pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated dev environment for JEDI.

Browse Source 
- Updated environment name.
- Updated variables.
- AKS service principal creds moved to the operator Key Vault.
This commit is contained in:
dandds 2020-01-20 19:34:47 -05:00
parent fdd8e3dbba
commit 9f2bdd4a9f
9 changed files with 49 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -31,6 +31,7 @@ static/buildinfo.*
# local log files
log/*
*.log
config/dev.ini
.env*
@ -74,3 +75,7 @@ celerybeat-schedule
js/test_templates
.mypy_cache/
# terraform
*.tfstate
*.backup

4
terraform/modules/k8s/main.tf
View File

@ -10,8 +10,8 @@ resource "azurerm_kubernetes_cluster" "k8s" {
dns_prefix = var.k8s_dns_prefix
service_principal {
client_id = "f05a4457-bd5e-4c63-98e1-89aab42645d0"
client_secret = "19b69e2c-9f55-4850-87cb-88c67a8dc811"
client_id = var.client_id
client_secret = var.client_secret
}
default_node_pool {

10
terraform/modules/k8s/variables.tf
View File

@ -52,3 +52,13 @@ variable "min_count" {
type = string
description = "Minimum number of nodes to use in autoscaling. This requires `enable_auto_scaling` to be set to true"
}
variable "client_id" {
type = string
description = "The client ID for the Service Principal associated with the AKS cluster."
}
variable "client_secret" {
type = string
description = "The client secret for the Service Principal associated with the AKS cluster."
}

11
terraform/providers/dev/buckets.tf
View File

@ -1,6 +1,15 @@
module "task_order_bucket" {
source = "../../modules/bucket"
service_name = "tasksatat"
service_name = "jeditasksatat"
owner = var.owner
name = var.name
environment = var.environment
region = var.region
}
module "tf_state" {
source = "../../modules/bucket"
service_name = "jedidevtfstate"
owner = var.owner
name = var.name
environment = var.environment

12
terraform/providers/dev/k8s.tf
View File

@ -1,3 +1,13 @@
data "azurerm_key_vault_secret" "k8s_client_id" {
name = "k8s-client-id"
key_vault_id = module.operator_keyvault.id
}
data "azurerm_key_vault_secret" "k8s_client_secret" {
name = "k8s-client-secret"
key_vault_id = module.operator_keyvault.id
}
module "k8s" {
source = "../../modules/k8s"
region = var.region
@ -10,6 +20,8 @@ module "k8s" {
enable_auto_scaling = true
max_count = 5
min_count = 3
client_id = data.azurerm_key_vault_secret.k8s_client_id.value
client_secret = data.azurerm_key_vault_secret.k8s_client_secret.value
}
#module "main_lb" {

2
terraform/providers/dev/keyvault.tf
View File

@ -1,6 +1,6 @@
module "keyvault" {
source = "../../modules/keyvault"
name = var.name
name = "cz"
region = var.region
owner = var.owner
environment = var.environment

4
terraform/providers/dev/provider.tf
View File

@ -9,8 +9,8 @@ provider "azuread" {
terraform {
backend "azurerm" {
resource_group_name = "cloudzero-dev-tfstate"
storage_account_name = "cloudzerodevtfstate"
resource_group_name = "cloudzero-jedidev-jedidevtfstate"
storage_account_name = "jedidevtfstate"
container_name = "tfstate"
key = "dev.terraform.tfstate"
}

2
terraform/providers/dev/secrets.tf
View File

@ -1,6 +1,6 @@
module "operator_keyvault" {
source = "../../modules/keyvault"
name = "operator"
name = "ops"
region = var.region
owner = var.owner
environment = var.environment

10
terraform/providers/dev/variables.tf
View File

@ -1,9 +1,9 @@
variable "environment" {
default = "dev"
default = "jedidev"
}
variable "region" {
default = "eastus2"
default = "eastus"
}
@ -69,13 +69,13 @@ variable "k8s_dns_prefix" {
variable "tenant_id" {
type = string
default = "b5ab0e1e-09f8-4258-afb7-fb17654bc5b3"
default = "47f616e9-6ff5-4736-9b9e-b3f62c93a915"
}
variable "admin_users" {
type = map
default = {
"Rob Gil" = "2ca63d41-d058-4e06-aef6-eb517a53b631"
"Daniel Corrigan" = "d5bb69c2-3b88-4e96-b1a2-320400f1bf1b"
"Rob Gil" = "cef37d01-1acf-4085-96c8-da9d34d0237e"
"Dan Corrigan" = "7e852ceb-eb0d-49b1-b71e-e9dcd1082ffc"
}
}