diff --git a/terraform-configs/AKS/README.md b/terraform-configs/AKS/README.md new file mode 100644 index 00000000..a6266baa --- /dev/null +++ b/terraform-configs/AKS/README.md @@ -0,0 +1,27 @@ +## Usage for Azure Kubernetes Service (AKS) + +Install terraform, git and azure-cli in your local system and clone git repository using +``` +git clone https://github.com/devtron-labs/utilities.git +``` +Now switch to terraform configs and initialize terraform so that it downloads the required plugin +``` +cd utilities/terraform-configs/AKS +terraform init +``` +Edit `variables.tf` file and changes the names and location of resources to be created. + +If you want to have SSH access on your nodes for debugging purpose, add a public key for ssh access under `linux_profile` section or remove the linux_profile section if you don't want it. + +Login to your azure account in local system using +``` +az login +``` +The above command will work if you are able to open browser window on same device or use the command given below for remote bastion +``` +az login --use-device-code +``` +Once you are authenticated, run `terraform apply` to start creating the cluster. It'll create an AKS cluster with 2 nodepools. 1 on-demand and 1 spot. +Your kubeconfig to access the cluster will be stored in a file named `config` in your current directory. To change the file name, change it in `outputs.tf` file. + +Optionally, you can remove blob storage resource from main.tf and variables.tf if you don't want to use devtron with blob storage. diff --git a/terraform-configs/AKS/main.tf b/terraform-configs/AKS/main.tf new file mode 100644 index 00000000..18c2e375 --- /dev/null +++ b/terraform-configs/AKS/main.tf @@ -0,0 +1,121 @@ +# Azure Provider source and version being used +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "=3.48.0" + } + } +} + +# Configure the Azure provider +provider "azurerm" { + features {} +} + +# Create a resource group for the AKS cluster +resource "azurerm_resource_group" "aks_rg" { + name = var.rg_name + location = var.location +} + +# Create the AKS cluster +resource "azurerm_kubernetes_cluster" "aks_cluster" { + name = var.cluster_name + location = azurerm_resource_group.aks_rg.location + resource_group_name = azurerm_resource_group.aks_rg.name + sku_tier = "Paid" + kubernetes_version = "1.26" # Specify Kubernetes version + dns_prefix = "devtron-prod" + # Add ssh access configurations for nodes + linux_profile { + admin_username = "ubuntu" + ssh_key { + key_data = "ssh-rsa " + } + } + default_node_pool { + name = "defaultpool" + node_count = 1 + min_count = 1 + max_count = 1 + vm_size = "Standard_DS2_v2" + os_disk_size_gb = 30 + only_critical_addons_enabled = true + enable_auto_scaling = true + } + identity { + type = "SystemAssigned" + } + tags = { + Environment = "Production" + } +} + +resource "azurerm_kubernetes_cluster_node_pool" "devtron_pool" { + name = var.devtron_pool_name + kubernetes_cluster_id = azurerm_kubernetes_cluster.aks_cluster.id + node_count = 1 + min_count = 1 + max_count = 5 + vm_size = "Standard_D4as_v5" + enable_auto_scaling = true + # Add labels on nodes + node_labels = { + lifeCycle = "ondemand" + purpose = "prod" + } + # Specify configuration for kubelet + kubelet_config { + cpu_manager_policy = "static" + } + tags = { + Environment = "Production" + purpose = "prod" + } +} + +resource "azurerm_kubernetes_cluster_node_pool" "ci_pool" { + name = var.ci_pool_name + kubernetes_cluster_id = azurerm_kubernetes_cluster.aks_cluster.id + node_count = 1 + min_count = 1 + max_count = 10 + vm_size = "Standard_D8s_v5" + enable_auto_scaling = true + # enable_node_public_ip = true + priority = "Spot" + spot_max_price = 0.8 + eviction_policy = "Delete" + # Add labels on nodes + node_labels = { + purpose = "ci" + "kubernetes.azure.com/scalesetpriority" = "spot" + } + # Add node taints + node_taints = [ "kubernetes.azure.com/scalesetpriority=spot:NoSchedule" ] + # Specify configuration for kubelet + kubelet_config { + cpu_manager_policy = "static" + } + tags = { + Environment = "Production" + } +} + +resource "azurerm_storage_account" "devtron_blob_storage" { + name = var.storage_account_name + resource_group_name = var.rg_name + location = var.location + account_tier = "Standard" + account_replication_type = "LRS" + allow_nested_items_to_be_public = false + public_network_access_enabled = false + blob_properties { + versioning_enabled = true + } + network_rules { + default_action = "Deny" + bypass = [ "AzureServices" ] + } +} diff --git a/terraform-configs/AKS/outputs.tf b/terraform-configs/AKS/outputs.tf new file mode 100644 index 00000000..dc3aea6a --- /dev/null +++ b/terraform-configs/AKS/outputs.tf @@ -0,0 +1,17 @@ +output "cluster_name" { + value = azurerm_kubernetes_cluster.aks_cluster.name +} +output "cluster_id" { + value = azurerm_kubernetes_cluster.aks_cluster.id +} +# Get your kubeconfig file in file named config in current directory +resource "local_file" "kubeconfig" { + depends_on = [azurerm_kubernetes_cluster.aks_cluster] + filename = "./config" + content = azurerm_kubernetes_cluster.aks_cluster.kube_config_raw +} + +output "aks_host" { + value = azurerm_kubernetes_cluster.aks_cluster.kube_config.0.host + sensitive = true +} diff --git a/terraform-configs/AKS/variables.tf b/terraform-configs/AKS/variables.tf new file mode 100644 index 00000000..5f857cb2 --- /dev/null +++ b/terraform-configs/AKS/variables.tf @@ -0,0 +1,29 @@ +variable "rg_name" { + default = "devtron-rg" + description = "Name for resource group to be created for this AKS cluster and related resources" +} + +variable "location" { + default = "Central India" + description = "The Azure Region in which all resources for this AKS cluster and related resources should be provisioned" +} + +variable "cluster_name" { + default = "devtron-aks" + description = "Name of AKS cluster to be created" +} + +variable "devtron_pool_name" { + default = "devtronpool" + description = "Name of devtron nodepool for microservices workloads" +} + +variable "ci_pool_name" { + default = "cipool" + description = "Name of spot nodepool for ci workloads" +} + +variable "storage_account_name" { + default = "dtblbstr01" + description = "Name of storage account to be created to use with devtron" +}