From 2e46fa5e89311cfc2fdeaa253253a486af8ccc6b Mon Sep 17 00:00:00 2001 From: David van der Spek Date: Tue, 7 Mar 2023 16:19:02 +0100 Subject: [PATCH 1/2] use synced terraform-aks-module Signed-off-by: David van der Spek --- bootstrap/terraform/azure-bootstrap/deps.yaml | 2 +- bootstrap/terraform/azure-bootstrap/main.tf | 60 ++++++++++--------- .../terraform/azure-bootstrap/outputs.tf | 2 +- .../terraform/azure-bootstrap/variables.tf | 16 ++++- 4 files changed, 47 insertions(+), 33 deletions(-) diff --git a/bootstrap/terraform/azure-bootstrap/deps.yaml b/bootstrap/terraform/azure-bootstrap/deps.yaml index 1d80834bb..54c731443 100644 --- a/bootstrap/terraform/azure-bootstrap/deps.yaml +++ b/bootstrap/terraform/azure-bootstrap/deps.yaml @@ -18,4 +18,4 @@ spec: node_resource_group: node_resource_group provider_wirings: cluster: module.azure-bootstrap.cluster - provider_vsn: "0.1.2" + provider_vsn: "0.1.3" diff --git a/bootstrap/terraform/azure-bootstrap/main.tf b/bootstrap/terraform/azure-bootstrap/main.tf index ae2c1b754..ae91f1c51 100644 --- a/bootstrap/terraform/azure-bootstrap/main.tf +++ b/bootstrap/terraform/azure-bootstrap/main.tf @@ -13,33 +13,34 @@ module "network" { } module "aks" { - source = "github.com/pluralsh/terraform-azurerm-aks?ref=ea5c22775e0352ef6fe7a9abe2d94306029b6a6e" # branch auto-scaler-profile - resource_group_name = data.azurerm_resource_group.group.name - kubernetes_version = var.kubernetes_version - orchestrator_version = var.kubernetes_version - prefix = var.name - cluster_name = var.name - network_plugin = var.network_plugin - vnet_subnet_id = module.network.vnet_subnets[0] - os_disk_size_gb = var.node_groups[0].os_disk_size_gb - os_disk_type = var.node_groups[0].os_disk_type - enable_role_based_access_control = true - rbac_aad_enabled = false - rbac_aad_managed = false - sku_tier = "Paid" - private_cluster_enabled = var.private_cluster - enable_http_application_routing = false - azure_policy_enabled = false - admin_username = var.admin_username - enable_auto_scaling = var.node_groups[0].enable_auto_scaling - agents_min_count = var.node_groups[0].min_count - agents_max_count = var.node_groups[0].max_count - agents_count = var.node_groups[0].node_count # Please set `agents_count` `null` while `enable_auto_scaling` is `true` to avoid possible `agents_count` changes. - agents_max_pods = var.node_groups[0].max_pods - agents_pool_name = var.node_groups[0].name - agents_availability_zones = var.node_groups[0].availability_zones - agents_type = "VirtualMachineScaleSets" - agents_size = var.node_groups[0].vm_size + source = "github.com/pluralsh/terraform-azurerm-aks?ref=c23027ddf0f20cbbffa2ec08c4b94864a9c88b07" # branch updated-march-7-2023 + resource_group_name = data.azurerm_resource_group.group.name + kubernetes_version = var.kubernetes_version + orchestrator_version = var.kubernetes_version + prefix = var.name + cluster_name = var.name + network_plugin = var.network_plugin + vnet_subnet_id = module.network.vnet_subnets[0] + os_disk_size_gb = var.node_groups[0].os_disk_size_gb + os_disk_type = var.node_groups[0].os_disk_type + role_based_access_control_enabled = true + rbac_aad = false + rbac_aad_managed = false + sku_tier = "Paid" + private_cluster_enabled = var.private_cluster + http_application_routing_enabled = false + azure_policy_enabled = false + admin_username = var.admin_username + enable_auto_scaling = var.node_groups[0].enable_auto_scaling + agents_min_count = var.node_groups[0].min_count + agents_max_count = var.node_groups[0].max_count + agents_count = var.node_groups[0].node_count # Please set `agents_count` `null` while `enable_auto_scaling` is `true` to avoid possible `agents_count` changes. + agents_max_pods = var.node_groups[0].max_pods + agents_pool_name = var.node_groups[0].name + agents_availability_zones = var.node_groups[0].availability_zones + agents_type = "VirtualMachineScaleSets" + agents_size = var.node_groups[0].vm_size + auto_scaler_profile_enabled = var.auto_scaler_profile_enabled agents_labels = var.node_groups[0].node_labels @@ -53,8 +54,9 @@ module "aks" { auto_scaler_profile_balance_similar_node_groups = var.auto_scaler_profile_balance_similar_node_groups auto_scaler_profile_skip_nodes_with_local_storage = var.auto_scaler_profile_skip_nodes_with_local_storage auto_scaler_profile_scale_down_utilization_threshold = var.auto_scaler_profile_scale_down_utilization_threshold + auto_scaler_profile_new_pod_scale_up_delay = var.auto_scaler_profile_new_pod_scale_up_delay - enable_log_analytics_workspace = var.enable_aks_insights + log_analytics_workspace_enabled = var.enable_aks_insights depends_on = [module.network] } @@ -109,7 +111,7 @@ resource "azurerm_role_assignment" "aks-network-identity-kubelet" { resource "azurerm_role_assignment" "aks-network-identity-ssi" { scope = module.network.vnet_id role_definition_name = "Network Contributor" - principal_id = module.aks.system_assigned_identity[0].principal_id + principal_id = module.aks.cluster_identity.principal_id depends_on = [module.aks, module.network] } diff --git a/bootstrap/terraform/azure-bootstrap/outputs.tf b/bootstrap/terraform/azure-bootstrap/outputs.tf index 179320410..e9cab8aa4 100644 --- a/bootstrap/terraform/azure-bootstrap/outputs.tf +++ b/bootstrap/terraform/azure-bootstrap/outputs.tf @@ -12,7 +12,7 @@ output "node_resource_group" { } output "cluster_name" { - value = module.aks.cluster_name + value = module.aks.aks_name } output "resource_group_name" { diff --git a/bootstrap/terraform/azure-bootstrap/variables.tf b/bootstrap/terraform/azure-bootstrap/variables.tf index 33cfeb308..c8f0a742e 100644 --- a/bootstrap/terraform/azure-bootstrap/variables.tf +++ b/bootstrap/terraform/azure-bootstrap/variables.tf @@ -599,6 +599,18 @@ variable "node_groups" { ] } +variable "auto_scaler_profile_enabled" { + description = "Enable or Disable configuring the autoscaler profile." + type = bool + default = true +} + +variable "auto_scaler_profile_new_pod_scale_up_delay" { + description = "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to `10s`." + type = string + default = "0s" +} + variable "auto_scaler_profile_balance_similar_node_groups" { description = "Enable or Disable the balance similar node groups." type = bool @@ -613,8 +625,8 @@ variable "auto_scaler_profile_skip_nodes_with_local_storage" { variable "auto_scaler_profile_scale_down_utilization_threshold" { description = "The threshold in % under which a node is considered for scale down." - type = number - default = 0.7 + type = string + default = "0.7" } variable "enable_aks_insights" { From 6157cfa00eb003d3d2d19fd6134a5e236eb29d8b Mon Sep 17 00:00:00 2001 From: David van der Spek Date: Tue, 7 Mar 2023 16:27:08 +0100 Subject: [PATCH 2/2] bump k8s to 1.23.15 Signed-off-by: David van der Spek --- bootstrap/terraform/azure-bootstrap/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bootstrap/terraform/azure-bootstrap/variables.tf b/bootstrap/terraform/azure-bootstrap/variables.tf index c8f0a742e..9e04c2603 100644 --- a/bootstrap/terraform/azure-bootstrap/variables.tf +++ b/bootstrap/terraform/azure-bootstrap/variables.tf @@ -27,7 +27,7 @@ variable "resource_group" { variable "kubernetes_version" { type = string - default = "1.23.12" + default = "1.23.15" } variable "address_space" {