Merge pull request microsoft#108 from TomArcherMsft/UserStory1981979

lonegunmanb · web-flow · commit 0016d17db469 · 2022-08-30T03:06:39.000+08:00
User Story 1981979
diff --git a/quickstart/101-attestation-provider/main.tf b/quickstart/101-attestation-provider/main.tf
@@ -3,14 +3,13 @@ resource "random_pet" "rg_name" {
 }
 
 resource "azurerm_resource_group" "rg" {
-  name     = random_pet.rg_name.id
   location = var.resource_group_location
+  name     = random_pet.rg_name.id
 }
 
 resource "azurerm_attestation_provider" "corp_attestation" {
-  name                = var.attestation_provider_name
-  resource_group_name = azurerm_resource_group.rg.name
-  location            = azurerm_resource_group.rg.location
-
+  location                        = azurerm_resource_group.rg.location
+  name                            = var.attestation_provider_name
+  resource_group_name             = azurerm_resource_group.rg.name
   policy_signing_certificate_data = file(var.policy_file)
 }
diff --git a/quickstart/101-attestation-provider/outputs.tf b/quickstart/101-attestation-provider/outputs.tf
@@ -1,3 +1,3 @@
 output "resource_group_name" {
   value = azurerm_resource_group.rg.name
-}
+}
diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf
@@ -6,9 +6,13 @@ terraform {
       source  = "hashicorp/azurerm"
       version = "~>2.0"
     }
+    random = {
+      source  = "hashicorp/random"
+      version = "~>3.0"
+    }
   }
 }
 
 provider "azurerm" {
   features {}
-}
+}
diff --git a/quickstart/101-attestation-provider/variables.tf b/quickstart/101-attestation-provider/variables.tf
@@ -1,17 +1,17 @@
-variable "resource_group_name_prefix" {
-  default     = "rg"
-  description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription."
+variable "attestation_provider_name" {
+  default = "attestationprovider007"
+}
+
+variable "policy_file" {
+  default = "~/.certs/cert.pem"
 }
 
 variable "resource_group_location" {
   default     = "eastus"
   description = "Location of the resource group."
 }
 
-variable "policy_file" {
-  default = "~/.certs/cert.pem"
-}
-
-variable "attestation_provider_name" {
-  default = "attestationprovider007"
+variable "resource_group_name_prefix" {
+  default     = "rg"
+  description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription."
 }
diff --git a/quickstart/101-resource-group/main.tf b/quickstart/101-resource-group/main.tf
@@ -3,6 +3,6 @@ resource "random_pet" "rg_name" {
 }
 
 resource "azurerm_resource_group" "rg" {
-  name     = random_pet.rg_name.id
   location = var.resource_group_location
-}
+  name     = random_pet.rg_name.id
+}
diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf
@@ -6,9 +6,13 @@ terraform {
       source  = "hashicorp/azurerm"
       version = "~>2.0"
     }
+    random = {
+      source  = "hashicorp/random"
+      version = "~>3.0"
+    }
   }
 }
 
 provider "azurerm" {
   features {}
-}
+}
diff --git a/quickstart/101-resource-group/variables.tf b/quickstart/101-resource-group/variables.tf
@@ -1,9 +1,9 @@
-variable "resource_group_name_prefix" {
-  default     = "rg"
-  description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription."
-}
-
 variable "resource_group_location" {
   default     = "eastus"
   description = "Location of the resource group."
 }
+
+variable "resource_group_name_prefix" {
+  default     = "rg"
+  description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription."
+}
diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf
@@ -0,0 +1,65 @@
+# Generate random resource group name
+resource "random_pet" "rg_name" {
+  prefix = var.resource_group_name_prefix
+}
+
+resource "azurerm_resource_group" "rg" {
+  location = var.resource_group_location
+  name     = random_pet.rg_name.id
+}
+
+resource "random_id" "log_analytics_workspace_name_suffix" {
+  byte_length = 8
+}
+
+resource "azurerm_log_analytics_workspace" "test" {
+  location            = var.log_analytics_workspace_location
+  # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant.
+  name                = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}"
+  resource_group_name = azurerm_resource_group.rg.name
+  sku                 = var.log_analytics_workspace_sku
+}
+
+resource "azurerm_log_analytics_solution" "test" {
+  location              = azurerm_log_analytics_workspace.test.location
+  resource_group_name   = azurerm_resource_group.rg.name
+  solution_name         = "ContainerInsights"
+  workspace_name        = azurerm_log_analytics_workspace.test.name
+  workspace_resource_id = azurerm_log_analytics_workspace.test.id
+
+  plan {
+    product   = "OMSGallery/ContainerInsights"
+    publisher = "Microsoft"
+  }
+}
+
+resource "azurerm_kubernetes_cluster" "k8s" {
+  location            = azurerm_resource_group.rg.location
+  name                = var.cluster_name
+  resource_group_name = azurerm_resource_group.rg.name
+  dns_prefix          = var.dns_prefix
+  tags                = {
+    Environment = "Development"
+  }
+
+  default_node_pool {
+    name       = "agentpool"
+    vm_size    = "Standard_D2_v2"
+    node_count = var.agent_count
+  }
+  linux_profile {
+    admin_username = "ubuntu"
+
+    ssh_key {
+      key_data = file(var.ssh_public_key)
+    }
+  }
+  network_profile {
+    network_plugin    = "kubenet"
+    load_balancer_sku = "standard"
+  }
+  service_principal {
+    client_id     = var.aks_service_principal_app_id
+    client_secret = var.aks_service_principal_client_secret
+  }
+}
diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf
@@ -0,0 +1,38 @@
+output "client_certificate" {
+  value     = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate
+  sensitive = true
+}
+
+output "client_key" {
+  value     = azurerm_kubernetes_cluster.k8s.kube_config[0].client_key
+  sensitive = true
+}
+
+output "cluster_ca_certificate" {
+  value     = azurerm_kubernetes_cluster.k8s.kube_config[0].cluster_ca_certificate
+  sensitive = true
+}
+
+output "cluster_password" {
+  value     = azurerm_kubernetes_cluster.k8s.kube_config[0].password
+  sensitive = true
+}
+
+output "cluster_username" {
+  value     = azurerm_kubernetes_cluster.k8s.kube_config[0].username
+  sensitive = true
+}
+
+output "host" {
+  value     = azurerm_kubernetes_cluster.k8s.kube_config[0].host
+  sensitive = true
+}
+
+output "kube_config" {
+  value     = azurerm_kubernetes_cluster.k8s.kube_config_raw
+  sensitive = true
+}
+
+output "resource_group_name" {
+  value = azurerm_resource_group.rg.name
+}
diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf
@@ -0,0 +1,18 @@
+terraform {
+  required_version = ">=1.0"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~>3.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~>3.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}
diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md
@@ -0,0 +1,33 @@
+# Kubernetes cluster with Azure Kubernetes Service (AKS)
+
+This template provisions an [AKS / Azure Kubernetes service (also known as a Managed Kubernetes Cluster)](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster).
+
+## Terraform resource types
+
+- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet)
+- [random_string](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string)
+- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group)
+- [azurerm_log_analytics_workspace](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace)
+- [azurerm_log_analytics_solution](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_solution)
+- [azurerm_kubernetes_cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster)
+
+## Variables
+
+| Name | Description | Default |
+|-|-|-|
+| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg |
+| `resource_group_location` | Location of the resource group. | eastus |
+| `agent_count` | Initial number of nodes which should exist in this Node Pool. Value must be between 1 and 1000. | 3 | 
+| `ssh_public_key` | File containing the an ssh_key block. | ~/.ssh/id_rsa.pub |
+| `dns_prefix` | DNS prefix specified when creating the managed cluster. | k8stest |
+| `cluster_name` | Name of the Managed Kubernetes Cluster to create. | k8stest |
+| `log_analytics_workspace_name` | Prefix of the name of the Log Analytics Workspace. Random value is appended to ensure uniqueness across Azure. | testLogAnalyticsWorkspaceName |
+| `log_analytics_workspace_location` | Azure location where the resource exists. | eastus |
+| `log_analytics_workspace_sku` | SKU of the Log Analytics Workspace. | PerGB2018 |
+| `aks_service_principal_app_id` | Service principal app ID. | |
+| `aks_service_principal_client_secret` | Service principal password. | |
+| `aks_service_principal_object_id` | Service principal object ID. | |
+
+## Example
+
+To see how to run this example, see [Create a Kubernetes cluster with Azure Kubernetes Service using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-k8s-cluster-with-tf-and-aks).
diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars
@@ -0,0 +1,2 @@
+aks_service_principal_app_id = "<service_principal_app_id>"
+aks_service_principal_client_secret = "<service_principal_password>"
diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf
@@ -0,0 +1,49 @@
+variable "agent_count" {
+  default = 3
+}
+
+# The following two variable declarations are placeholder references.
+# Set the values for these variable in terraform.tfvars
+variable "aks_service_principal_app_id" {
+  default = ""
+}
+
+variable "aks_service_principal_client_secret" {
+  default = ""
+}
+
+variable "cluster_name" {
+  default = "k8stest"
+}
+
+variable "dns_prefix" {
+  default = "k8stest"
+}
+
+# Refer to https://azure.microsoft.com/global-infrastructure/services/?products=monitor for available Log Analytics regions.
+variable "log_analytics_workspace_location" {
+  default = "eastus"
+}
+
+variable "log_analytics_workspace_name" {
+  default = "testLogAnalyticsWorkspaceName"
+}
+
+# Refer to https://azure.microsoft.com/pricing/details/monitor/ for Log Analytics pricing
+variable "log_analytics_workspace_sku" {
+  default = "PerGB2018"
+}
+
+variable "resource_group_location" {
+  default     = "eastus"
+  description = "Location of the resource group."
+}
+
+variable "resource_group_name_prefix" {
+  default     = "rg"
+  description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription."
+}
+
+variable "ssh_public_key" {
+  default = "~/.ssh/id_rsa.pub"
+}
diff --git a/quickstart/201-mysql-fs-db/main.tf b/quickstart/201-mysql-fs-db/main.tf
diff --git a/quickstart/201-mysql-fs-db/mysql-fs-db.tf b/quickstart/201-mysql-fs-db/mysql-fs-db.tf
diff --git a/quickstart/201-mysql-fs-db/outputs.tf b/quickstart/201-mysql-fs-db/outputs.tf
diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf
diff --git a/quickstart/201-mysql-fs-db/readme.md b/quickstart/201-mysql-fs-db/readme.md
diff --git a/quickstart/201-mysql-fs-db/variables.tf b/quickstart/201-mysql-fs-db/variables.tf

Original file line number	Diff line number	Diff line change
`@@ -3,14 +3,13 @@ resource "random_pet" "rg_name" {`
`3`	`3`	`}`
`4`	`4`
`5`	`5`	`resource "azurerm_resource_group" "rg" {`
`6`		`- name = random_pet.rg_name.id`
`7`	`6`	`location = var.resource_group_location`
	`7`	`+ name = random_pet.rg_name.id`
`8`	`8`	`}`
`9`	`9`
`10`	`10`	`resource "azurerm_attestation_provider" "corp_attestation" {`
`11`		`- name = var.attestation_provider_name`
`12`		`- resource_group_name = azurerm_resource_group.rg.name`
`13`		`- location = azurerm_resource_group.rg.location`
`14`		`-`
	`11`	`+ location = azurerm_resource_group.rg.location`
	`12`	`+ name = var.attestation_provider_name`
	`13`	`+ resource_group_name = azurerm_resource_group.rg.name`
`15`	`14`	`policy_signing_certificate_data = file(var.policy_file)`
`16`	`15`	`}`
-Original file line number
+Diff line change
@@ @@ -1,3 +1,3 @@ @@
 output "resource_group_name" {
   value = azurerm_resource_group.rg.name
 -}
 +}
Original file line number	Diff line number	Diff line change
`@@ -6,9 +6,13 @@ terraform {`
`6`	`6`	`source = "hashicorp/azurerm"`
`7`	`7`	`version = "~>2.0"`
`8`	`8`	`}`
	`9`	`+ random = {`
	`10`	`+ source = "hashicorp/random"`
	`11`	`+ version = "~>3.0"`
	`12`	`+ }`
`9`	`13`	`}`
`10`	`14`	`}`
`11`	`15`
`12`	`16`	`provider "azurerm" {`
`13`	`17`	`features {}`
`14`		`-}`
	`18`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,6 @@ resource "random_pet" "rg_name" {`
`3`	`3`	`}`
`4`	`4`
`5`	`5`	`resource "azurerm_resource_group" "rg" {`
`6`		`- name = random_pet.rg_name.id`
`7`	`6`	`location = var.resource_group_location`
`8`		`-}`
	`7`	`+ name = random_pet.rg_name.id`
	`8`	`+}`