Exemplo n.º 1
0
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
from pulumi_azure.core import ResourceGroup
from pulumi_azure.containerservice import KubernetesCluster
from pulumi_azuread import Application, ServicePrincipal, ServicePrincipalPassword

# read and set config values
config = pulumi.Config("azure-py-aks")

PREFIX = config.require("prefix")
PASSWORD = config.require_secret("password")
SSHKEY = config.require("sshkey")
LOCATION = config.get("location") or "east us"

# create a Resource Group and Network for all resources
resource_group = ResourceGroup("rg", name=PREFIX + "rg", location=LOCATION)

# create Azure AD Application for AKS
app = Application("aks-app", name=PREFIX + "aks-app")

# create service principal for the application so AKS can act on behalf of the application
sp = ServicePrincipal(
    "aks-app-sp",
    application_id=app.application_id,
)

# create service principal password
sppwd = ServicePrincipalPassword(
    "aks-app-sp-pwd",
    service_principal_id=sp.id,
    end_date="2099-01-01T00:00:00Z",
Exemplo n.º 2
0
config = pulumi.Config()
PASSWORD = config.require('password')
SSHKEY = config.require('sshPublicKey')
LOCATION = config.get('location') or 'east us'
SA_PASSWORD = config.require('sa_password')

app = Application('kzhou-app', name='kzhou-app')

sp = ServicePrincipal('kzhou-aks-sp', application_id=app.application_id)

sppwd = ServicePrincipalPassword('kzhou-aks-sp-pwd',
                                 service_principal_id=sp.id,
                                 end_date='2025-01-01T01:02:03Z',
                                 value=PASSWORD)

rg = ResourceGroup('rg', name='kzhou-rg', location=LOCATION)

# Create an Azure resource (Storage Account)
account = Account(
    'storage',
    # The location for the storage account will be derived automatically from the resource group.
    resource_group_name=rg.name,
    account_tier='Standard',
    account_replication_type='LRS')

vnet = VirtualNetwork('vnet',
                      name='kzhou-vnet',
                      location=rg.location,
                      resource_group_name=rg.name,
                      address_spaces=['10.0.0.0/16'])
subnet = Subnet('subnet',
Exemplo n.º 3
0
SSHKEY = config.require('sshkey')
LOCATION = config.get('location') or 'east us'

# create Azure AD Application for AKS
app = Application('aks-app', name=PREFIX + 'aks-app')

# create service principal for the application so AKS can act on behalf of the application
sp = ServicePrincipal('aks-sp', application_id=app.application_id)

# create service principal password
sppwd = ServicePrincipalPassword('aks-sp-pwd',
                                 service_principal_id=sp.id,
                                 end_date='2025-01-01T01:02:03Z',
                                 value=PASSWORD)

rg = ResourceGroup('rg', name=PREFIX + 'rg', location=LOCATION)

vnet = VirtualNetwork('vnet',
                      name=PREFIX + 'vnet',
                      location=rg.location,
                      resource_group_name=rg.name,
                      address_spaces=['10.0.0.0/8'])

subnet = Subnet('subnet',
                name=PREFIX + 'subnet',
                resource_group_name=rg.name,
                address_prefix='10.0.0.0/23',
                virtual_network_name=vnet.name)

# create Azure Container Registry to store images in
acr = Registry('acr',
Exemplo n.º 4
0
from pulumi import ResourceOptions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
from pulumi_azure.core import ResourceGroup
from pulumi_azure.containerservice import KubernetesCluster
from pulumi_azuread import Application, ServicePrincipal, ServicePrincipalPassword

# read and set config values
config = pulumi.Config("azure-py-aks")

PASSWORD = config.require_secret("password")
SSHKEY = config.require("sshkey")

# create a Resource Group and Network for all resources
resource_group = ResourceGroup("aks-rg")

# create Azure AD Application for AKS
app = Application("aks-app")

# create service principal for the application so AKS can act on behalf of the application
sp = ServicePrincipal(
    "aks-app-sp",
    application_id=app.application_id,
)

# create service principal password
sppwd = ServicePrincipalPassword(
    "aks-app-sp-pwd",
    service_principal_id=sp.id,
    end_date="2099-01-01T00:00:00Z",
Exemplo n.º 5
0
PASSWORD = '******'
SSHKEY = 'replaceme'

# create Azure AD Application for AKS
app = Application('aks-app', name=PREFIX + 'aks-app')

# create service principal for the application so AKS can act on behalf of the application
sp = ServicePrincipal('aks-sp', application_id=app.application_id)

# create service principal password
sppwd = ServicePrincipalPassword('aks-sp-pwd',
                                 service_principal_id=sp.id,
                                 end_date='2025-01-01T01:02:03Z',
                                 value=PASSWORD)

rg = ResourceGroup('rg', name=PREFIX + 'rg', location='westeurope')

vnet = VirtualNetwork('vnet',
                      name=PREFIX + 'vnet',
                      location=rg.location,
                      resource_group_name=rg.name,
                      address_spaces=['10.0.0.0/8'])

subnet = Subnet('subnet',
                name=PREFIX + 'subnet',
                resource_group_name=rg.name,
                address_prefix='10.0.0.0/23',
                virtual_network_name=vnet.name)

# create Azure Container Registry to store images in
acr = Registry('acr',
Exemplo n.º 6
0
VMSIZE = config.get("vmSize")
DOCKER_TAG = config.get("dockerTag")
DOCKER_REPO_URI = PREFIX + "acr" + ".azurecr.io" + DOCKER_TAG

# docker client
dockerclient = docker.from_env()

if pulumi.runtime.is_dry_run() == False:
    image, log = dockerclient.images.build(path="./",
                                           tag=PREFIX + "acr" + DOCKER_TAG)
    for line in log:
        print(line)

# create resource group
resource_group = ResourceGroup("rg",
                               name=pulumi.get_stack() + "rg",
                               location=LOCATION)

vnet = VirtualNetwork(
    "vnet",
    name=PREFIX + "vnet",
    resource_group_name=resource_group.name,
    address_spaces=[VNETADDRESSSPACE],
    __opts__=ResourceOptions(parent=resource_group),
)

subnet = Subnet(
    "subnet",
    name=PREFIX + "subnet",
    resource_group_name=resource_group.name,
    address_prefix=SUBNETADDRESSSPACE,
Exemplo n.º 7
0
from pulumi_azure.authorization import Assignment
from pulumi_azure.containerservice import KubernetesCluster, Registry
from pulumi_azure.network import VirtualNetwork, Subnet
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service, Namespace

config = pulumi.Config()
SA_PASSWORD = config.require('sa_password')

infra = StackReference(f"kzhou57/pulumi-azure-quickstart/dev")

# TODO read from output
ACR_NAME = 'kzhouacr'

rg = ResourceGroup.get('rg', id=infra.get_output('resource_group_id'))

custom_provider = Provider("k8s", kubeconfig=infra.get_output('kubeconfig'))

# K8s SQL server csharpexamplesql
name = 'csharpexamplesql'
sql_namespace = Namespace(name,
                          metadata={},
                          __opts__=ResourceOptions(provider=custom_provider))

appLabels = {"appClass": name}

sql_deployment = Deployment(
    name,
    metadata={"labels": appLabels},
    spec={
Exemplo n.º 8
0
import pulumi
from pulumi import ResourceOptions
from pulumi_azure.core import ResourceGroup
from pulumi_azure.containerservice import KubernetesCluster
from pulumi_azuread import Application, ServicePrincipal, ServicePrincipalPassword

# read and set config values
config = pulumi.Config()

PASSWORD = config.require_secret("password")
SSHKEY = config.require("sshkey")

# create a Resource Group and Network for all resources
resource_group = ResourceGroup("miw-aks-rg")

# create Azure AD Application for AKS
app = Application("miw-aks-app")

# create service principal for the application so AKS can act on behalf of the application
sp = ServicePrincipal(
    "miw-aks-app-sp",
    application_id=app.application_id,
)

# create service principal password
sppwd = ServicePrincipalPassword(
    "miw-aks-app-sp-pwd",
    service_principal_id=sp.id,
    end_date="2099-01-01T00:00:00Z",
    value=PASSWORD,
)