Edit the 'default_node_pool' and 'network_profile' config blocks (Azure#80)

bamaralf · yupwei68 · web-flow · commit 773a10c7a032 · 2020-12-18T15:46:49.000+08:00
* Edit main.tf and variables.tf

* Edit variables references

* Edit the test/fixture/main.tf

* Rename variable

* Add net_profile_pod_cidr and net_profile_service_cidr vars

* Add net_profile_pod_cidr and net_profile_service_cidr vars

* Rename variable

* Edit the 'default_node_pool' config

* Update main.tf

reverse changes to break users

* Update main.tf

integrate the enhancement fields into module "aks"

* Update variables.tf

set some defaults to null when there is no definition from AzureRm Provider side

* Update README.md

* Update README.md

* Edit the README.md

* Update main.tf

format

* Update README.md

Kubernete version &gt; 19.0 doesn't allow enable dashboard

* Update README.md

node name should be less than 12 characters

Co-authored-by: Yuping Wei &lt;56525716+yupwei68@users.noreply.github.com&gt;
diff --git a/README.md b/README.md
@@ -41,17 +41,34 @@ module "aks" {
   network_plugin                   = "azure"
   vnet_subnet_id                   = module.network.vnet_subnets[0]
   os_disk_size_gb                  = 50
-  enable_kube_dashboard            = true
-  enable_azure_policy              = true
   sku_tier                         = "Paid" # defaults to Free
   enable_role_based_access_control = true
   rbac_aad_admin_group_object_ids  = [data.azuread_group.aks_cluster_admins.id]
   rbac_aad_managed                 = true
   private_cluster_enabled          = true # default value
+  enable_http_application_routing  = true
+  enable_azure_policy              = true
   enable_auto_scaling              = true
   agents_min_count                 = 1
   agents_max_count                 = 2
   agents_count                     = null # Please set `agents_count` `null` while `enable_auto_scaling` is `true` to avoid possible `agents_count` changes.
+  agents_max_pods                  = 100
+  agents_pool_name                 = "exnodepool"
+  agents_availability_zones        = ["1", "2"]
+  agents_type                      = "VirtualMachineScaleSets"
+
+  agents_labels = {
+    "nodepool" : "defaultnodepool"
+  }
+
+  agents_tags = {
+    "Agent" : "defaultnodepoolagent"
+  }
+
+  network_policy                 = "azure"
+  net_profile_dns_service_ip     = "10.0.0.10"
+  net_profile_docker_bridge_cidr = "170.10.0.1/16"
+  net_profile_service_cidr       = "10.0.0.0/16"
 
   depends_on = [module.network]
 }
diff --git a/main.tf b/main.tf
@@ -9,6 +9,7 @@ module "ssh-key" {
 
 resource "azurerm_kubernetes_cluster" "main" {
   name                    = "${var.prefix}-aks"
+  kubernetes_version      = var.kubernetes_version
   location                = data.azurerm_resource_group.main.location
   resource_group_name     = data.azurerm_resource_group.main.name
   dns_prefix              = var.prefix
@@ -25,15 +26,21 @@ resource "azurerm_kubernetes_cluster" "main" {
   }
 
   default_node_pool {
-    orchestrator_version = var.orchestrator_version
-    name                 = "nodepool"
-    node_count           = var.agents_count
-    vm_size              = var.agents_size
-    os_disk_size_gb      = var.os_disk_size_gb
-    vnet_subnet_id       = var.vnet_subnet_id
-    enable_auto_scaling  = var.enable_auto_scaling
-    max_count            = var.enable_auto_scaling ? var.agents_max_count : null
-    min_count            = var.enable_auto_scaling ? var.agents_min_count : null
+    orchestrator_version  = var.orchestrator_version
+    name                  = var.agents_pool_name
+    node_count            = var.agents_count
+    vm_size               = var.agents_size
+    os_disk_size_gb       = var.os_disk_size_gb
+    vnet_subnet_id        = var.vnet_subnet_id
+    enable_auto_scaling   = var.enable_auto_scaling
+    max_count             = var.enable_auto_scaling ? var.agents_max_count : null
+    min_count             = var.enable_auto_scaling ? var.agents_min_count : null
+    enable_node_public_ip = var.enable_node_public_ip
+    availability_zones    = var.agents_availability_zones
+    node_labels           = var.agents_labels
+    type                  = var.agents_type
+    tags                  = merge(var.tags, var.agents_tags)
+    max_pods              = var.agents_max_pods
   }
 
   dynamic "service_principal" {
@@ -102,7 +109,13 @@ resource "azurerm_kubernetes_cluster" "main" {
   }
 
   network_profile {
-    network_plugin = var.network_plugin
+    network_plugin     = var.network_plugin
+    network_policy     = var.network_policy
+    dns_service_ip     = var.net_profile_dns_service_ip
+    docker_bridge_cidr = var.net_profile_docker_bridge_cidr
+    outbound_type      = var.net_profile_outbound_type
+    pod_cidr           = var.net_profile_pod_cidr
+    service_cidr       = var.net_profile_service_cidr
   }
 
   tags = var.tags
diff --git a/test/fixture/main.tf b/test/fixture/main.tf
@@ -38,12 +38,28 @@ module "aks" {
   enable_http_application_routing = true
   enable_azure_policy             = true
   sku_tier                        = "Paid"
-  enable_kube_dashboard           = true
   private_cluster_enabled         = true
   enable_auto_scaling             = true
   agents_min_count                = 1
   agents_max_count                = 2
   agents_count                    = null
+  agents_max_pods                 = 100
+  agents_pool_name                = "testnodepool"
+  agents_availability_zones       = ["1", "2"]
+  agents_type                     = "VirtualMachineScaleSets"
+
+  agents_labels = {
+    "node1" : "label1"
+  }
+
+  agents_tags = {
+    "Agent" : "agentTag"
+  }
+
+  network_policy                 = "azure"
+  net_profile_dns_service_ip     = "10.0.0.10"
+  net_profile_docker_bridge_cidr = "170.10.0.1/16"
+  net_profile_service_cidr       = "10.0.0.0/16"
 
   depends_on = [azurerm_resource_group.main]
 }
@@ -53,5 +69,7 @@ module "aks_without_monitor" {
   prefix                         = "prefix2-${random_id.prefix.hex}"
   resource_group_name            = azurerm_resource_group.main.name
   enable_log_analytics_workspace = false
+  enable_kube_dashboard          = false
+  net_profile_pod_cidr           = "10.1.0.0/16"
   depends_on                     = [azurerm_resource_group.main]
 }
diff --git a/variables.tf b/variables.tf
@@ -152,6 +152,42 @@ variable "network_plugin" {
   default     = "kubenet"
 }
 
+variable "network_policy" {
+  description = " (Optional) Sets up network policy to be used with Azure CNI. Network policy allows us to control the traffic flow between pods. Currently supported values are calico and azure. Changing this forces a new resource to be created."
+  type        = string
+  default     = null
+}
+
+variable "net_profile_dns_service_ip" {
+  description = "(Optional) IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns). Changing this forces a new resource to be created."
+  type        = string
+  default     = null
+}
+
+variable "net_profile_docker_bridge_cidr" {
+  description = "(Optional) IP address (in CIDR notation) used as the Docker bridge IP address on nodes. Changing this forces a new resource to be created."
+  type        = string
+  default     = null
+}
+
+variable "net_profile_outbound_type" {
+  description = "(Optional) The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer and userDefinedRouting. Defaults to loadBalancer."
+  type        = string
+  default     = "loadBalancer"
+}
+
+variable "net_profile_pod_cidr" {
+  description = " (Optional) The CIDR to use for pod IP addresses. This field can only be set when network_plugin is set to kubenet. Changing this forces a new resource to be created."
+  type        = string
+  default     = null
+}
+
+variable "net_profile_service_cidr" {
+  description = "(Optional) The Network Range used by the Kubernetes service. Changing this forces a new resource to be created."
+  type        = string
+  default     = null
+}
+
 variable "kubernetes_version" {
   description = "Specify which Kubernetes release to use. The default used is the latest Kubernetes version available in the region"
   type        = string
@@ -181,3 +217,45 @@ variable "agents_min_count" {
   description = "Minimum number of nodes in a pool"
   default     = null
 }
+
+variable "agents_pool_name" {
+  description = "The default Azure AKS agentpool (nodepool) name."
+  type        = string
+  default     = "nodepool"
+}
+
+variable "enable_node_public_ip" {
+  description = "(Optional) Should nodes in this Node Pool have a Public IP Address? Defaults to false."
+  type        = bool
+  default     = false
+}
+
+variable "agents_availability_zones" {
+  description = "(Optional) A list of Availability Zones across which the Node Pool should be spread. Changing this forces a new resource to be created."
+  type        = list(string)
+  default     = null
+}
+
+variable "agents_labels" {
+  description = "(Optional) A map of Kubernetes labels which should be applied to nodes in the Default Node Pool. Changing this forces a new resource to be created."
+  type        = map(string)
+  default     = {}
+}
+
+variable "agents_type" {
+  description = "(Optional) The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets."
+  type        = string
+  default     = "VirtualMachineScaleSets"
+}
+
+variable "agents_tags" {
+  description = "(Optional) A mapping of tags to assign to the Node Pool."
+  type        = map(string)
+  default     = {}
+}
+
+variable "agents_max_pods" {
+  description = "(Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created."
+  type        = number
+  default     = null
+}
