» azurerm_kubernetes_cluster

Creates a managed Kubernetes Cluster (AKS)

» Example Usage

resource "azurerm_resource_group" "test" {
  name     = "acctestRG1"
  location = "East US"
}

resource "azurerm_kubernetes_cluster" "test" {
  name                = "acctestaks1"
  location            = "${azurerm_resource_group.test.location}"
  resource_group_name = "${azurerm_resource_group.test.name}"
  dns_prefix          = "acctestagent1"

  linux_profile {
    admin_username = "acctestuser1"

    ssh_key {
      key_data = "ssh-rsa ..."
    }
  }

  agent_pool_profile {
    name            = "default"
    count           = 1
    vm_size         = "Standard_A0"
    os_type         = "Linux"
    os_disk_size_gb = 30
  }

  service_principal {
    client_id     = "00000000-0000-0000-0000-000000000000"
    client_secret = "00000000000000000000000000000000"
  }

  tags {
    Environment = "Production"
  }
}

output "id" {
    value = "${azurerm_kubernetes_cluster.test.id}"
}

output "kube_config" {
  value = "${azurerm_kubernetes_cluster.test.kube_config_raw}"
}

output "client_key" {
  value = "${azurerm_kubernetes_cluster.test.kube_config.0.client_key}"
}

output "client_certificate" {
  value = "${azurerm_kubernetes_cluster.test.kube_config.0.client_certificate}"
}

output "cluster_ca_certificate" {
  value = "${azurerm_kubernetes_cluster.test.kube_config.0.cluster_ca_certificate}"
}

output "host" {
  value = "${azurerm_kubernetes_cluster.test.kube_config.0.host}"
}

» Argument Reference

The following arguments are supported:

  • name - (Required) The name of the AKS Managed Cluster instance to create. Changing this forces a new resource to be created.

  • location - (Required) The location where the AKS Managed Cluster instance should be created. Changing this forces a new resource to be created.

  • resource_group_name - (Required) Specifies the resource group where the resource exists. Changing this forces a new resource to be created.

  • dns_prefix - (Optional) DNS prefix specified when creating the managed cluster.

  • kubernetes_version - (Optional) Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade).

  • linux_profile - (Required) A Linux Profile block as documented below.

  • agent_pool_profile - (Required) One or more Agent Pool Profile's block as documented below.

  • service_principal - (Required) A Service Principal block as documented below.

  • tags - (Optional) A mapping of tags to assign to the resource.

linux_profile supports the following:

  • admin_username - (Required) The Admin Username for the Cluster. Changing this forces a new resource to be created.
  • ssh_key - (Required) An SSH Key block as documented below.

ssh_key supports the following:

  • key_data - (Required) The Public SSH Key used to access the cluster. Changing this forces a new resource to be created.

agent_pool_profile supports the following:

  • name - (Required) Unique name of the Agent Pool Profile in the context of the Subscription and Resource Group. Changing this forces a new resource to be created.
  • count - (Required) Number of Agents (VMs) in the Pool. Possible values must be in the range of 1 to 50 (inclusive). Defaults to 1.
  • vm_size - (Required) The size of each VM in the Agent Pool (e.g. Standard_F1). Changing this forces a new resource to be created.
  • os_disk_size_gb - (Optional) The Agent Operating System disk size in GB. Changing this forces a new resource to be created.
  • os_type - (Optional) The Operating System used for the Agents. Possible values are Linux and Windows. Changing this forces a new resource to be created. Defaults to Linux.
  • vnet_subnet_id - (Optional) The ID of the Subnet where the Agents in the Pool should be provisioned. Changing this forces a new resource to be created.

service_principal supports the following:

  • client_id - (Required) The Client ID for the Service Principal.
  • client_secret - (Required) The Client Secret for the Service Principal.

» Attributes Reference

The following attributes are exported:

  • id - The Kubernetes Managed Cluster ID.

  • fqdn - The FQDN of the Azure Kubernetes Managed Cluster.

  • kube_config_raw - Base64 encoded Kubernetes configuration

  • kube_config - Kubernetes configuration, sub-attributes defined below:

    • client_key - Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
    • client_certificate - Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
    • cluster_ca_certificate - Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
    • host - The Kubernetes cluster server host.
    • username - A username used to authenticate to the Kubernetes cluster.
    • password - A password or token used to authenticate to the Kubernetes cluster.
provider "kubernetes" {
  host                   = "${azurerm_kubernetes_cluster.main.kube_config.0.host}"
  username               = "${azurerm_kubernetes_cluster.main.kube_config.0.username}"
  password               = "${azurerm_kubernetes_cluster.main.kube_config.0.password}"
  client_certificate     = "${base64decode(azurerm_kubernetes_cluster.main.kube_config.0.client_certificate)}"
  client_key             = "${base64decode(azurerm_kubernetes_cluster.main.kube_config.0.client_key)}"
  cluster_ca_certificate = "${base64decode(azurerm_kubernetes_cluster.main.kube_config.0.cluster_ca_certificate)}"
}

» Import

Kubernetes Managed Clusters can be imported using the resource id, e.g.

terraform import azurerm_kubernetes_cluster.cluster1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.ContainerService/managedClusters/cluster1