azure.aks
Azure Kubernetes Service
This role helps you create a Kubernetes Service in Azure.
Requirements
The role uses Ansible Azure modules, with a minimum supported version of 2.8.0.
Start using Ansible Azure modules with Microsoft Docs
Role Variables
| Variable | Required | Default Value | Description |
|---|---|---|---|
| name | Yes | Name of the Kubernetes Service resource. | |
| resource_group | Yes | Resource group for the resource. | |
| aad_client_app_id | No | ID of an Azure Active Directory client application for user login via kubectl. | |
| aad_server_app_id | No | ID of an Azure Active Directory server application for the managed cluster's API server. | |
| aad_server_app_secret | No | Secret for the Azure Active Directory server application. | |
| aad_tenant_id | No | ID of the Azure Active Directory tenant. | |
| admin_username | No | azureuser | User account for SSH access on node VMs. |
| service_principal | No | Loading from ansible-playbook, environment variable AZURE_CLIENT_ID, or ~/.azure/credentials |
Service principal for authenticating to Azure APIs. |
| client_secret | No | Loading from ansible-playbook, environment variable AZURE_SECRET, or ~/.azure/credentials |
Secret linked with the service principal. |
| dns_prefix | No | Same as name |
Prefix for hostnames created. |
| dns_service_ip | No | IP address for the Kubernetes DNS service (within the service address range specified by service_cidr). |
|
| docker_bridge_cidr | No | IP address and netmask for the Docker bridge (not in any Subnet IP or service address ranges). | |
| enable_rbac | No | True | Enable Role-Based Access Control in Kubernetes. |
| http_application_routing | No | False | Enable the http_application_routing addon for automatic public DNS name creation. |
| kubernetes_version | No | First value from azure_rm_aks_version module |
Version of Kubernetes for the cluster. |
| location | No | eastus | Region for the Kubernetes Service (uses resource group’s location if not specified). |
| max_pods | No | 110 | Maximum number of pods that can be deployed to a node. |
| monitoring | No | False | Enable the monitoring addon for Log Analytics monitoring. |
| network_plugin | No | Choices: - kubenet - azure |
Network plugin for Kubernetes. |
| network_policy | No | Network policy for Kubernetes (must be together with "azure" plugin). | |
| node_count | No | 3 | Number of nodes in the Kubernetes node pool. |
| node_osdisk_size_gb | No | 30 | Size of the OS disk for each node (in GB). |
| node_vm_size | No | Standard_DS1_v2 | Size of Virtual Machines for Kubernetes nodes. |
| nodepool_name | No | nodepool1 | Name of the node pool (up to 12 alphanumeric characters). |
| os_type | No | Linux | |
| pod_cidr | No | IP range in CIDR notation for pod IPs (not overlapping with any Subnet IP ranges). | |
| service_cidr | No | IP range in CIDR notation for service cluster IPs (not overlapping with any Subnet IP ranges). | |
| storage_profile | No | ManagedDisks | |
| ssh_key | No | Loading from ~/.ssh/id_rsa.pub |
Public key to install on node VMs for SSH access. |
| virtual_node | No | False | Enable the virtual_node addon for fast pod provisioning with Azure Container Instance. |
| virtual_node_subnet_id | No | Create new resource when virtual_node is True. |
|
| vnet_subnet_id | No | Create new resource when virtual_node is True or if network_plugin is defined. |
ID of a subnet in an existing VNet for the cluster. |
| workspace_resource_id | No | Use first Log Analytics Workspace in the resource_group or create new resource when monitoring is True. |
Resource ID for existing Log Analytics Workspace for monitoring data. |
Example Playbook
To install the role, run:
ansible-galaxy install azure.aks
To create a basic AKS, use this playbook:
- hosts: localhost
tasks:
- include_role:
name: azure.aks
vars:
name: akscluster
resource_group: aksroletest
To create an AKS with monitoring enabled:
- hosts: localhost
tasks:
- include_role:
name: azure.aks
vars:
monitoring: yes
name: akscluster
resource_group: aksroletest
License
MIT
Installa
ansible-galaxy install azure.aksLicenza
mit
Download
380
Proprietario
APIs, SDKs and open source projects from Microsoft Azure