulumi stack rm --yes | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,140 @@ | ||
package main | ||
|
||
import ( | ||
"github.com/pulumi/pulumi-azure/sdk/go/azure/containerservice" | ||
"github.com/pulumi/pulumi-azure/sdk/go/azure/core" | ||
"github.com/pulumi/pulumi-azure/sdk/go/azure/network" | ||
"github.com/pulumi/pulumi-azuread/sdk/go/azuread" | ||
"github.com/pulumi/pulumi-random/sdk/go/random" | ||
"github.com/pulumi/pulumi-tls/sdk/go/tls" | ||
|
||
"github.com/pulumi/pulumi/sdk/go/pulumi" | ||
) | ||
|
||
func main() { | ||
pulumi.Run(func(ctx *pulumi.Context) error { | ||
// Create a resource group. | ||
resourceGroup, err := core.NewResourceGroup(ctx, "aks-rg", nil) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Create an AD service principal. | ||
adApp, err := azuread.NewApplication(ctx, "aks", nil) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
adSpArgs := azuread.ServicePrincipalArgs{ | ||
ApplicationId: adApp.ApplicationId, | ||
} | ||
adSp, err := azuread.NewServicePrincipal(ctx, "aksSp", &adSpArgs) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Generate a random password. | ||
passwordArgs := random.RandomPasswordArgs{ | ||
Length: pulumi.Int(20), | ||
Special: pulumi.Bool(true), | ||
} | ||
password, err := random.NewRandomPassword(ctx, "password", &passwordArgs) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Create the Service Principal Password. | ||
adSpPasswordArgs := azuread.ServicePrincipalPasswordArgs{ | ||
ServicePrincipalId: adSp.ID(), | ||
Value: password.Result, | ||
EndDate: pulumi.String("2099-01-01T00:00:00Z"), | ||
} | ||
adSpPassword, err := azuread.NewServicePrincipalPassword(ctx, "aksSpPassword", &adSpPasswordArgs) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Create a Virtual Network. | ||
vnetArgs := network.VirtualNetworkArgs{ | ||
ResourceGroupName: resourceGroup.Name, | ||
AddressSpaces: pulumi.StringArray{pulumi.String("10.2.0.0/16")}, | ||
} | ||
vnet, err := network.NewVirtualNetwork(ctx, "vnet", &vnetArgs) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Create a subnet. | ||
subnetArgs := network.SubnetArgs{ | ||
ResourceGroupName: resourceGroup.Name, | ||
VirtualNetworkName: vnet.Name, | ||
AddressPrefix: pulumi.String("10.2.1.0/24"), | ||
} | ||
subnet, err := network.NewSubnet(ctx, "subnet", &subnetArgs) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Generate an SSH key. | ||
sshArgs := tls.PrivateKeyArgs{ | ||
Algorithm: pulumi.String("RSA"), | ||
RsaBits: pulumi.Int(4096), | ||
} | ||
sshKey, err := tls.NewPrivateKey(ctx, "ssh-key", &sshArgs) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Create our cluster specifications. | ||
defaultNodePoolArgs := containerservice.KubernetesClusterDefaultNodePoolArgs{ | ||
Name: pulumi.String("aksagentpool"), | ||
NodeCount: pulumi.Int(3), | ||
VmSize: pulumi.String("Standard_B2s"), | ||
OsDiskSizeGb: pulumi.Int(30), | ||
VnetSubnetId: subnet.ID(), | ||
} | ||
|
||
linuxProfileArgs := containerservice.KubernetesClusterLinuxProfileArgs{ | ||
AdminUsername: pulumi.String("aksuser"), | ||
SshKey: containerservice.KubernetesClusterLinuxProfileSshKeyArgs{ | ||
KeyData: sshKey.PublicKeyOpenssh, | ||
}, | ||
} | ||
|
||
spArgs := containerservice.KubernetesClusterServicePrincipalArgs{ | ||
ClientId: adApp.ApplicationId, | ||
ClientSecret: adSpPassword.Value, | ||
} | ||
|
||
roleArgs := containerservice.KubernetesClusterRoleBasedAccessControlArgs{ | ||
Enabled: pulumi.Bool(true), | ||
} | ||
|
||
networkArgs := containerservice.KubernetesClusterNetworkProfileArgs{ | ||
NetworkPlugin: pulumi.String("azure"), | ||
DnsServiceIp: pulumi.String("10.2.2.254"), | ||
ServiceCidr: pulumi.String("10.2.2.0/24"), | ||
DockerBridgeCidr: pulumi.String("172.17.0.1/16"), | ||
} | ||
|
||
// Allocate an AKS cluster. | ||
clusterArgs := containerservice.KubernetesClusterArgs{ | ||
ResourceGroupName: resourceGroup.Name, | ||
DefaultNodePool: defaultNodePoolArgs, | ||
DnsPrefix: pulumi.String("sampleaks"), | ||
LinuxProfile: linuxProfileArgs, | ||
ServicePrincipal: spArgs, | ||
KubernetesVersion: pulumi.String("1.15.5"), | ||
RoleBasedAccessControl: roleArgs, | ||
NetworkProfile: networkArgs, | ||
} | ||
cluster, err := containerservice.NewKubernetesCluster(ctx, "aksCluster", &clusterArgs) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Export the raw kube config. | ||
ctx.Export("kubeconfig", cluster.KubeConfigRaw) | ||
return nil | ||
}) | ||
} |