diff --git a/build/modules/aks/aks.tf b/build/modules/aks/aks.tf new file mode 100644 index 0000000000..14404b4cee --- /dev/null +++ b/build/modules/aks/aks.tf @@ -0,0 +1,106 @@ +# Copyright 2019 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +provider "azuread" { + version = "=0.1.0" +} + +# Create Service Principal password +resource "azuread_service_principal_password" "aks" { + end_date = "2299-12-30T23:00:00Z" # Forever + service_principal_id = "${azuread_service_principal.aks.id}" + value = "${random_string.password.result}" +} + +# Create Azure AD Application for Service Principal +resource "azuread_application" "aks" { + name = "agones-sp" +} + +# Create Service Principal +resource "azuread_service_principal" "aks" { + application_id = "${azuread_application.aks.application_id}" +} + +# Generate random string to be used for Service Principal Password +resource "random_string" "password" { + length = 32 + special = true +} + +resource "azurerm_resource_group" "test" { + name = "agonesRG" + location = "East US" +} + +resource "azurerm_kubernetes_cluster" "test" { + name = "${var.cluster_name}" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + dns_prefix = "agones" + // Version 1.11.8 has issues with RBAC on AKS + // So this parameter is commented out + //kubernetes_version = "1.11.8" + + + agent_pool_profile { + name = "default" + count = 2 + vm_size = "${var.machine_type}" + os_type = "Linux" + os_disk_size_gb = 30 + } + + service_principal { + client_id = "${azuread_application.aks.application_id}" + client_secret = "${azuread_service_principal_password.aks.value}" + } + tags = { + Environment = "Production" + } +} +resource "azurerm_network_security_group" "test" { + name = "agonesSecurityGroup" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" +} + +resource "azurerm_network_security_rule" "gameserver" { + name = "gameserver" + priority = 100 + direction = "Inbound" + access = "Allow" + protocol = "UDP" + source_port_range = "*" + destination_port_range = "7000-8000" + source_address_prefix = "*" + destination_address_prefix = "*" + resource_group_name = "${azurerm_resource_group.test.name}" + network_security_group_name = "${azurerm_network_security_group.test.name}" +} + + +resource "azurerm_network_security_rule" "outbound" { + name = "outbound" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "*" + source_address_prefix = "*" + destination_address_prefix = "*" + resource_group_name = "${azurerm_resource_group.test.name}" + network_security_group_name = "${azurerm_network_security_group.test.name}" +} \ No newline at end of file diff --git a/build/modules/aks/outputs.tf b/build/modules/aks/outputs.tf new file mode 100644 index 0000000000..38c3affcbd --- /dev/null +++ b/build/modules/aks/outputs.tf @@ -0,0 +1,34 @@ +# Copyright 2019 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +output "cluster_ca_certificate" { + value = "${base64decode(azurerm_kubernetes_cluster.test.kube_config.0.cluster_ca_certificate)}" +} + +output "client_certificate" { + value = "${azurerm_kubernetes_cluster.test.kube_config.0.client_certificate}" +} + +output "kube_config" { + value = "${azurerm_kubernetes_cluster.test.kube_config_raw}" +} + +output "host" { + value = "${azurerm_kubernetes_cluster.test.kube_config.0.host}" +} + +output "token" { + value = "${azurerm_kubernetes_cluster.test.kube_config.0.password}" +} + diff --git a/build/modules/aks/variables.tf b/build/modules/aks/variables.tf new file mode 100644 index 0000000000..854f90c14f --- /dev/null +++ b/build/modules/aks/variables.tf @@ -0,0 +1,21 @@ +# Copyright 2019 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +variable "machine_type" { + default = "Standard_D2_v2" +} + +variable "cluster_name" { + default="test-cluster" +} diff --git a/build/modules/gke/cluster.tf b/build/modules/gke/cluster.tf new file mode 100644 index 0000000000..64da59a1c1 --- /dev/null +++ b/build/modules/gke/cluster.tf @@ -0,0 +1,162 @@ +# Copyright 2019 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +provider "google-beta" { + version = "~> 2.4" + zone = "${lookup(var.cluster, "zone")}" +} + +/* +provider "google" { + version = "~> 2.4" +} +*/ + +data "google_client_config" "default" {} + +# echo command used for debugging purpose +# Run `terraform taint null_resource.test-setting-variables` before second execution +resource "null_resource" "test-setting-variables" { + provisioner "local-exec" { + command = "${"${format("echo Current variables set as following - name: %s, project: %s, machineType: %s, initialNodeCount: %s, zone: %s, legacyAbac: %s", + "${lookup(var.cluster, "name")}", "${lookup(var.cluster, "project")}", + "${lookup(var.cluster, "machineType")}", "${lookup(var.cluster, "initialNodeCount")}", + "${lookup(var.cluster, "zone")}", "${lookup(var.cluster, "legacyAbac")}")}"}" + } +} + + +locals { + username = "${var.password != "" ? var.username : ""}" +} + +# assert that password has correct length +# before creating the cluster to avoid +# unfinished configurations +resource "null_resource" "check-password-length" { + count = "${length(var.password) >= 16 || length(var.password) == 0 ? 0 : 1}" + "Password must be more than 16 chars in length" = true +} + +resource "google_container_cluster" "primary" { + name = "${lookup(var.cluster, "name")}" + location = "${lookup(var.cluster, "zone")}" + project = "${lookup(var.cluster, "project")}" + provider = "google-beta" + + # Setting an empty username and password explicitly disables basic auth + master_auth { + username = "${local.username}" + password = "${var.password}" + } + enable_legacy_abac = "${lookup(var.cluster, "legacyAbac")}" + + name = "default" + initial_node_count = "${lookup(var.cluster, "initialNodeCount")}" + node_config = { + machine_type = "${lookup(var.cluster, "machineType")}" + oauth_scopes = [ + "https://www.googleapis.com/auth/devstorage.read_only", + "https://www.googleapis.com/auth/logging.write", + "https://www.googleapis.com/auth/monitoring", + "https://www.googleapis.com/auth/service.management.readonly", + "https://www.googleapis.com/auth/servicecontrol", + "https://www.googleapis.com/auth/trace.append", + ] + + tags = ["game-server"] + timeouts = { + create = "30m" + update = "40m" + } + } +} + +resource "google_container_node_pool" "agones-system" { + name = "agones-system" + cluster = "${google_container_cluster.primary.name}" + location = "${google_container_cluster.primary.location}" + project = "${lookup(var.cluster, "project")}" + provider = "google-beta" + node_count = 1 + node_config = { + preemptible = true + machine_type = "n1-standard-4" + + oauth_scopes = [ + "https://www.googleapis.com/auth/devstorage.read_only", + "https://www.googleapis.com/auth/logging.write", + "https://www.googleapis.com/auth/monitoring", + "https://www.googleapis.com/auth/service.management.readonly", + "https://www.googleapis.com/auth/servicecontrol", + "https://www.googleapis.com/auth/trace.append", + ] + labels = { + "stable.agones.dev/agones-system" = "true" + } + taint = { + key = "stable.agones.dev/agones-system" + value = "true" + effect = "NO_EXECUTE" + } + } +} + +resource "google_container_node_pool" "agones-metrics" { + name = "agones-metrics" + cluster = "${google_container_cluster.primary.name}" + location = "${google_container_cluster.primary.location}" + project = "${lookup(var.cluster, "project")}" + provider = "google-beta" + node_count = 1 + node_config = { + preemptible = true + machine_type = "n1-standard-4" + + oauth_scopes = [ + "https://www.googleapis.com/auth/devstorage.read_only", + "https://www.googleapis.com/auth/logging.write", + "https://www.googleapis.com/auth/monitoring", + "https://www.googleapis.com/auth/service.management.readonly", + "https://www.googleapis.com/auth/servicecontrol", + "https://www.googleapis.com/auth/trace.append", + ] + labels = { + "stable.agones.dev/agones-metrics" = "true" + } + taint = { + key = "stable.agones.dev/agones-metrics" + value = "true" + effect = "NO_EXECUTE" + } + } +} + +resource "google_compute_firewall" "default" { + name = "game-server-firewall-firewall-${lookup(var.cluster, "name")}" + project = "${lookup(var.cluster, "project")}" + network = "${google_compute_network.default.name}" + + allow { + protocol = "udp" + ports = ["${var.ports}"] + } + + source_tags = ["game-server"] +} + +resource "google_compute_network" "default" { + project = "${lookup(var.cluster, "project")}" + name = "agones-network-${lookup(var.cluster, "name")}" +} \ No newline at end of file diff --git a/build/modules/gke/outputs.tf b/build/modules/gke/outputs.tf new file mode 100644 index 0000000000..ce1e098d88 --- /dev/null +++ b/build/modules/gke/outputs.tf @@ -0,0 +1,35 @@ +# Copyright 2019 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# The following outputs allow authentication and connectivity to the GKE Cluster +# by using certificate-based authentication. +output "client_certificate" { + value = "${google_container_cluster.primary.master_auth.0.client_certificate}" +} + +output "client_key" { + value = "${google_container_cluster.primary.master_auth.0.client_key}" +} + +output "cluster_ca_certificate" { + value = "${base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate)}" +} + +output "host" { + value = "https://${google_container_cluster.primary.endpoint}" +} + +output "token" { + value = "${data.google_client_config.default.access_token}" +} diff --git a/build/modules/gke/variables.tf b/build/modules/gke/variables.tf new file mode 100644 index 0000000000..3d90aaeb8f --- /dev/null +++ b/build/modules/gke/variables.tf @@ -0,0 +1,38 @@ +# Copyright 2019 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Password for the Kubernetes API. +# Could be defined using GKE_PASSWORD env variable +# or by setting `password="somepass"` string in build/terraform.tfvars +variable "password" {default = ""} +variable "username" {default = "admin"} + +# Ports can be overriden using tfvars file +variable "ports" {default="7000-8000"} + +# Set of GKE cluster parameters which defines its name, zone +# and primary node pool configuration. +# It is crucial to set valid ProjectID for "project". +variable "cluster" { + description = "Set of GKE cluster parameters." + type = "map" + default = { + "zone" = "us-west1-c" + "name" = "test-cluster" + "machineType" = "n1-standard-4" + "initialNodeCount" = "4" + "legacyAbac" = false + "project" = "agones" + } +} diff --git a/build/modules/helm/helm.tf b/build/modules/helm/helm.tf new file mode 100644 index 0000000000..21980343bd --- /dev/null +++ b/build/modules/helm/helm.tf @@ -0,0 +1,165 @@ +# Copyright 2019 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +resource "kubernetes_service_account" "tiller" { + metadata { + name = "tiller" + namespace = "kube-system" + } + automount_service_account_token = true +} + +resource "kubernetes_cluster_role_binding" "tiller" { + metadata { + name = "tiller" + } + + role_ref { + kind = "ClusterRole" + name = "cluster-admin" + api_group = "rbac.authorization.k8s.io" + } + + subject { + kind = "ServiceAccount" + name = "tiller" + + api_group = "" + namespace = "kube-system" + } + + depends_on = ["kubernetes_service_account.tiller"] +} + +provider "kubernetes" { + version = "~> 1.5" + load_config_file = false + host = "${var.host}" + token = "${var.token}" + cluster_ca_certificate = "${var.cluster_ca_certificate}" +} + +provider "helm" { + version = "~> 0.7" + + debug = true + install_tiller = true + service_account = "${kubernetes_service_account.tiller.metadata.0.name}" + tiller_image = "gcr.io/kubernetes-helm/tiller:v2.12.3" + + kubernetes { + load_config_file = false + host = "${var.host}" + token = "${var.token}" + cluster_ca_certificate = "${var.cluster_ca_certificate}" + } +} + +# In Terraform version 0.12 Interpolation would only evaluate one branch of a condition +# https://github.com/hashicorp/terraform/issues/15605 +# so we can remove this and change values in helm_release to: +# +# values = [ +# "${length(var.values_file) == 0 ? "" : file("${var.values_file}"))}" +# ] +data "null_data_source" "values_file" { + count = "${length(var.values_file) == 0 ? 0 : 1}" + inputs = { + "values" = "${file("${var.values_file}")}" + } +} + + +data "helm_repository" "agones" { + name = "agones" + url = "https://agones.dev/chart/stable" + + depends_on = ["kubernetes_cluster_role_binding.tiller"] +} + + +# TODO: remove - not needed in Terraform 0.12 +locals { + values = { + params = "${join("", data.null_data_source.values_file.*.outputs.values)}" + } + # Skip image tag if it is not needed + # for installing latest image it would use chart value + tag_name = "${var.agones_version != "" ? "agones.image.tag" : "skip"}" +} + +resource "helm_release" "agones" { + name = "agones" + force_update = "true" + repository = "${data.helm_repository.agones.metadata.0.name}" + chart = "${var.chart}" + timeout = 420 + + values = [ + # Switch in terraform 0.12 to: + # "${length(var.values_file) == 0 ? "" : file("${var.values_file}"))}" + "${length(var.values_file) == 0 ? "" : local.values["params"]}" + ] + + set { + name = "crds.CleanupOnDelete" + value = "${var.crd_cleanup}" + } + set { + name = "${local.tag_name}" + value = "${var.agones_version}" + } + set { + name = "agones.image.registry" + value = "${var.image_registry}" + } + set { + name = "agones.image.controller.pullPolicy" + value = "${var.pull_policy}" + } + set { + name = "agones.image.sdk.alwaysPull" + value = "${var.always_pull_sidecar}" + } + set { + name = "agones.image.controller.pullSecret" + value = "${var.image_pull_secret}" + } + set { + name = " agones.ping.http.serviceType" + value = "${var.ping_service_type}" + } + set { + name = "agones.ping.udp.serviceType" + value = "${var.ping_service_type}" + } + version = "${var.agones_version}" + namespace = "agones-system" + + depends_on = ["null_resource.helm_init", "kubernetes_cluster_role_binding.tiller"] +} + +provider "null" { + version = "~> 2.1" +} + +# Creates folder with repositories so that helm provider would not fail +resource "null_resource" "helm_init" { + triggers = { + always_run = "${timestamp()}" + } + provisioner "local-exec" { + command = "helm init --client-only" + } +} diff --git a/build/modules/helm/variables.tf b/build/modules/helm/variables.tf new file mode 100644 index 0000000000..4f28fc38ee --- /dev/null +++ b/build/modules/helm/variables.tf @@ -0,0 +1,56 @@ +# Copyright 2019 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#Helm variables + +variable "chart" { + default = "../../../install/helm/agones/" +} + +variable "agones_version" { + default = "" +} + +variable "host" {} + +variable "token" {} + +variable "cluster_ca_certificate" {} +/* + host = "${azurerm_kubernetes_cluster.test.kube_config.0.host}" + token = "${azurerm_kubernetes_cluster.test.kube_config.0.password}" + cluster_ca_certificate = "${base64decode(azurerm_kubernetes_cluster.test.kube_config.0.cluster_ca_certificate)}" +*/ +variable "crd_cleanup" { + default = "true" +} +variable "image_registry" { + default = "gcr.io/agones-images" +} +variable "pull_policy" { + default = "Always" +} +variable "always_pull_sidecar" { + default = "true" +} +variable "image_pull_secret" { + default = "" +} +variable "ping_service_type" { + default = "LoadBalancer" +} + +variable "values_file" { + default = "../../../install/helm/agones/values.yaml" +} \ No newline at end of file diff --git a/examples/terraform-submodules/aks/module.tf b/examples/terraform-submodules/aks/module.tf new file mode 100644 index 0000000000..1812fc74ea --- /dev/null +++ b/examples/terraform-submodules/aks/module.tf @@ -0,0 +1,55 @@ +// Copyright 2019 Google LLC All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + + +// Run: +// terraform apply [-var agones_version="0.9.0"] + +// Install latest version of agones +variable "agones_version" { + default="" +} +variable "cluster_name" { + default="test-cluster" +} + +variable "machine_type" {default = "Standard_D2_v2"} + +module "aks_cluster" { + source = "git::https://github.com/GoogleCloudPlatform/agones.git//build/modules/aks/?ref=master" + + machine_type = "${var.machine_type}" + cluster_name = "${var.cluster_name}" +} + +module "helm_agones" { + source = "git::https://github.com/GoogleCloudPlatform/agones.git//build/modules/helm/?ref=master" + + agones_version = "${var.agones_version}" + values_file="" + chart="agones" + host="${module.aks_cluster.host}" + token="${module.aks_cluster.token}" + cluster_ca_certificate="${module.aks_cluster.cluster_ca_certificate}" +} + +output "host" { + value = "${module.aks_cluster.host}" +} +output "token" { + value = "${module.aks_cluster.token}" +} +output "cluster_ca_certificate" { + value = "${module.aks_cluster.cluster_ca_certificate}" +} diff --git a/examples/terraform-submodules/gke-local/main.tf b/examples/terraform-submodules/gke-local/main.tf new file mode 100644 index 0000000000..6c9a1fd0ca --- /dev/null +++ b/examples/terraform-submodules/gke-local/main.tf @@ -0,0 +1,62 @@ +// Copyright 2019 Google LLC All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + + +// Run: +// terraform apply [-var agones_version="0.9.0"] + +// Install latest version of agones +variable "agones_version" { + default="" +} + +// Your GKE project name +variable "project" { + default="agones" +} +module "gke_cluster" { + + source = "../../../build/modules/gke" + + cluster = { + "project" = "${var.project}" + "zone" = "us-west1-c" + "name" = "test-cluster" + "machineType" = "n1-standard-4" + "initialNodeCount" = "4" + "legacyAbac" = false + } +} + +module "helm_agones" { + + source = "../../../build/modules/helm" + + agones_version = "${var.agones_version}" + values_file="" + chart="agones" + host="${module.gke_cluster.host}" + token="${module.gke_cluster.token}" + cluster_ca_certificate="${module.gke_cluster.cluster_ca_certificate}" +} + +output "host" { + value = "${module.gke_cluster.host}" +} +output "token" { + value = "${module.gke_cluster.token}" +} +output "cluster_ca_certificate" { + value = "${module.gke_cluster.cluster_ca_certificate}" +} diff --git a/examples/terraform-submodule/module.tf b/examples/terraform-submodules/gke/module.tf similarity index 100% rename from examples/terraform-submodule/module.tf rename to examples/terraform-submodules/gke/module.tf diff --git a/site/content/en/docs/Installation/terraform.md b/site/content/en/docs/Installation/terraform.md index 3cec872316..ed9be19bbd 100644 --- a/site/content/en/docs/Installation/terraform.md +++ b/site/content/en/docs/Installation/terraform.md @@ -1,5 +1,5 @@ --- -title: "Deploy GKE cluster and install Agones using Terraform" +title: "Deploy GKE/AKS cluster and install Agones using Terraform" linkTitle: "Install with Terraform" weight: 4 description: > @@ -11,14 +11,17 @@ description: > - Terraform v0.11.13 - [Helm](https://docs.helm.sh/helm/) package manager 2.10.0+ -- Access to Google Cloud Kubernetes Engine -- `gcloud` utility installed +- Access to the the Kubernetes hosting provider you are using (e.g. `gcloud` or `az` utility installed) - Git -## Installing the Agones as Terraform submodule +# Installing the Agones as Terraform submodule on Google Kubernetes Engine You can use Terraform to provision your GKE cluster and install agones on it using Helm Terraform provider. +First step would be to enable `Kubernetes Engine API`. From the Cloud Console, navigate to APIs & Services > Dashboard, then click `Enable APIs and Services`. Type `kubernetes` in the search box, and you should find the Kubernetes Engine API. Click Enable. + +Install `gcloud` utility by following [these instructions](https://cloud.google.com/sdk/install). + GKE cluster would contain 3 Node Pools: - Primary Node Pool with `"game-server"` tag, containing 4 nodes. - `"agones-system"` node pool for Agones Controller. @@ -31,7 +34,7 @@ By default you will receive the latest version from [Helm repository](https://ag ## Example and parameters which is configurable The example of submodule configuration could be found here: - {{< ghlink href="examples/terraform-submodule/module.tf" >}}Terraform configuration with Agones submodule{{< /ghlink >}} + {{< ghlink href="examples/terraform-submodules/gke/module.tf" >}}Terraform configuration with Agones submodule{{< /ghlink >}} Configurable parameters and their meaning: - password - if not specified basic Auth would be disabled in GKE cluster @@ -70,7 +73,7 @@ Fetching cluster endpoint and auth data. kubeconfig entry generated for test-cluster. ``` -Check that your has access to kubernetes cluster: +Check that you have access to kubernetes cluster: ``` kubectl get nodes ``` @@ -83,3 +86,49 @@ Run next command to delete all Terraform provisioned resources: ``` terraform destroy ``` + +# Installing the Agones as Terraform submodule on Azure Kubernetes Service + +You can deploy Kubernetes cluster on Azure Kubernetes Service and install Agones using terraform. + +Install `az` utility by following [these instructions](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest). + +The example of AKS submodule configuration could be found here: + {{< ghlink href="examples/terraform-submodules/aks/module.tf" >}}Terraform configuration with Agones submodule{{< /ghlink >}} + +Copy `module.tf` file into a separate folder. + +Login to Azure CLI: +``` +az login +``` + +Configure your terraform: +``` +terraform init +``` + +Now you can deploy your cluster (use variables from the above `az ad sp create-for-rbac` command output): +``` +terraform apply -var client_id="" -var client_secret="" +``` + +Once you created all resources on AKS you can get the credentials so that you can use `kubectl` to configure your cluster: +``` +az aks get-credentials --resource-group agonesRG --name agones +``` + +Check that you have access to kubernetes cluster: +``` +kubectl get nodes +``` + +## Uninstall the Agones and delete AKS cluster + +Run next command to delete all Terraform provisioned resources: +``` +terraform destroy +``` + +## Reference +Details on how you can authenticate your AKS terraform provider using official [instructions](https://www.terraform.io/docs/providers/azurerm/auth/service_principal_client_secret.html) \ No newline at end of file