Skip to content

Instantly share code, notes, and snippets.

@AymenSegni
Last active April 5, 2020 15:30
Show Gist options
  • Save AymenSegni/294b368b3a32c552ef64960091c4d000 to your computer and use it in GitHub Desktop.
Save AymenSegni/294b368b3a32c552ef64960091c4d000 to your computer and use it in GitHub Desktop.
resource "azurerm_kubernetes_cluster" "cluster" {
name = var.cluster_name
location = var.location
resource_group_name = var.resource_group_name
dns_prefix = var.dns_prefix
kubernetes_version = var.kubernetes_version
default_node_pool {
name = var.agent_pool_name
node_count = var.node_count
vm_size = var.vm_size
os_disk_size_gb = var.os_disk_size_gb
vnet_subnet_id = var.vnet_subnet_id
max_pods = var.max_pods
type = var.agent_pool_type
}
network_profile {
network_plugin = var.network_plugin
network_policy = "calico"
service_cidr = var.service_cidr
dns_service_ip = "10.0.0.10"
docker_bridge_cidr = "172.17.0.1/16"
}
service_principal {
client_id = var.client_id
client_secret = var.client_secret
}
tags = {
Environment = "Development"
}
lifecycle {
prevent_destroy = true
}
}
resource "azurerm_monitor_diagnostic_setting" "aks_cluster" {
name = "${azurerm_kubernetes_cluster.cluster.name}-audit"
target_resource_id = azurerm_kubernetes_cluster.cluster.id
log_analytics_workspace_id = var.diagnostics_workspace_id
log {
category = "kube-apiserver"
enabled = true
retention_policy {
enabled = false
}
}
log {
category = "kube-controller-manager"
enabled = true
retention_policy {
enabled = false
}
}
log {
category = "cluster-autoscaler"
enabled = true
retention_policy {
enabled = false
}
}
log {
category = "kube-scheduler"
enabled = true
retention_policy {
enabled = false
}
}
log {
category = "kube-audit"
enabled = true
retention_policy {
enabled = false
}
}
metric {
category = "AllMetrics"
enabled = false
retention_policy {
enabled = false
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment