From 475ddfa76a777845423fd9da8e89499796243708 Mon Sep 17 00:00:00 2001 From: Aaron Wislang Date: Fri, 6 Dec 2024 21:00:17 -0500 Subject: [PATCH 1/2] Add cloud-native/aks-arm/ Signed-off-by: Aaron Wislang --- cloud-native/aks-arm/NOTES.md | 7 ++++ cloud-native/aks-arm/README.md | 55 ++++++++++++++++++++++++++++++++ cloud-native/aks-arm/aks.bicep | 42 ++++++++++++++++++++++++ cloud-native/aks-arm/empty.bicep | 0 4 files changed, 104 insertions(+) create mode 100644 cloud-native/aks-arm/NOTES.md create mode 100644 cloud-native/aks-arm/README.md create mode 100644 cloud-native/aks-arm/aks.bicep create mode 100644 cloud-native/aks-arm/empty.bicep diff --git a/cloud-native/aks-arm/NOTES.md b/cloud-native/aks-arm/NOTES.md new file mode 100644 index 0000000..728c2b8 --- /dev/null +++ b/cloud-native/aks-arm/NOTES.md @@ -0,0 +1,7 @@ +# NOTES + +https://azure.github.io/Azure-Verified-Modules/indexes/bicep/bicep-resource-modules/ + +https://github.com/Azure/bicep-registry-modules/tree/main/avm/res/container-service/managed-cluster#example-3-using-only-defaults + +https://techcommunity.microsoft.com/blog/linuxandopensourceblog/azure-linux-3-0-now-in-preview-on-azure-kubernetes-service-v1-31/4287229 diff --git a/cloud-native/aks-arm/README.md b/cloud-native/aks-arm/README.md new file mode 100644 index 0000000..3500bfd --- /dev/null +++ b/cloud-native/aks-arm/README.md @@ -0,0 +1,55 @@ +# Azure Kubernetes Service (AKS) + +## Prerequisites + +- Azure CLI +- Bicep +- Azure Subscription + +## Deploy + +Azure Linux V3 Preview feature registration: + +```bash +az feature register \ + --namespace Microsoft.ContainerService \ + --name AzureLinuxV3Preview +``` + +```bash +az feature show \ + --namespace Microsoft.ContainerService \ + --name AzureLinuxV3Preview +``` + +```bash +az provider register \ + -n Microsoft.ContainerService +``` + +Create resource group: + +```bash +az group create \ + --name 241200-aks \ + --location eastus +``` + +Deploy Azure Kubernetes Service (AKS) cluster: + +```bash +az deployment group create \ + --resource-group 241200-aks \ + --template-file cloud-native/aks-arm/aks.bicep +``` + +## Cleanup + +Deploy the empty Bicep template: + +```bash +az deployment group create \ + --resource-group 241200-aks \ + --mode Complete \ + --template-file cloud-native/aks-arm/empty.bicep +``` diff --git a/cloud-native/aks-arm/aks.bicep b/cloud-native/aks-arm/aks.bicep new file mode 100644 index 0000000..33f3075 --- /dev/null +++ b/cloud-native/aks-arm/aks.bicep @@ -0,0 +1,42 @@ +param location string = resourceGroup().location + +var managedIdentityName = '${resourceGroup().name}-identity' + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = { + name: managedIdentityName + location: location +} + +module managedCluster 'br/public:avm/res/container-service/managed-cluster:0.5.0' = { + name: 'managedClusterDeployment' + params: { + // Required parameters + name: 'aks-1' + kubernetesVersion: '1.31.2' + primaryAgentPoolProfiles: [ + { + count: 1 + mode: 'System' + name: 'systempool' + osSku: 'AzureLinux' + vmSize: 'Standard_D2pds_v6' + orchestratorVersion: '1.31.2' + } + { + count: 1 + mode: 'User' + name: 'pool1' + osSku: 'AzureLinux' + vmSize: 'Standard_D2pds_v6' + orchestratorVersion: '1.31.2' + } + ] + // Non-required parameters + location: location + managedIdentities: { + userAssignedResourcesIds: [ + managedIdentity.id + ] + } + } +} diff --git a/cloud-native/aks-arm/empty.bicep b/cloud-native/aks-arm/empty.bicep new file mode 100644 index 0000000..e69de29 From 76eaff9add3adb2b9671f2f95b87731d00d88239 Mon Sep 17 00:00:00 2001 From: Aaron Wislang Date: Thu, 30 Jan 2025 17:21:30 -0500 Subject: [PATCH 2/2] Integrate AzureLinux support Signed-off-by: Aaron Wislang --- cloud-native/aks-arm/README.md | 6 +++--- cloud-native/aks-arm/aks.bicep | 13 +++++++++---- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/cloud-native/aks-arm/README.md b/cloud-native/aks-arm/README.md index 3500bfd..695abd3 100644 --- a/cloud-native/aks-arm/README.md +++ b/cloud-native/aks-arm/README.md @@ -31,7 +31,7 @@ Create resource group: ```bash az group create \ - --name 241200-aks \ + --name 250100-aks \ --location eastus ``` @@ -39,7 +39,7 @@ Deploy Azure Kubernetes Service (AKS) cluster: ```bash az deployment group create \ - --resource-group 241200-aks \ + --resource-group 250100-aks \ --template-file cloud-native/aks-arm/aks.bicep ``` @@ -49,7 +49,7 @@ Deploy the empty Bicep template: ```bash az deployment group create \ - --resource-group 241200-aks \ + --resource-group 250100-aks \ --mode Complete \ --template-file cloud-native/aks-arm/empty.bicep ``` diff --git a/cloud-native/aks-arm/aks.bicep b/cloud-native/aks-arm/aks.bicep index 33f3075..d39f865 100644 --- a/cloud-native/aks-arm/aks.bicep +++ b/cloud-native/aks-arm/aks.bicep @@ -7,7 +7,7 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018- location: location } -module managedCluster 'br/public:avm/res/container-service/managed-cluster:0.5.0' = { +module managedCluster 'br/public:avm/res/container-service/managed-cluster:0.6.2' = { name: 'managedClusterDeployment' params: { // Required parameters @@ -18,7 +18,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:0.5.0 count: 1 mode: 'System' name: 'systempool' - osSku: 'AzureLinux' + osSKU: 'AzureLinux' vmSize: 'Standard_D2pds_v6' orchestratorVersion: '1.31.2' } @@ -26,15 +26,20 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:0.5.0 count: 1 mode: 'User' name: 'pool1' - osSku: 'AzureLinux' + osSKU: 'AzureLinux' vmSize: 'Standard_D2pds_v6' orchestratorVersion: '1.31.2' } ] // Non-required parameters location: location + aadProfile: { + aadProfileEnableAzureRBAC: true + aadProfileManaged: true + } + disableLocalAccounts: true managedIdentities: { - userAssignedResourcesIds: [ + userAssignedResourceIds: [ managedIdentity.id ] }