diff --git a/LICENSE b/LICENSE
index 9e841e7a..7689b55d 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,4 +1,4 @@
- MIT License
+ MIT License
Copyright (c) Microsoft Corporation.
diff --git a/README.md b/README.md
index 48dff614..a06bf4f4 100644
--- a/README.md
+++ b/README.md
@@ -42,6 +42,7 @@ The following providers are used by this module:
The following resources are used by this module:
- [azurerm_kubernetes_cluster.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster) (resource)
+- [azurerm_kubernetes_cluster_node_pool.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster_node_pool) (resource)
- [azurerm_management_lock.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/management_lock) (resource)
- [azurerm_private_endpoint.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) (resource)
- [azurerm_private_endpoint_application_security_group_association.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint_application_security_group_association) (resource)
@@ -168,6 +169,61 @@ object({
Default: `{}`
+### [node\_pools](#input\_node\_pools)
+
+Description: The node pools to create on the Kubernetes Cluster.
+
+Type:
+
+```hcl
+map(object({
+ vm_size = string
+ enable_auto_scaling = bool
+ max_count = number
+ min_count = number
+ node_count = number
+ os_sku = string
+ mode = optional(string, "User")
+ os_disk_size_gb = optional(number, null)
+ tags = optional(map(string), {})
+ zones = optional(string)
+ }))
+```
+
+Default:
+
+```json
+{
+ "1": {
+ "enable_auto_scaling": true,
+ "max_count": 110,
+ "min_count": 2,
+ "mode": "User",
+ "node_count": 2,
+ "os_sku": "Ubuntu",
+ "vm_size": "Standard_D4d_v5"
+ },
+ "2": {
+ "enable_auto_scaling": true,
+ "max_count": 110,
+ "min_count": 2,
+ "mode": "User",
+ "node_count": 2,
+ "os_sku": "Ubuntu",
+ "vm_size": "Standard_D4d_v5"
+ },
+ "3": {
+ "enable_auto_scaling": true,
+ "max_count": 110,
+ "min_count": 2,
+ "mode": "User",
+ "node_count": 2,
+ "os_sku": "Ubuntu",
+ "vm_size": "Standard_D4d_v5"
+ }
+}
+```
+
### [private\_endpoints](#input\_private\_endpoints)
Description: A map of private endpoints to create on this resource. The map key is deliberately arbitrary to avoid issues where map keys maybe unknown at plan time.
@@ -275,7 +331,13 @@ Description: This is the full output for the resource.
## Modules
-No modules.
+The following Modules are called:
+
+### [regions](#module\_regions)
+
+Source: Azure/regions/azurerm
+
+Version: >= 0.3.0
## Data Collection
diff --git a/locals.tf b/locals.tf
index bde9e3b7..c4b6abad 100644
--- a/locals.tf
+++ b/locals.tf
@@ -1,4 +1,3 @@
-# TODO: insert locals here.
locals {
resource_group_location = try(data.azurerm_resource_group.parent[0].location, null)
role_definition_resource_substring = "/providers/Microsoft.Authorization/roleDefinitions"
@@ -16,16 +15,4 @@ locals {
}
]
]) : "${assoc.pe_key}-${assoc.asg_key}" => assoc }
-}
-
-
-locals {
- agents_availability_zones = local.isregions_supporting_availability_zones ? [1, 2, 3] : []
- isregions_supporting_availability_zones = contains(local.regions_supporting_availability_zones_azure_cli_names, var.location != null ? var.location : local.resource_group_location)
- regions_supporting_availability_zones_azure_cli_names = [
- "brazilsouth", "francecentral", "qatarcentral", "southafricanorth", "australiaeast",
- "canadacentral", "italynorth", "uaenorth", "centralindia", "centralus", "germanywestcentral",
- "israelcentral", "japaneast", "eastus", "norwayeast", "koreacentral", "eastus2", "northeurope", "southeastasia",
- "southcentralus", "uksouth", "eastasia", "usgovvirginia", "westeurope", "chinanorth3", "westus2", "swedencentral",
- "switzerlandnorth", "polandcentral"]
-}
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/main.tf b/main.tf
index 70b17187..6ec1db85 100644
--- a/main.tf
+++ b/main.tf
@@ -5,20 +5,23 @@ data "azurerm_resource_group" "parent" {
name = var.resource_group_name
}
+module "regions" {
+ source = "Azure/regions/azurerm"
+ version = ">= 0.3.0"
+}
resource "azurerm_kubernetes_cluster" "this" {
- location = coalesce(var.location, local.resource_group_location)
- name = var.name
- resource_group_name = var.resource_group_name
- automatic_channel_upgrade = "patch"
- azure_policy_enabled = true
- dns_prefix = var.name
- kubernetes_version = null
- local_account_disabled = false
- node_os_channel_upgrade = "NodeImage"
- oidc_issuer_enabled = true
- private_cluster_enabled = true
- # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster - vnet intergration in preview
+ location = coalesce(var.location, local.resource_group_location)
+ name = var.name
+ resource_group_name = var.resource_group_name
+ automatic_channel_upgrade = "patch"
+ azure_policy_enabled = true
+ dns_prefix = var.name
+ kubernetes_version = null
+ local_account_disabled = false
+ node_os_channel_upgrade = "NodeImage"
+ oidc_issuer_enabled = true
+ private_cluster_enabled = true
role_based_access_control_enabled = true
sku_tier = "Standard"
tags = var.tags
@@ -28,14 +31,15 @@ resource "azurerm_kubernetes_cluster" "this" {
name = "agentpool"
vm_size = "Standard_D4d_v5"
enable_auto_scaling = true
- max_count = 5
- max_pods = 110
- min_count = 2
- node_count = 5
- os_sku = "Ubuntu"
- # os_disk_size_gb - check the GB size of the disk? TODO: research the default size
- tags = merge(var.tags, var.agents_tags)
- zones = local.agents_availability_zones
+ # autoscaler profile setting on the old module use the configuration
+ enable_host_encryption = true
+ max_count = 5
+ max_pods = 110
+ min_count = 2
+ node_count = 5
+ os_sku = "Ubuntu"
+ tags = merge(var.tags, var.agents_tags)
+ zones = module.regions.regions_by_name[var.location == null ? local.resource_group_location : var.location].zones
}
dynamic "identity" {
for_each = var.identity_ids != null ? [var.identity_ids] : []
@@ -44,6 +48,10 @@ resource "azurerm_kubernetes_cluster" "this" {
identity_ids = var.identity_ids
}
}
+ # Say you have a region and documentation supportts availability zone how do i know how many zones exitist
+ key_vault_secrets_provider {
+ secret_rotation_enabled = true
+ }
}
# required AVM resources interfaces
@@ -55,6 +63,21 @@ resource "azurerm_management_lock" "this" {
scope = azurerm_kubernetes_cluster.this.id
}
+resource "azurerm_kubernetes_cluster_node_pool" "this" {
+ # set max nodepools created to 3
+ for_each = var.node_pools
+
+ kubernetes_cluster_id = azurerm_kubernetes_cluster.this.id
+ name = "userpool${each.key}"
+ vm_size = each.value.vm_size
+ enable_auto_scaling = true
+ max_count = each.value.max_count
+ min_count = each.value.min_count
+ node_count = each.value.node_count
+ os_sku = each.value.os_sku
+ tags = var.tags
+ zones = formatlist("%s", module.regions.regions_by_name[var.location == null ? local.resource_group_location : var.location].zones[(tonumber(each.key) - 1)])
+}
resource "azurerm_role_assignment" "this" {
for_each = var.role_assignments
diff --git a/terraform.tf b/terraform.tf
index 07fdb677..3ae5b7ab 100644
--- a/terraform.tf
+++ b/terraform.tf
@@ -1,7 +1,6 @@
terraform {
required_version = ">= 1.3.0"
required_providers {
- # TODO: Ensure all required providers are listed here.
azurerm = {
source = "hashicorp/azurerm"
version = ">= 3.71.0"
@@ -11,4 +10,4 @@ terraform {
version = ">= 3.5.0"
}
}
-}
+}
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 4a7dbe4c..542e5071 100644
--- a/variables.tf
+++ b/variables.tf
@@ -95,6 +95,56 @@ variable "managed_identities" {
description = "Managed identities to be created for the resource."
}
+variable "node_pools" {
+ type = map(object({
+ vm_size = string
+ enable_auto_scaling = bool
+ max_count = number
+ min_count = number
+ node_count = number
+ os_sku = string
+ mode = optional(string, "User")
+ os_disk_size_gb = optional(number, null)
+ tags = optional(map(string), {})
+ zones = optional(string)
+ }))
+ default = {
+ "1" = {
+ vm_size = "Standard_D4d_v5"
+ enable_auto_scaling = true
+ max_count = 110
+ min_count = 2
+ node_count = 2
+ os_sku = "Ubuntu"
+ mode = "User"
+ },
+ "2" = {
+ vm_size = "Standard_D4d_v5"
+ enable_auto_scaling = true
+ max_count = 110
+ min_count = 2
+ node_count = 2
+ os_sku = "Ubuntu"
+ mode = "User"
+ },
+ "3" = {
+ vm_size = "Standard_D4d_v5"
+ enable_auto_scaling = true
+ max_count = 110
+ min_count = 2
+ node_count = 2
+ os_sku = "Ubuntu"
+ mode = "User"
+ }
+ }
+ description = "The node pools to create on the Kubernetes Cluster."
+
+ validation {
+ condition = length(keys(var.node_pools)) >= 3
+ error_message = "The minimum number of user node pools recommended to users to create is 3"
+ }
+}
+
variable "private_endpoints" {
type = map(object({
name = optional(string, null)