-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDeploy-Aks-With-Flux.ps1
More file actions
100 lines (90 loc) · 3.95 KB
/
Deploy-Aks-With-Flux.ps1
File metadata and controls
100 lines (90 loc) · 3.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
$resourceGroup = "rg-aks"
$location = "uksouth"
$clusterName = "aks"
$nodesize = "Standard_B4ms"
$nodeCount = "1"
$installFlux = $true
$installIstio = $true
$subscriptionId = (az account show --query id --output tsv)
# Create AKS cluster
Write-Host "Creating AKS cluster $clusterName in resource group $resourceGroup" -ForegroundColor Yellow
az group create `
--name $resourceGroup `
--location $location
az aks create `
--resource-group $resourceGroup `
--name $clusterName `
--node-vm-size $nodesize `
--node-count $nodeCount `
--network-plugin kubenet `
--pod-cidr 192.168.0.0/16 `
--zones 1 `
--generate-ssh-keys `
--enable-aad `
--enable-azure-rbac `
--disable-local-accounts
# Register the service mesh feature and wait until registration completes
$startTime = (Get-Date)
Do {
$serviceMeshPreviewState = (az feature show --namespace "Microsoft.ContainerService" --name "AzureServiceMeshPreview" | ConvertFrom-Json).properties.state
If ($serviceMeshPreviewState -eq "Not Registered") {
az feature register --namespace "Microsoft.ContainerService" --name "AzureServiceMeshPreview"
}
$elapsedSeconds = ((Get-Date) - $startTime).Seconds
Write-Host ("Feature is in a `"" + $serviceMeshPreviewState + "`" state. Registration started " + $elapsedSeconds + " seconds ago.") -ForegroundColor Yellow
Sleep 10
} Until ($serviceMeshPreviewState -eq "Registered")
# Register/re-register the provider
Write-Host "Registering/re-registering the Microsoft.ContainerService provider" -ForegroundColor Yellow
az provider register --namespace Microsoft.ContainerService
If ($installIstio) {
Write-Host "Enabling Istio service mesh..." -ForegroundColor Yellow
az aks mesh enable --resource-group $resourceGroup --name $clusterName
}
If ($installFlux) {
Write-Host "Enabling Flux extension..." -ForegroundColor Yellow
az k8s-extension create --resource-group $resourceGroup --cluster-name $clusterName --cluster-type managedClusters --name flux --extension-type microsoft.flux --config useKubeletIdentity=true
# Create Flux configurations and Kustomizations
# Example cluster configuration
az k8s-configuration flux create `
--cluster-name $clusterName `
--resource-group $resourceGroup `
--name cluster-config `
--namespace cluster-config `
--cluster-type managedClusters `
--scope cluster `
--url https://github.com/leekester/aks-deploy `
--branch master `
--sync-interval 0h1m0s `
--timeout 0h1m0s `
--kustomization name=cluster-kustomization path=fluxconfigurations/cluster prune=true sync_interval=0h1m0s timeout=0h1m0s retry_interval=0h0m30s
# Billing application configuration
az k8s-configuration flux create `
--cluster-name $clusterName `
--resource-group $resourceGroup `
--name billing-config `
--namespace billing-ns `
--cluster-type managedClusters `
--scope namespace `
--url https://github.com/leekester/aks-deploy `
--branch master `
--sync-interval 0h1m0s `
--timeout 0h1m0s `
--kustomization name=billing-kustomization path=fluxconfigurations/applications/billing prune=true sync_interval=0h1m0s timeout=0h1m0s retry_interval=0h0m30s
# Policy application configuration
az k8s-configuration flux create `
--cluster-name $clusterName `
--resource-group $resourceGroup `
--name policy-config `
--namespace policy-ns `
--cluster-type managedClusters `
--scope namespace `
--url https://github.com/leekester/aks-deploy `
--branch master `
--sync-interval 0h1m0s `
--timeout 0h1m0s `
--kustomization name=policy-kustomization path=fluxconfigurations/applications/policy prune=true sync_interval=0h1m0s timeout=0h1m0s retry_interval=0h0m30s
}
# Retrieve AKS admin credentials
Write-Host "Retrieving AKS credentials" -ForegroundColor Yellow
az aks get-credentials --name $clusterName --resource-group $resourceGroup --overwrite-existing