Wednesday, September 15, 2021

How to create AKS cluster using Terraform | Create Kubernetes Cluster using Terraform

 How to create AKS cluster using Terraform | Create Kubernetes Cluster using Terraform

What is Azure Kubernetes Service (AKS)

Azure Kubernetes Service (AKS) is a managed container orchestration service, based on the open source Kubernetes system, which is available on the Microsoft Azure public cloud. AKS allows you to quickly deploy a production ready Kubernetes cluster in Azure, deploy and manage containerized applications more easily with a fully managed Kubernetes service. We will see how to create AKS cluster in Azure cloud using Terraform.

AKS cluster can be created by many ways as mentioned below:

1. Create AKS cluster in Azure portal directly

2. Create AKS cluster using Azure CLI

3. Create AKS cluster using Terraform. 

Creating an AKS resource with Terraform is incredibly easy, it only requires a single resource azurerm_kubernetes_cluster and in this post, we are going to walk through the necessary steps to create this with Terraform. We will create ACR and create a role with ACRpull assignment as well

Pre-requistes:

Login to Azure using credentials

Make sure you are login to Azure portal first.

az login

Choose your Microsoft credentials. 

Let's create following tf files using Visual studio Code:

1. Variables.tf - where we will define the variables used in main.tf
2. terraform.tfvars - Declare the values for the variables
3. providers.tf - declare the providers with version
4. main.tf - main configuration file with all the resources which will be created
5. output.tf - Export some data to output file

create providers.tf
provider "azurerm" {
  features {}
}

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "2.39.0"
    }
  }
}

create variables.tf

variable "resource_group_name" {
  type        = string
  description = "RG name in Azure"
}
variable "location" {
  type        = string
  description = "Resources location in Azure"
}
variable "cluster_name" {
  type        = string
  description = "AKS name in Azure"
}
variable "kubernetes_version" {
  type        = string
  description = "Kubernetes version"
}
variable "system_node_count" {
  type        = number
  description = "Number of AKS worker nodes"
}
variable "acr_name" {
  type        = string
  description = "ACR name"
}

create terraform.tfvars
resource_group_name = "aks_tf_rg"
location            = "CentralUS"
cluster_name        = "devops-coach-aks"
kubernetes_version  = "1.19.13"
system_node_count   = 2
acr_name            = "myacr3210"

create main.tf
#In Azure, all infrastructure elements such as virtual machines, storage, and our Kubernetes cluster need to be attached to a resource group.

resource "azurerm_resource_group" "aks-rg" {
  name     = var.resource_group_name
  location = var.location
}

resource "azurerm_role_assignment" "role_acrpull" {
  scope                            = azurerm_container_registry.acr.id
  role_definition_name             = "AcrPull"
  principal_id                     = azurerm_kubernetes_cluster.aks.kubelet_identity.0.object_id
  skip_service_principal_aad_check = true
}

resource "azurerm_container_registry" "acr" {
  name                = var.acr_name
  resource_group_name = azurerm_resource_group.aks-rg.name
  location            = var.location
  sku                 = "Standard"
  admin_enabled       = false
}

resource "azurerm_kubernetes_cluster" "aks" {
  name                = var.cluster_name
  kubernetes_version  = var.kubernetes_version
  location            = var.location
  resource_group_name = azurerm_resource_group.aks-rg.name
  dns_prefix          = var.cluster_name

  default_node_pool {
    name                = "system"
    node_count          = var.system_node_count
    vm_size             = "Standard_DS2_v2"
    type                = "VirtualMachineScaleSets"
    availability_zones  = [1, 2, 3]
    enable_auto_scaling = false
  }

  identity {
    type = "SystemAssigned"
  }

  network_profile {
    load_balancer_sku = "Standard"
    network_plugin    = "kubenet" 
  }
}

create output.tf
output "aks_id" {
  value = azurerm_kubernetes_cluster.aks.id
}

output "aks_fqdn" {
  value = azurerm_kubernetes_cluster.aks.fqdn
}

output "aks_node_rg" {
  value = azurerm_kubernetes_cluster.aks.node_resource_group
}

output "acr_id" {
  value = azurerm_container_registry.acr.id
}

output "acr_login_server" {
  value = azurerm_container_registry.acr.login_server
}

resource "local_file" "kubeconfig" {
  depends_on   = [azurerm_kubernetes_cluster.aks]
  filename     = "kubeconfig"
  content      = azurerm_kubernetes_cluster.aks.kube_config_raw
}

Run terraform commands

terraform init


terraform plan


terraform apply

and type yes

You will see following resources are created:



Move the generated Kubeconfig file to ~/.kube/config
mv kubeconfig ~/.kube/config

To verify if worker nodes are created, use the kubectl get nodes command to return a list of the cluster nodes.

kubectl get nodes

 
You will see worker nodes with health status ready.

Let's deploy some apps into AKS cluster. 

Deploy Nginx App

kubectl create -f https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/controllers/nginx-deployment.yaml

Once the deployment is created, use kubectl to check on the deployments by running this command: 

kubectl get deployments




To see the list of pods

kubectl get pods


Perform cleanup by deleting the AKS cluster

To avoid Azure charges, you should clean up unneeded resources. When the cluster is no longer needed, use terraform destroy command to remove the resource group, AKS cluster service, and all related resources. 

terraform destroy --auto-approve

Watch this step on YouTube channel:

Thursday, September 9, 2021

How to install Terraform on Red Hat Linux | TerraForm Installation on Red Hat Linux

 Terraform is an infrastructure as a code tool used for provisioning infrastructure on most of the cloud platforms. 

  • Open source
  • Can setup entire infrastructure by writing Terraform scripts/templates. 
  • Based on declarative model
  • Uses Hashi Corp Language(HCL) which is JSON format

You can watch this on YouTube channel:

Please find steps for installing Terraform On Enterprise Red Hat Linux.

Create a working directory
sudo mkdir -p /opt/terraform
cd /opt/terraform

Install wget utility
sudo yum install wget -y

Download Terraform from Hasicorp website
sudo wget https://releases.hashicorp.com/terraform/1.0.5/terraform_1.0.5_linux_amd64.zip

Install unzip utility
sudo yum install unzip -y

Unzip Terraform Zip file
sudo unzip terraform_1.0.5_linux_amd64.zip

Add terraform to PATH
sudo mv /opt/terraform/terraform /usr/bin/

terraform -version

Terraform v1.0.5
on linux_amd64

this should show version of Terraform.

Thursday, August 19, 2021

stderr: remote: Support for password authentication was removed on August 13, 2021. Please use a personal access token instead | Fix for this issue

 

Support for password authentication was removed on August 13, 2021

How to Fix for the above error:GitHub removed password authentication support from August 13, 2021 instead it recommends to use either OAuth or Personal Access Token.

Create Personal Access Token in GitHub

Go to GitHub.com--> Settings

Go to Developer Settings 
Go to Personal Access tokens --> Generate new token
Enter name for the token, choose no expiration if you don't want your token to expire.


Select repo and click generate token

Now copy the token and use this as password.

Saturday, July 31, 2021

AWS and Azure Cloud and DevOps Coaching Online Classes - Oct 2021 Schedule

DevOps Coaching Schedules - Oct 2021

Date Time Type When?
Oct 19th 6:00 to 7:45 PM CST Weekdays Tues/Thursday
Oct 23rd 11:35 AM to 01:15 PM CST on Saturdays
         &
02:00 PM to 4 pm CST on Sundays
Weekends Sat/Sun

DevOps Training highlights:

- Comprehensive hands on knowledge on Git, Jenkins, TeamCity, Maven, SonarQube, Nexus, Terraform, Ansible, Puppet, Docker on AWS and Azure.

- 21+ yrs IT exp, 5+ Yrs in DevOps/Cloud/Automation.

- Many students already placed in reputed companies from my coaching program successfully.

- Working as a Sr.DevOps Coach/Architect in a one of the top IT services companies in USA.

- Unique program...less theory, more hands on lab exercises...in Person class room training

Resume preparation will be done with candidates personally.

One-to-one Interview coaching.

- Coaching is purely hands on with 101% job relevant.

100% Job assistance.

- Coached about  940+ people successfully for past three years and many of my students got placed with many large enterprises in DFW, Chicago, Florida, Seattle, Bay area, Ohio and NY areas..

Contact no: 469-733-5248
Email - devops.coaching@gmail.com
Contact: AK

Click here to learn more about Coaching model.

Thursday, July 8, 2021

Ansible Vs Terraform - What is the difference between Ansible and Terraform - Ansible Vs Terraform

This is one of the common DevOps interview questions. What is the difference between Ansible and Terraform? When will you choose Ansible over Terraform?


Factor Ansible Terraform
Type Configuration mgmt
Provisioning
Infrastructure mutable Immutable
Language Procedural Declarative
Written in Python Go
Architecture client only
client only
State Management
No    
Yes
Cloud
All    
All
Syntax YAML
JSON
UI/CLI Has both UI(Ansible Tower) and CLI
only CLI based

Thursday, July 1, 2021

Jenkins Terraform Integration | How do you integrate Terraform with Jenkins | Automate Infrastructure setup using Terraform and Jenkins

We will be learning how to execute Terraform scripts automatically using Jenkins pipeline. We will create EC2 instance using Terraform and Jenkins in AWS cloud.



Pre-requistes:
  • Jenkins is up and running
  • Terraform is installed in Jenkins
  • Terraform files already created in your SCM.
I have provided my public repo as an example which you can use.

Create IAM role to provision EC2 instance in AWS 



Select AWS service, EC2, Click on Next Permissions


Type EC2 and choose AmazonEC2FullAccess as policy


Click on Next tags, Next Review
give some role name and click on Create role.



Assign IAM role to EC2 instance

Go back to Jenkins EC2 instance, click on EC2 instance, Security, Modify IAM role


Type your IAM role name my-ec2-terraform-role and Save to attach that role to EC2 instance.



Create Jenkins Pipeline 

Add parameters to the pipeline

Click checkbox - This project is parameterized, choose Choice Parameter


Add name as action
type apply and enter and type destroy as choices as it is shown below


Go to Pipeline section

Add below pipeline code

pipeline {
    agent any

    stages {
        stage('Checkout') {
            steps {
            checkout([$class: 'GitSCM', branches: [[name: '*/main']], extensions: [], userRemoteConfigs: [[url: 'https://github.com/mydevopscoach/my-tf-iac-aws-repo']]])            

          }
        }
        
        stage ("terraform init") {
            steps {
                sh ('terraform init') 
            }
        }
        
        stage ("terraform Action") {
            steps {
                echo "Terraform action is --> ${action}"
                sh ('terraform ${action} --auto-approve') 
           }
        }
        
    }
}

Click on Build with Parameters and choose apply to build the infrastructure or choose destroy if you like to destroy the infrastructure you have built. 



Click on Build
Now you should see the console output if you choose apply.


Pipeline will look like below:


Login to AWS console, you should see the new EC2 instance created.




Wednesday, June 30, 2021

How to Integrate Jenkins and GitHub using SSH keys? | Jenkins and GitHub Integration

We will see how to connect to GitHub from Jenkins using SSH keys instead of using user name and password. It is also a good practice to use SSH keys in Jenkins jobs instead of using user name and password.


Watch the steps in YouTube channel:

Pre-requistes:

  • Jenkins is up and running
  • Credentials plug-in installed in Jenkins

Create SSH keys in your Jenkins EC2 instance

ssh-keygen

enter four times. this will create keys in .ssh folder.

Copy and paste the public key
sudo cat ~/.ssh/id_rsa.pub

Add public Keys into your respective GitHub

Add public keys into your Repository--> settings--> Deploy keys section




Click on Add Deploy Key and enter public keys and save.

Add Private Keys in Jenkins Master
Login Jenkins. Go to Manage Jenkins. click on Credentials



Click on Jenkins


Click on Global Credentials



Click on Add Credentials


Choose SSH username with private key






Choose SSH username with private key
username can be anything
Click on enter directly under private key option and Click Add


Copy and paste private key(not public key) of your from Jenkins instance. command is below:
sudo cat ~/.ssh/id_rsa

copy the content of whole output from above command.
Click OK to save.

Now go to any Jenkins Job, you can choose this option for checking out from GitHub. Make sure you enter SSH url not https url.




That's it. This is how you use SSH url and private keys to checkout code from bitbucket or Github without entering username/password in Jenkins.