Created
November 13, 2018 13:38
-
-
Save MattMencel/af36b6a5c48cd7944bfbc77e975bbd90 to your computer and use it in GitHub Desktop.
Cluster Autoscaler ADO Build Pipeline
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resources: | |
| - repo: self | |
| queue: | |
| name: Hosted Windows Container | |
| steps: | |
| - task: AzureKeyVault@1 | |
| displayName: 'Azure Key Vault: MYKEYVAULT' | |
| inputs: | |
| azureSubscription: 'My Sub' | |
| KeyVaultName: MYKEYVAULT | |
| SecretsFilter: 'CLIENT-ID,CLIENT-SECRET' | |
| - script: | | |
| clientid=$(echo -ne "$(CLIENT-ID)" | base64) | |
| clientsecret=$(echo -ne "$(CLIENT-SECRET)" | base64) | |
| cat << EOT > aks-cluster-autoscaler-secret.yaml | |
| apiVersion: v1 | |
| kind: Secret | |
| metadata: | |
| name: cluster-autoscaler-azure | |
| namespace: kube-system | |
| data: | |
| ClientID: $client_id | |
| ClientSecret: $client_secret | |
| ResourceGroup: $(resource_group_base64) | |
| SubscriptionID: $(subscription_id_base64) | |
| TenantID: $(tenant_id_base64) | |
| VMType: QUtTCg== | |
| ClusterName: $(cluster_name_base64) | |
| NodeResourceGroup: $(node_resource_group_base64) | |
| EOT | |
| cat aks-cluster-autoscaler-secret.yaml | |
| displayName: 'Create aks-cluster-autoscaler-secret.yaml' | |
| - script: | | |
| cat <<EOT > aks-cluster-autoscaler.yaml | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| labels: | |
| k8s-addon: cluster-autoscaler.addons.k8s.io | |
| k8s-app: cluster-autoscaler | |
| name: cluster-autoscaler | |
| namespace: kube-system | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: cluster-autoscaler | |
| labels: | |
| k8s-addon: cluster-autoscaler.addons.k8s.io | |
| k8s-app: cluster-autoscaler | |
| rules: | |
| - apiGroups: [""] | |
| resources: ["events","endpoints"] | |
| verbs: ["create", "patch"] | |
| - apiGroups: [""] | |
| resources: ["pods/eviction"] | |
| verbs: ["create"] | |
| - apiGroups: [""] | |
| resources: ["pods/status"] | |
| verbs: ["update"] | |
| - apiGroups: [""] | |
| resources: ["endpoints"] | |
| resourceNames: ["cluster-autoscaler"] | |
| verbs: ["get","update"] | |
| - apiGroups: [""] | |
| resources: ["nodes"] | |
| verbs: ["watch","list","get","update"] | |
| - apiGroups: [""] | |
| resources: ["pods","services","replicationcontrollers","persistentvolumeclaims","persistentvolumes"] | |
| verbs: ["watch","list","get"] | |
| - apiGroups: ["extensions"] | |
| resources: ["replicasets","daemonsets"] | |
| verbs: ["watch","list","get"] | |
| - apiGroups: ["policy"] | |
| resources: ["poddisruptionbudgets"] | |
| verbs: ["watch","list"] | |
| - apiGroups: ["apps"] | |
| resources: ["statefulsets"] | |
| verbs: ["watch","list","get"] | |
| - apiGroups: ["storage.k8s.io"] | |
| resources: ["storageclasses"] | |
| verbs: ["get", "list", "watch"] | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: Role | |
| metadata: | |
| name: cluster-autoscaler | |
| namespace: kube-system | |
| labels: | |
| k8s-addon: cluster-autoscaler.addons.k8s.io | |
| k8s-app: cluster-autoscaler | |
| rules: | |
| - apiGroups: [""] | |
| resources: ["configmaps"] | |
| verbs: ["create"] | |
| - apiGroups: [""] | |
| resources: ["configmaps"] | |
| resourceNames: ["cluster-autoscaler-status"] | |
| verbs: ["delete","get","update"] | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: cluster-autoscaler | |
| labels: | |
| k8s-addon: cluster-autoscaler.addons.k8s.io | |
| k8s-app: cluster-autoscaler | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: cluster-autoscaler | |
| subjects: | |
| - kind: ServiceAccount | |
| name: cluster-autoscaler | |
| namespace: kube-system | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: RoleBinding | |
| metadata: | |
| name: cluster-autoscaler | |
| namespace: kube-system | |
| labels: | |
| k8s-addon: cluster-autoscaler.addons.k8s.io | |
| k8s-app: cluster-autoscaler | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: Role | |
| name: cluster-autoscaler | |
| subjects: | |
| - kind: ServiceAccount | |
| name: cluster-autoscaler | |
| namespace: kube-system | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: cluster-autoscaler | |
| name: cluster-autoscaler | |
| namespace: kube-system | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: cluster-autoscaler | |
| template: | |
| metadata: | |
| labels: | |
| app: cluster-autoscaler | |
| spec: | |
| serviceAccountName: cluster-autoscaler | |
| containers: | |
| - image: gcr.io/google-containers/cluster-autoscaler:v1.2.2 | |
| imagePullPolicy: Always | |
| name: cluster-autoscaler | |
| resources: | |
| limits: | |
| cpu: 100m | |
| memory: 300Mi | |
| requests: | |
| cpu: 100m | |
| memory: 300Mi | |
| command: | |
| - ./cluster-autoscaler | |
| - --v=3 | |
| - --logtostderr=true | |
| - --cloud-provider=azure | |
| - --skip-nodes-with-local-storage=false | |
| - --nodes=1:3:default | |
| env: | |
| - name: ARM_SUBSCRIPTION_ID | |
| valueFrom: | |
| secretKeyRef: | |
| key: SubscriptionID | |
| name: cluster-autoscaler-azure | |
| - name: ARM_RESOURCE_GROUP | |
| valueFrom: | |
| secretKeyRef: | |
| key: ResourceGroup | |
| name: cluster-autoscaler-azure | |
| - name: ARM_TENANT_ID | |
| valueFrom: | |
| secretKeyRef: | |
| key: TenantID | |
| name: cluster-autoscaler-azure | |
| - name: ARM_CLIENT_ID | |
| valueFrom: | |
| secretKeyRef: | |
| key: ClientID | |
| name: cluster-autoscaler-azure | |
| - name: ARM_CLIENT_SECRET | |
| valueFrom: | |
| secretKeyRef: | |
| key: ClientSecret | |
| name: cluster-autoscaler-azure | |
| - name: ARM_VM_TYPE | |
| valueFrom: | |
| secretKeyRef: | |
| key: VMType | |
| name: cluster-autoscaler-azure | |
| - name: AZURE_CLUSTER_NAME | |
| valueFrom: | |
| secretKeyRef: | |
| key: ClusterName | |
| name: cluster-autoscaler-azure | |
| - name: AZURE_NODE_RESOURCE_GROUP | |
| valueFrom: | |
| secretKeyRef: | |
| key: NodeResourceGroup | |
| name: cluster-autoscaler-azure | |
| restartPolicy: Always | |
| EOT | |
| cat aks-cluster-autoscaler.yaml | |
| displayName: 'Create aks-cluster-autoscaler.yaml' | |
| - task: Kubernetes@1 | |
| displayName: 'kubectl apply aks-cluster-autoscaler-secret.yaml' | |
| inputs: | |
| azureSubscriptionEndpoint: 'My Team' | |
| azureResourceGroup: MY_AKS_RG | |
| kubernetesCluster: MY_AKS_CLUSTER | |
| useConfigurationFile: true | |
| configuration: 'aks-cluster-autoscaler-secret.yaml' | |
| - task: Kubernetes@1 | |
| displayName: 'kubectl apply aks-cluster-autoscaler.yaml' | |
| inputs: | |
| azureSubscriptionEndpoint: 'My Team' | |
| azureResourceGroup: MY_AKS_RG | |
| kubernetesCluster: MY_AKS_CLUSTER | |
| useConfigurationFile: true | |
| configuration: 'aks-cluster-autoscaler.yaml' | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment