Barakat Usman's blog

Automate AKS Cluster Provisioning with Terraform

Barakat Usman's photo
Barakat Usman
·

4 min read

Automate AKS Cluster Provisioning with Terraform

In this article, we will deploy the Kubernetes cluster using Azure managed service AKS. However, this will not be done manually as we did in the previous lesson on Aws EKS.

We will use Terraform IAC to automate the deployment in a few steps, which will save you a lot of time compared to manually provisioning clusters.

STEPS

Step 1— Providers

Providers in terraform is a way to tell terraform which third party platform it will be interacting with.

For this project, we are using 3 providers which are:

  • azurerm provider

  • azuread provider

  • random provider

Let’s import all of these into our project

  • azurerm provider, notice how it goes into the require_providers { let it be here }
terraform {

  required_providers {

   azurerm = {
      source = "hashicorp/azurerm"
      version = "3.113.0"
    }
  }
}
  • azuread provider, make sure it goes into the require_providers { let it be here }
azuread = {
      source = "hashicorp/azuread"
      version = "2.53.1"
    }
  • random provider, make sure it goes into the require_providers { let it be here }
random = {
      source = "hashicorp/random"
      version = "3.6.2"
    }

Step 2— setup a container for the backend

terraform needs to store the state of the infrastructure remotely, outside of the resource group we will be provisioning via Terraform, this is to ensure our state file is available and secure at all times

  • create a resource group in the portal or cli

  • create a storage account in the created resource group

  • create a container, open the container, and copy your state file if it exists locally ‘terraform.tfstate’ or leave it empty

  • copy all the information and fill it in the code below

terraform {
  backend "azurerm" {
    resource_group_name  = "StorageAccount-ResourceGroup" 
    storage_account_name = "abcd1234"                      
    container_name       = "tfstate"                       # container name
    key                  = "prod.terraform.tfstate"        # desired state file name
  }
}

Step 3— Create Resource group

  • create a resource_group.tf file, this resource group will hold all our resources for the project
resource "azurerm_resource_group" "aks" {
  name     = ""          # enter desired name for your resource grou and location
  location = "West Europe"
}
  • add a datasource block for aks versions and ensures preview is avoided for production grade deployment
data "azurerm_kubernetes_service_versions" "current" {
  location = "" # when options comes up repeatedly avoid hard coding, we will talk about variables later
  include_preview = false # this is set to true by default
}
  • add a random pet resource block 
resource "random_pet" "aks" {

}

Step 4— Create Log Analytics Workspace

If monitoring is a requirement of your project, of course you need log analytics workspace. so lets create one

resource "azurerm_log_analytics_workspace" "aks" {
  name                = "acctest-01"
  location            = azurerm_resource_group.aks.location
  resource_group_name = azurerm_resource_group.aks.name
  sku                 = "PerGB2018"
  retention_in_days   = 30
}

Step 4 — Create Azure AD group

Azure Ad group is used to enforce security on the cluster, add the following code below

data "azuread_client_config" "current" {}

resource "azuread_group" "aks" {
  display_name     = ""
  owners           = [data.azuread_client_config.current.object_id]
  security_enabled = true
}

Step 5— Create Azure Kubernetes cluster

In this step, we will create our cluster using most of the resources we hace create in the above steps

Step 6— Working with variable

hard coding every single details in the code make more error prone and less reusable, which brings us to variable.

variables are used to store data and prevent repeating data to write better and more efficient codes

there different types of variables in terraforms:

  • output variable : this is used to print out value during provisioning

  • input variable: this is used to store value to be used in manifest files

  • local variable: similar to the input variable but

create a variables.tf files and store some of the hardcoded values used previously for example 

variable "location" {
description = "this is the region in which resource is deployed"
default = "West Us"
}
  • create another file and name it output.tf, add any detail information you would love to see when its provisioned and that’s all
output "" {
description = "this the resource group id"
value = azurerm_resource_group.aks.id
}

Step 7 — Lets provision, Validate and clean up

# initialize the terraform code
terraform initialize

# check to comfirm the format is correct and validate code also
terraform fmt
terraform validate

# try  a dry run before performing the provisionin
terraform plan

# if any issues or error fix it and finally apply
terraform apply

# once you are able to confirm and validate its successful,
# cleanup your resources to avoid incuring costs
terraform destroy

REFERENCES

terraform providers used in this project are:

Thank you

aksCloud ComputingDevops