Created
January 16, 2018 14:11
-
-
Save pjbgf/6c74e42628a351a02824fb350673299f to your computer and use it in GitHub Desktop.
Circle CI config for AKS Cluster Provisioning
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: 2 | |
jobs: | |
provision_cluster: | |
docker: | |
- image: azuresdk/azure-cli-python | |
environment: | |
RESOURCE_GROUP: aks-poc-euw-rg | |
CLUSTER_LOCATION: westeurope | |
CONTAINER_REPOSITORY: akspoc | |
KEYVAULT_NAME: aks-poc-keyvault-euw | |
CLUSTER_NAME: aks-poc-euw | |
steps: | |
# LOGIN ONTO AZURE WITH EXISTING SERVICE PRINCIPAL | |
- run: | | |
az login --service-principal -u $SERVICE_PRINCIPAL --password $SERVICE_PRINCIPAL_PASS --tenant $SERVICE_TENANT | |
az account set --subscription $SUBSCRIPTION_NAME_OR_ID | |
# CREATE RESOURCE GROUP | |
- run: az group create --name $RESOURCE_GROUP --location $CLUSTER_LOCATION | |
# GENERATE SSH KEY | |
- run: ssh-keygen -t rsa -b 2048 -N '' -f ./cluster-ssh | |
# CREATE CONTAINER REPOSITORY (IDEALLY THIS WOULD BE REGION AGNOSTIC) | |
- run: az acr create --name $CONTAINER_REPOSITORY --resource-group $RESOURCE_GROUP --sku Basic | |
# CHECK FOR A BETTER WAY TO AUTOMATICALLY ENABLE AUTH | |
- run: az acr update -n $CONTAINER_REPOSITORY --admin-enabled true | |
# CREATE KEYVAULT AND UPLOAD SSH KEY | |
- run: az provider register -n Microsoft.KeyVault | |
- run: az keyvault create --name $KEYVAULT_NAME --resource-group $RESOURCE_GROUP --location $CLUSTER_LOCATION | |
- run: az keyvault secret set --vault-name $KEYVAULT_NAME --name cluster-ssh --file ./cluster-ssh | |
- run: az keyvault secret set --vault-name $KEYVAULT_NAME --name cluster-ssh-pub --file ./cluster-ssh.pub | |
# CREATE AKS CLUSTER, THEN DELETE SSH KEY | |
- run: az provider register -n Microsoft.ContainerService | |
- run: az aks create --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --location $CLUSTER_LOCATION --ssh-key-value ./cluster-ssh.pub --service-principal $SERVICE_PRINCIPAL --client-secret $SERVICE_PRINCIPAL_PASS #--kubernetes-version 1.8.2 | |
- run: kubectl create secret docker-registry acr-credentials --docker-server=$CONTAINER_REPOSITORY.azurecr.io --docker-username=$CONTAINER_REPOSITORY --docker-password=$(az acr credential show --name $CONTAINER_REPOSITORY --out table | tail -n1 | sed 's/ /|/g' | sed 's/||/|/g' | sed 's/||/|/g' | cut -f 2 -d '|') --docker-email=any@email.c.o | |
# DELETE GENERATED SSH KEYS | |
- run: rm cluster-ssh* | |
delete_all_resources: | |
docker: | |
- image: azuresdk/azure-cli-python | |
environment: | |
RESOURCE_GROUP: aks-poc2-euw-rg | |
steps: | |
- run: | | |
az login --service-principal -u $SERVICE_PRINCIPAL --password $SERVICE_PRINCIPAL_PASS --tenant $SERVICE_TENANT | |
az account set --subscription $SUBSCRIPTION_NAME_OR_ID | |
az group delete --yes --name $RESOURCE_GROUP | |
workflows: | |
version: 2 | |
on_demand_provisioning: | |
jobs: | |
- provision_cluster | |
nightly: | |
triggers: | |
- schedule: | |
cron: "0 0 * * *" | |
filters: | |
branches: | |
only: | |
- master | |
jobs: | |
- delete_all_resources |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment