aks
Azure Kubernetes Service
A role help to create Kuberntes Service in Azure.
Requirements
The role uses Ansible azure modules, and miniest supported version is 2.8.0.
Getting started with Ansible Azure modules with Microsoft Docs
Role Variables
| variable | Required | Default Value | description |
|---|---|---|---|
| name | yes | Name of the Kubernetes Service resource | |
| resource_group | yes | Resource group of the resource | |
| aad_client_app_id | The ID of an Azure Active Directory client application of type Native. This application is for user login via kubectl. |
||
| aad_server_app_id | The ID of an Azure Active Directory server application of type Web app/API. This application represents the managed cluster's apiserver (Server application). |
||
| aad_server_app_secret | The secret of an Azure Active Directory server application. | ||
| aad_tenant_id | The ID of an Azure Active Directory tenant. | ||
| admin_username | azureuser | User account to create on node VMs for SSH access. | |
| service_principal | Loading from ansible-playbook, environment variable AZURE_CLIENT_ID or ~/.azure/credentials |
Service principal used for authentication to Azure APIs. | |
| client_secret | Loading from ansible-playbook, environment variable AZURE_SECRET or ~/.azure/credentials |
Secret associated with the service principal. | |
| dns_prefix | The same as name |
Prefix for hostnames that are created. | |
| dns_service_ip | An IP address assigned to the Kubernetes DNS service. This address must be within the Kubernetes service address range specified by service_cidr. |
||
| docker_bridge_cidr | A specific IP address and netmask for the Docker bridge, using standard CIDR notation. This address must not be in any Subnet IP ranges, or the Kubernetes service address range. |
||
| enable_rbac | True | Enable Kubernetes Role-Based Access Control. | |
| http_application_routing | False | Enable http_application_routing addon. Configure ingress with automatic public DNS name creation. |
|
| kubernetes_version | First value from azure_rm_aks_version module |
Version of Kubernetes to use for creating the cluster. | |
| location | eastus | Region of the Kubernetes Service resource, will use resource_group's location if not specified. Location is required if resource group not exist |
|
| max_pods | 110 | The maximum number of pods deployable to a node. | |
| monitoring | False | Enable monitoring addon. Turn on Log Analytics monitoring. |
|
| network_plugin | Choices: - kubenet - azure |
The Kubernetes network plugin to use. | |
| network_policy | The Kubernetes network policy to use. Using together with "azure" network plugin. Specify azure for Azure network policy manager and calico for calico network policy controller. |
||
| node_count | 3 | Number of nodes in the Kubernetes node pool. | |
| node_osdisk_size_gb | 30 | Size in GB of the OS disk for each node in the node pool. | |
| node_vm_size | Standard_DS1_v2 | Size of Virtual Machines to create as Kubernetes nodes. | |
| nodepool_name | nodepool1 | Node pool name, upto 12 alphanumeric characters. | |
| os_type | Linux | ||
| pod_cidr | A CIDR notation IP range from which to assign pod IPs when kubenet is used. This range must not overlap with any Subnet IP ranges. |
||
| service_cidr | A CIDR notation IP range from which to assign service cluster IPs. This range must not overlap with any Subnet IP ranges. |
||
| storage_profile | ManagedDisks | ||
| ssh_key | Loading from ~/.ssh/id_rsa.pub |
Public key path or key contents to install on node VMs for SSH access. | |
| virtual_node | False | Enable virtual_node addon. Fast provisioning of pods with Azure Container Instance. |
|
| virtual_node_subnet_id | Create a new resource when virtual_node is True. |
||
| vnet_subnet_id | Create a new resource when virtual_node is True or network_plugin defined. |
The ID of a subnet in an existing VNet into which to deploy the cluster. | |
| workspace_resource_id | Use the first Log Analytics Workspace in the resource_group or create a new resource when monitoring is True. |
The resource ID of an existing Log Analytics Workspace to use for storing monitoring data. |
Example Playbook
Install the role via:
ansible-galaxy install azure.aks
Use the role in the playbook to create the most default AKS:
- hosts: localhost
tasks:
- include_role:
name: azure.aks
vars:
name: akscluster
resource_group: aksroletest
Create an AKS with monitoring:
- hosts: localhost
tasks:
- include_role:
name: azure.aks
vars:
monitoring: yes
name: akscluster
resource_group: aksroletest
License
MIT
Install
ansible-galaxy install Azure/ansible-aksLicense
mit
Downloads
368
Owner
APIs, SDKs and open source projects from Microsoft Azure