breakthrough

Author: Noah Ispas

.gitignore

@@ -0,0 +1,72 @@
+lib-cov
+*.seed
+*.log
+*.csv
+*.dat
+*.out
+*.pid
+*.gz
+*.swp
+
+pids
+logs
+results
+tmp
+
+# Build
+public/css/main.css
+
+# Coverage reports
+coverage
+
+# API keys and secrets
+.env
+
+# Dependency directory
+node_modules
+bower_components
+
+# Editors
+.idea
+*.iml
+
+# OS metadata
+.DS_Store
+Thumbs.db
+
+# Ignore built ts files
+dist/**/*
+
+# ignore yarn.lock
+yarn.lock
+
+/.pulumi/
+/.vscode/
+/.vs/
+bin/
+build/
+node_modules/
+*.pyc
+.Python
+venv/
+include/
+lib/
+yarn.lock
+package-lock.json
+Pulumi.*.yaml
+.idea/
+.ionide/
+*.iml
+key.rsa*
+obj/
+vendor
+Gopkg.lock
+
+**/ci-scripts
+
+# Java app
+.gradle/
+.settings/
+.project
+.classpath
+kubeconfig.yaml

infra/.gitignore

@@ -0,0 +1,2 @@
+/bin/
+/node_modules/

infra/Pulumi.yaml

@@ -0,0 +1,3 @@
+name: azure-aks-typescript
+runtime: nodejs
+description: A minimal Azure Native TypeScript Pulumi program

infra/index.ts

@@ -0,0 +1,79 @@
+// Copyright 2016-2020, Pulumi Corporation.  All rights reserved.
+import * as azuread from "@pulumi/azuread";
+import * as pulumi from "@pulumi/pulumi";
+import * as random from "@pulumi/random";
+import * as tls from "@pulumi/tls";
+
+import * as containerservice from "@pulumi/azure-native/containerservice";
+import * as resources from "@pulumi/azure-native/resources";
+
+const resourceGroup = new resources.ResourceGroup("azure-go-aks");
+
+// Create an AD service principal
+const adApp = new azuread.Application("aks", {
+    displayName: "aks",
+});
+const adSp = new azuread.ServicePrincipal("aksSp", {
+    applicationId: adApp.applicationId,
+});
+
+const password = new random.RandomPassword("password", {
+    length: 20,
+    special: true,
+});
+
+// Create the Service Principal Password
+const adSpPassword = new azuread.ServicePrincipalPassword("aksSpPassword", {
+    servicePrincipalId: adSp.id,
+    value: password.result,
+    endDate: "2099-01-01T00:00:00Z",
+});
+
+// Generate an SSH key
+const sshKey = new tls.PrivateKey("ssh-key", {
+    algorithm: "RSA",
+    rsaBits: 4096,
+});
+
+const config = new pulumi.Config();
+const managedClusterName = config.get("managedClusterName") || "azure-aks";
+const cluster = new containerservice.ManagedCluster(managedClusterName, {
+    resourceGroupName: resourceGroup.name,
+    agentPoolProfiles: [{
+        count: 1,
+        maxPods: 110,
+        mode: "System",
+        name: "agentpool",
+        nodeLabels: {},
+        osDiskSizeGB: 20,
+        osType: "Linux",
+        type: "VirtualMachineScaleSets",
+        vmSize: "Standard_B2s",
+    }],
+    dnsPrefix: resourceGroup.name,
+    enableRBAC: true,
+    kubernetesVersion: "1.20.7",
+    linuxProfile: {
+        adminUsername: "testuser",
+        ssh: {
+            publicKeys: [{
+                keyData: sshKey.publicKeyOpenssh,
+            }],
+        },
+    },
+    nodeResourceGroup: `MC_azure-go_${managedClusterName}`,
+    servicePrincipalProfile: {
+        clientId: adApp.applicationId,
+        secret: adSpPassword.value,
+    },
+});
+
+const creds = pulumi.all([cluster.name, resourceGroup.name]).apply(([clusterName, rgName]) => {
+    return containerservice.listManagedClusterUserCredentials({
+        resourceGroupName: rgName,
+        resourceName: clusterName,
+    });
+});
+
+const encoded = creds.kubeconfigs[0].value;
+export const kubeconfig = encoded.apply(enc => Buffer.from(enc, "base64").toString());

infra/package.json

@@ -0,0 +1,13 @@
+{
+    "name": "azure-aks-typescript",
+    "devDependencies": {
+        "@pulumi/azuread": "^4.3.0",
+        "@pulumi/random": "^4.2.0",
+        "@pulumi/tls": "^4.0.0",
+        "@types/node": "^10.0.0"
+    },
+    "dependencies": {
+        "@pulumi/pulumi": "^3.0.0",
+        "@pulumi/azure-native": "^1.0.0"
+    }
+}

infra/tsconfig.json

@@ -0,0 +1,18 @@
+{
+    "compilerOptions": {
+        "strict": true,
+        "outDir": "bin",
+        "target": "es2016",
+        "module": "commonjs",
+        "moduleResolution": "node",
+        "sourceMap": true,
+        "experimentalDecorators": true,
+        "pretty": true,
+        "noFallthroughCasesInSwitch": true,
+        "noImplicitReturns": true,
+        "forceConsistentCasingInFileNames": true
+    },
+    "files": [
+        "index.ts"
+    ]
+}

readme.md

@@ -0,0 +1,24 @@
+# Pulumi AKS Typescript
+
+This repo contains a walkthrough for getting started with [Pulumi](https://www.pulumi.com) on Azure, creating a Kubernetes cluster (aka AKS) utilizing TypeScript.
+
+Pulumi is a Infrastructure As Code Framework, that allows to build, deploy and manage modern cloud applications and infrastructure using familiar languages.  
+
+## Prerequisites
+* [Install Pulumi](https://www.pulumi.com/docs/get-started/install/)
+* [Signup to Pulumi](https://app.pulumi.com/signup)
+* Install [Node.js](https://nodejs.org/en/download/)
+* Install [TypeScript](https://www.typescriptlang.org/download)
+* Install [Azure CLI](https://docs.microsoft.com/de-de/cli/azure/install-azure-cli) and login using `az login`
+
+## Deploy stack
+* `pulumi login`
+* `cd infra && pulumi up`
+
+## Connect to k8s 
+* `pulumi stack output kubeconfig --show-secrets > kubeconfig.yaml`
+* `export KUBECONFIG=./kubeconfig.yaml`
+
+
+## Destroy stack
+* `pulumi destroy`