Last active
August 18, 2022 23:04
-
-
Save vfarcic/2e67c67a36a2e782422ebefb4a0a2612 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source: https://gist.github.com/2e67c67a36a2e782422ebefb4a0a2612 | |
| ############################################################################ | |
| # How To Use Terrajet Providers With 100% Coverage for AWS, GCP, And Azure # | |
| # https://youtu.be/QSwF3Y4ViKQ # | |
| ############################################################################ | |
| # Additional Info: | |
| # - Terrajet: https://github.com/crossplane/terrajet | |
| # - How To Shift Left Infrastructure Management Using Crossplane Compositions: https://youtu.be/AtbS1u2j7po | |
| # - Crossplane - GitOps-based Infrastructure as Code through Kubernetes API: https://youtu.be/n8KjVmuHm7A | |
| ######### | |
| # Setup # | |
| ######### | |
| git clone https://github.com/vfarcic/devops-toolkit-crossplane | |
| cd devops-toolkit-crossplane | |
| # Create a Kubernetes cluster | |
| kubectl create namespace crossplane-system | |
| ############### | |
| # Setup Azure # | |
| ############### | |
| az ad sp create-for-rbac \ | |
| --sdk-auth \ | |
| --role Owner \ | |
| | tee azure-creds.json | |
| export AZURE_CLIENT_ID=$(\ | |
| cat azure-creds.json \ | |
| | grep clientId \ | |
| | cut -c 16-51) | |
| export AAD_GRAPH_API=00000003-0000-0000-c000-000000000000 | |
| az ad app permission add \ | |
| --id "${AZURE_CLIENT_ID}" \ | |
| --api ${AAD_GRAPH_API} \ | |
| --api-permissions \ | |
| e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope \ | |
| 06da0dbc-49e2-44d2-8312-53f166ab848a=Scope \ | |
| 7ab1d382-f21e-4acd-a863-ba3e13f7da61=Role | |
| az ad app permission grant \ | |
| --id $AZURE_CLIENT_ID \ | |
| --api $AAD_GRAPH_API \ | |
| --expires never | |
| az ad app permission admin-consent \ | |
| --id "${AZURE_CLIENT_ID}" | |
| kubectl --namespace crossplane-system \ | |
| create secret generic azure-creds \ | |
| --from-file creds=./azure-creds.json | |
| #################### | |
| # Setup Crossplane # | |
| #################### | |
| helm repo add crossplane-stable \ | |
| https://charts.crossplane.io/stable | |
| helm repo update | |
| helm upgrade --install \ | |
| crossplane crossplane-stable/crossplane \ | |
| --namespace crossplane-system \ | |
| --create-namespace \ | |
| --wait | |
| kubectl apply \ | |
| --filename crossplane-config/provider-azure.yaml | |
| kubectl apply \ | |
| --filename crossplane-config/provider-kubernetes.yaml | |
| kubectl apply \ | |
| --filename crossplane-config/provider-config-azure.yaml | |
| # Please re-run the previous command if the output is `unable to recognize ...` | |
| kubectl apply \ | |
| --filename crossplane-config/config-k8s.yaml | |
| kubectl get pkgrev | |
| # Wait until all the packages are healthy | |
| ######## | |
| # Demo # | |
| ######## | |
| cat examples/k8s/azure-aks.yaml | |
| kubectl apply \ | |
| --filename examples/k8s/azure-aks.yaml | |
| kubectl get managed,objects | |
| cat packages/k8s/aks.yaml | |
| ########### | |
| # Destroy # | |
| ########### | |
| kubectl delete \ | |
| --filename examples/k8s/azure-aks.yaml | |
| kubectl get azurejet | |
| # Wait until all the resources are removed | |
| # Destroy or reset the maanagement Kubernetes cluster |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment