Skip to content

Latest commit

 

History

History

rs_azure_aks

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
test
test
 
 
CHANGELOG.md
CHANGELOG.md
 
 
README.md
README.md
 
 
azure_aks.plugin
azure_aks.plugin
 
 
azure_aks_test_cat.rb
azure_aks_test_cat.rb
 
 

README.md

Azure Kubernetes Service Plugin

Overview

The Azure Kubernetes Service Plugin integrates RightScale Self-Service with the basic functionality of the Azure Kubernetes Service WARNING: Do not use the enclosed ssh key for production

Requirements

  • A general understanding CAT development and definitions
    • Refer to the guide documentation for details SS Guides
  • The admin, ss_designer & ss_end_user roles, in a RightScale account with SelfService enabled. admin is needed to retrieved the RightScale Credential values identified below.
  • Azure Service Principal (AKA Azure Active Directory Application) with the appropriate permissions to manage resources in the target subscription
  • The following RightScale Credentials
    • AZURE_APPLICATION_ID
    • AZURE_APPLICATION_KEY
  • The following packages are also required (See the Installation section for details):

Installation

  1. Be sure your RightScale account has Self-Service enabled
  2. Connect AzureRM Cloud credentials to your RightScale account (if not already completed)
  3. Follow steps to Create an Azure Active Directory Application
  4. Grant the Azure AD Application access to the necessary subscription(s)
  5. Retrieve the Application ID & Authentication Key
  6. Create RightScale Credentials with values that match the Application ID (Credential name: AZURE_APPLICATION_ID) & Authentication Key (Credential name: AZURE_APPLICATION_KEY)
  7. Retrieve your Tenant ID
  8. Update azure_aks_plugin.rb Plugin with your Tenant ID.
    • Replace "TENANT_ID" in token_url "https://login.microsoftonline.com/TENANT_ID/oauth2/token" with your Tenant ID
  9. Navigate to the appropriate Self-Service portal
  10. In the Design section, use the Upload CAT interface to complete the following:
    1. Upload each of packages listed in the Requirements Section
    2. Upload the azure_aks.plugin file located in this repository

How to Use

The Azure Kubernetes Service Plugin has been packaged as plugins/rs_azure_aks. In order to use this plugin you must import this plugin into a CAT.

import "plugins/rs_azure_aks"

For more information on using packages, please refer to the RightScale online documentation. Importing a Package

Azure Kubernetes Service resources can now be created by specifying a resource declaration with the desired fields. See the Supported Actions section for a full list of supported actions. The resulting resource can be manipulated just like the native RightScale resources in RCL and CAT. See the Examples Section for more examples and complete CAT's.

Supported Resources

  • aks

Usage

parameter "subscription_id" do
  like $rs_azure_aks.subscription_id
end

permission "read_credentials" do
  actions   "rs_cm.show_sensitive","rs_cm.index_sensitive"
  resources "rs_cm.credentials"
end

resource "my_resource_group", type: "rs_cm.resource_group" do
  cloud_href "/api/clouds/3526"
  name @@deployment.name
  description join(["aks resource group for ", @@deployment.name])
end

# https://github.com/Azure/azure-quickstart-templates/tree/master/101-aks
# https://github.com/Azure/azure-quickstart-templates/blob/master/101-aks/azuredeploy.parameters.json
resource "my_k8s", type: "rs_azure_aks.aks" do
  name join(["myc", last(split(@@deployment.href, "/"))])
  resource_group @my_resource_group.name
  location "Central US"
  properties do {
  "dnsPrefix" => join(["dns-prefix-", last(split(@@deployment.href, "/"))]),
   "orchestratorProfile" => {
      "orchestratorType" =>  "Kubernetes"
    },
    "servicePrincipalProfile" => {
      "clientId" => cred("AZURE_APPLICATION_ID"),
      "secret" => cred("AZURE_APPLICATION_KEY")
    },

    "agentPoolProfiles" =>  [
      {
        "name" =>  "agent_pools",
        "count" =>  2,
        "vmSize" =>  "Standard_DS2",
        "dnsPrefix" => join(["dns-prefix-", last(split(@@deployment.href, "/"))]),
        "storageProfile" => 'ManagedDisks',
        "osType" => 'Linux'
      }
    ],
    "diagnosticsProfile" => {
      "vmDiagnostics" => {
          "enabled" =>  "false"
      }
    },
    "linuxProfile" => {
      "adminUsername" =>  "azure_user",
      "ssh" => {
        "publicKeys" =>  [
          {
            "keyData" =>  "change me"
          }
        ]
      }
    }
  } end
end

operation "launch" do
 description "Launch the application"
 definition "launch_handler"
end

define launch_handler(@my_resource_group,@my_k8s) return @my_resource_group,@my_k8s do
  call start_debugging()
  provision(@my_resource_group)
  provision(@my_k8s)
  call stop_debugging()
end

Resources

aks

Supported Fields

Field Name Required? Description
name Yes The name of the kubernetes service in the specified subscription and resource group.
resource_group Yes The name of the resource group.
location Yes Datacenter to launch in
properties Yes Properties of the aks service.(https://docs.microsoft.com/en-us/rest/api/aks/managedclusters/createorupdate)

Supported Actions

Action API Implementation Support Level
create update
destroy Delete Supported
get Get Supported

Supported Outputs

  • id
  • name
  • type
  • location
  • sku
  • properties
  • state
  • provisioningState

Implementation Notes

  • The Azure Kubernetes Service Plugin makes no attempt to support non-Azure resources. (i.e. Allow the passing the RightScale or other resources as arguments to an AKS resource.)

Full list of possible actions can be found on the Azure Kubernetes Service API Documentation

Examples

Please review aks_test_cat.rb for a basic example implementation.

Known Issues / Limitations

License

The Azure Kubernetes Service Plugin source code is subject to the MIT license, see the LICENSE file.