diff options
Diffstat (limited to 'deployment/aks/create_aks.sh')
| -rwxr-xr-x | deployment/aks/create_aks.sh | 238 |
1 files changed, 238 insertions, 0 deletions
diff --git a/deployment/aks/create_aks.sh b/deployment/aks/create_aks.sh new file mode 100755 index 000000000..23f6ae341 --- /dev/null +++ b/deployment/aks/create_aks.sh @@ -0,0 +1,238 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +NO_PROMPT=0 +RANDOM_PREFIX="ONAP" +RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4` + +AKS_NAME= +AKS_RESOURCE_GROUP_NAME= +AKS_K8_VERSION= +LOCATION= +AKS_NODE_COUNT= +AKS_NODE_SIZE= +AKS_SERVICE_CIDR= +AKS_POD_CIDR= +AKS_DNS_IP= +AKS_NODE_CIDR= +AKS_NETWORK_NAME= +USER_PUBLIC_IP_PREFIX= +PUBLIC_KEY= +AKS_ADMIN_USER= + +function check_required_parameter() { + # arg1 = parameter + # arg2 = parameter name + if [ -z "$1" ]; then + echo "$2 was not was provided. This parameter is required." + exit 1 + fi +} + +function check_optional_paramater() { + # arg1 = parameter + # arg2 = default + if [ -z "$1" ]; then + echo "$2" + else + echo "$1" + fi +} + + +while test $# -gt 0; do + case "$1" in + -h|--help) + echo "./create_aks.sh [options]" + echo " " + echo " " + echo "required:" + echo "--user-public-ip public ip that will be granted access to AKS [required]" + echo "--admin-user admin user created on AKS nodes [required]" + echo "--public-key public key added for admin user [required]" + echo "-l, --location location to deploy AKS [required]" + echo " " + echo "additional options:" + echo "-f, --no-prompt executes with no prompt for confirmation" + echo "-h, --help provide brief overview of script" + echo "-n, --name AKS name [optional]" + echo "-g, --resource-group name of resource group that will be created [optional]" + echo "-s, --size azure flavor size for Kube nodes [optional]" + echo "-v, --kube-version version of Kubernetes for cluster [optional]" + echo "-c, --node-count number of nodes for cluster [optional]" + echo "--service-cidr cidr for Kuberenetes services [optional]." + echo "--dns-ip IP for Kuberenetes dns service [optional]. This should be from --service-cidr." + echo "--pod-cidr cidr for Kuberenetes pods [optional]." + echo "--node-cidr cidr for Kuberenetes nodes [optional]." + echo "--vnet-name name of Vnet to create for Kubernetes Cluster [optional]" + echo "" + exit 0 + ;; + -f|--no-prompt) + shift + NO_PROMPT=1 + ;; + -n|--name) + shift + AKS_NAME=$1 + shift + ;; + -g|--resource-group) + shift + AKS_RESOURCE_GROUP_NAME=$1 + shift + ;; + -s|--size) + shift + AKS_NODE_SIZE=$1 + shift + ;; + -l|--location) + shift + LOCATION=$1 + shift + ;; + -v|--kube-version) + shift + AKS_K8_VERSION=$1 + shift + ;; + -c|--node-count) + shift + AKS_NODE_COUNT=$1 + shift + ;; + --service-cidr) + shift + AKS_SERVICE_CIDR=$1 + shift + ;; + --dns-ip) + shift + AKS_DNS_IP=$1 + shift + ;; + --pod-cidr) + shift + AKS_POD_CIDR=$1 + shift + ;; + --node-cidr) + shift + AKS_NODE_CIDR=$1 + shift + ;; + --vnet-name) + shift + AKS_NETWORK_NAME=$1 + shift + ;; + --user-public-ip) + shift + USER_PUBLIC_IP_PREFIX=$1 + shift + ;; + --admin-user) + shift + AKS_ADMIN_USER=$1 + shift + ;; + --public-key) + shift + PUBLIC_KEY=$1 + shift + ;; + *) + echo "Unknown Argument $1. Try running with --help." + exit 0 + ;; + esac +done + +check_required_parameter "$LOCATION" "--location" +check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip" +check_required_parameter "$AKS_ADMIN_USER" "--admin-user" +check_required_parameter "$PUBLIC_KEY" "--public-key" + +AKS_RESOURCE_GROUP_NAME=$(check_optional_paramater "$AKS_RESOURCE_GROUP_NAME" $RANDOM_STRING"-AKSRG") +AKS_NAME=$(check_optional_paramater "$AKS_NAME" $RANDOM_STRING"-AKS") +AKS_NODE_SIZE=$(check_optional_paramater "$AKS_NODE_SIZE" "Standard_DS4_v2") +AKS_POD_CIDR=$(check_optional_paramater "$AKS_POD_CIDR" "168.1.0.0/16") +AKS_NODE_CIDR=$(check_optional_paramater "$AKS_NODE_CIDR" "169.1.0.0/16") +AKS_NETWORK_NAME=$(check_optional_paramater "$AKS_NETWORK_NAME" $RANDOM_STRING"-AKS-VNET") +AKS_SERVICE_CIDR=$(check_optional_paramater "$AKS_SERVICE_CIDR" "170.1.0.0/16") +AKS_DNS_IP=$(check_optional_paramater "$AKS_DNS_IP" "170.1.0.10") +AKS_K8_VERSION=$(check_optional_paramater "$AKS_K8_VERSION" "1.13.5") +AKS_NODE_COUNT=$(check_optional_paramater "$AKS_NODE_COUNT" "7") + +if [ $NO_PROMPT = 0 ]; then + read -p "Would you like to proceed? [y/n]" -n 1 -r + echo " " + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 0 + fi +fi + +set -x +set -e + +AKS_SUBNET_NAME=$AKS_NETWORK_NAME"-SUBNET" + +echo "Creating AKS Resource Group $AKS_RESOURCE_GROUP_NAME in $LOCATION" +$DIR/create_resource_group.sh "$AKS_RESOURCE_GROUP_NAME" "$LOCATION" + +az network vnet create --resource-group "$AKS_RESOURCE_GROUP_NAME" \ + --name "$AKS_NETWORK_NAME" \ + --address-prefix "$AKS_NODE_CIDR" \ + --subnet-name "$AKS_SUBNET_NAME" \ + --subnet-prefix "$AKS_NODE_CIDR" + +AKS_SUBNET_ID=`az network vnet show --resource-group ${AKS_RESOURCE_GROUP_NAME} --name ${AKS_NETWORK_NAME} --query "subnets | [0] | id" --output tsv` + +az aks create --name "$AKS_NAME" \ + --resource-group "$AKS_RESOURCE_GROUP_NAME" \ + --disable-rbac \ + --kubernetes-version "$AKS_K8_VERSION" \ + --location "$LOCATION" \ + --node-count "$AKS_NODE_COUNT" \ + --node-vm-size "$AKS_NODE_SIZE" \ + --service-cidr "$AKS_SERVICE_CIDR" \ + --pod-cidr "$AKS_POD_CIDR" \ + --network-plugin "kubenet" \ + --dns-service-ip "$AKS_DNS_IP" \ + --admin-username "$AKS_ADMIN_USER" \ + --ssh-key-value "$PUBLIC_KEY" \ + --vnet-subnet-id "$AKS_SUBNET_ID" +echo "" + +AKS_MANAGEMENT_RESOURCE_GROUP_NAME=`az group list --query "[?starts_with(name, 'MC_${AKS_RESOURCE_GROUP_NAME}')].name | [0]" --output tsv` +AKS_NSG_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | name" --output tsv` +AKS_NSG_ID=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | id" --output tsv` + +echo "Associating Security Group with AKS Subnet ${AKS_SUBNET_NAME}" +az network vnet subnet update --resource-group="$AKS_RESOURCE_GROUP_NAME" \ + --name "$AKS_SUBNET_NAME" \ + --vnet-name "$AKS_NETWORK_NAME" \ + --network-security-group "$AKS_NSG_ID" + +for ((i=0;i<$AKS_NODE_COUNT;i++)); do + NIC_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkInterfaces" --query "[$i] | name" --output tsv` + echo "Associating Security Group ${AKS_NSG_NAME} with AKS Node NIC ${NIC_NAME}" + az network nic update --resource-group "$AKS_MANAGEMENT_RESOURCE_GROUP_NAME" -n "$NIC_NAME" --network-security-group "$AKS_NSG_NAME" + echo "" +done + |