-
Notifications
You must be signed in to change notification settings - Fork 3
/
vars.tf
272 lines (232 loc) · 7.24 KB
/
vars.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
variable "project" {
type = string
description = "Three letter project key"
}
variable "stage" {
type = string
description = "Stage for this ip"
}
variable "location" {
type = string
description = "Azure location to use"
}
variable "resource_group" {
type = string
description = "Azure Resource Group to use"
}
variable "tags" {
type = map(any)
description = "Map of tags for the resources"
default = {}
}
variable "dns_prefix" {
type = string
description = "DNS-Prefix to use. Defaults to cluster name"
default = "NONE"
}
variable "node_count" {
type = string
description = "Number of Kubernetes cluster nodes to use"
}
variable "vm_size" {
type = string
description = "Type of vm to use. Use az vm list-sizes --location <location> to list all available sizes"
}
variable "kubernetes_version" {
type = string
description = "Version of kubernetes of the control plane"
}
variable "subnet_id" {
type = string
description = "ID of subnet to host the nodes, pods and services in."
}
variable "node_storage" {
type = string
description = "Disk size in GB"
default = "30"
}
variable "rbac_enabled" {
type = bool
description = "Enables RBAC on the cluster. If true, rbac_managed_admin_groups have to be specified."
default = true
}
variable "rbac_managed_admin_groups" {
type = list(string)
description = "The group IDs that have admin access to the cluster. Have to be specified if rbac_enabled is true"
}
variable "default_node_pool_name" {
type = string
description = "Name of the default node pool"
default = "default"
}
variable "default_node_pool_k8s_version" {
type = string
description = "Version of kubernetes for the default node pool"
}
variable "node_pools" {
type = map(object({
vm_size : string,
count : number,
os_disk_size_gb : number,
k8s_version : string,
node_labels : map(string),
max_pods : number,
mode : string,
taints : list(string),
availability_zones : list(number)
}))
default = {}
description = "Additional node pools to set up"
}
variable "auto_scaling_enabled" {
type = bool
description = "Enable auto-scaling of node pool"
default = false
}
variable "auto_scaling_min_node_count" {
type = string
description = "Enable auto-scaling of node pool"
default = "1"
}
variable "auto_scaling_max_node_count" {
type = string
description = "Enable auto-scaling of node pool"
default = "1"
}
variable "load_balancer_sku" {
type = string
description = "The SKU for the used Load Balancer"
default = "basic"
}
variable "max_pods" {
type = string
description = "Amount of pods allowed on each node (be aware that kubernetes system pods are also counted"
default = "30"
}
variable "availability_zones" {
type = list(number)
description = "availability zones to spread the cluster nodes across, if omitted, only one avilability zone is used"
default = []
}
variable "temporary_name_for_rotation" {
type = string
description = "Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing."
default = "rotationtmp"
}
variable "sku_tier" {
type = string
default = "Free"
}
variable "static_outbound_ip_count" {
type = number
description = <<EOF
On a lot of outgoing connections use this together with the maximum for outbound_ports_allocated of 64000 to not fall into network
bottlenecks. Recommended in that case is to set the count at least +5 more than the count of kubernetes nodes.
EOF
validation {
condition = var.static_outbound_ip_count >= 0 && var.static_outbound_ip_count <= 100
error_message = "Static_outbound_ip_count has to be between 0 and 100 including."
}
default = 0
}
variable "outbound_ports_allocated" {
type = number
description = "Pre-allocated ports (AKS default: 0)"
validation {
condition = var.outbound_ports_allocated >= 0 && var.outbound_ports_allocated <= 64000
error_message = "Outbound_ports_allocated has to be between 0 and 64000 including."
}
default = 0
}
variable "network_policy" {
type = string
description = "Network policy to use, currently only azure and callico are supported"
default = "azure"
}
variable "idle_timeout" {
type = number
description = "Desired outbound flow idle timeout in minutes for the cluster load balancer. Must be between 4 and 120 inclusive."
default = 5
validation {
condition = var.idle_timeout >= 4 && var.idle_timeout <= 120
error_message = "Idle_timeout has to be between 4 and 120 including."
}
}
variable "ssh_public_key" {
type = string
default = ""
description = "SSH public key to access the kubernetes node with"
}
variable "api_server_ip_ranges" {
type = list(string)
description = "The IP ranges to allow for incoming traffic to the server nodes. To disable the limitation, set an empty list as value (default)."
default = []
}
variable "managed_identity_security_group" {
type = string
default = ""
description = <<-EOF
The name of a group which is assigned to appropriate roles in the subscription to manage resources that are required by the AKS.
Setting this to a non empty string will add the AKS managed identity to this group.
You need the following API permissions (with admin consent) on a service prinicpal to make this work:
* Directory.Read.All
* Group.Read.All
* Group.ReadWrite.All
EOF
}
variable "azure_container_registry_ids" {
type = list(string)
default = []
description = <<-EOF
IDs of the azure container registries that the AKS should have pull access to
EOF
}
variable "image_cleaner_enabled" {
description = "Azure default settings"
type = bool
default = false
}
variable "image_cleaner_interval_hours" {
description = "Azure default settings"
type = number
default = 48
}
variable "automatic_upgrade_channel" {
type = string
default = "none"
description = <<-EOF
Values:
none, patch, stable, rapid, node-image
see https://learn.microsoft.com/en-us/azure/aks/auto-upgrade-cluster
EOF
}
variable "maintenance_window_auto_upgrade_day_of_week" {
type = string
default = "Monday"
description = <<-EOF
see https://learn.microsoft.com/en-us/azure/aks/planned-maintenance#creating-a-maintenance-window
EOF
}
variable "maintenance_window_auto_upgrade_duration" {
type = string
default = "4"
description = <<-EOF
see https://learn.microsoft.com/en-us/azure/aks/planned-maintenance#creating-a-maintenance-window
EOF
}
variable "maintenance_window_auto_upgrade_start_time" {
type = string
default = "04:00"
description = <<-EOF
Example: "04:00"
see https://learn.microsoft.com/en-us/azure/aks/planned-maintenance#creating-a-maintenance-window
EOF
}
variable "maintenance_window_auto_upgrade_utc_offset" {
type = string
default = "+00:00"
description = <<-EOF
Example: "+00:00"
see https://learn.microsoft.com/en-us/azure/aks/planned-maintenance#creating-a-maintenance-window
EOF
}