blob: 23f6ae3416200c5c8b6e9cdb6e53dbcc317331dd [file] [log] [blame]
stark, steven6754bc12019-09-19 15:43:00 -07001#!/bin/bash
2# Copyright 2019 AT&T Intellectual Property. All rights reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
17NO_PROMPT=0
18RANDOM_PREFIX="ONAP"
19RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4`
20
21AKS_NAME=
22AKS_RESOURCE_GROUP_NAME=
23AKS_K8_VERSION=
24LOCATION=
25AKS_NODE_COUNT=
26AKS_NODE_SIZE=
27AKS_SERVICE_CIDR=
28AKS_POD_CIDR=
29AKS_DNS_IP=
30AKS_NODE_CIDR=
31AKS_NETWORK_NAME=
32USER_PUBLIC_IP_PREFIX=
33PUBLIC_KEY=
34AKS_ADMIN_USER=
35
36function check_required_parameter() {
37 # arg1 = parameter
38 # arg2 = parameter name
39 if [ -z "$1" ]; then
40 echo "$2 was not was provided. This parameter is required."
41 exit 1
42 fi
43}
44
45function check_optional_paramater() {
46 # arg1 = parameter
47 # arg2 = default
48 if [ -z "$1" ]; then
49 echo "$2"
50 else
51 echo "$1"
52 fi
53}
54
55
56while test $# -gt 0; do
57 case "$1" in
58 -h|--help)
59 echo "./create_aks.sh [options]"
60 echo " "
61 echo " "
62 echo "required:"
63 echo "--user-public-ip public ip that will be granted access to AKS [required]"
64 echo "--admin-user admin user created on AKS nodes [required]"
65 echo "--public-key public key added for admin user [required]"
66 echo "-l, --location location to deploy AKS [required]"
67 echo " "
68 echo "additional options:"
69 echo "-f, --no-prompt executes with no prompt for confirmation"
70 echo "-h, --help provide brief overview of script"
71 echo "-n, --name AKS name [optional]"
72 echo "-g, --resource-group name of resource group that will be created [optional]"
73 echo "-s, --size azure flavor size for Kube nodes [optional]"
74 echo "-v, --kube-version version of Kubernetes for cluster [optional]"
75 echo "-c, --node-count number of nodes for cluster [optional]"
76 echo "--service-cidr cidr for Kuberenetes services [optional]."
77 echo "--dns-ip IP for Kuberenetes dns service [optional]. This should be from --service-cidr."
78 echo "--pod-cidr cidr for Kuberenetes pods [optional]."
79 echo "--node-cidr cidr for Kuberenetes nodes [optional]."
80 echo "--vnet-name name of Vnet to create for Kubernetes Cluster [optional]"
81 echo ""
82 exit 0
83 ;;
84 -f|--no-prompt)
85 shift
86 NO_PROMPT=1
87 ;;
88 -n|--name)
89 shift
90 AKS_NAME=$1
91 shift
92 ;;
93 -g|--resource-group)
94 shift
95 AKS_RESOURCE_GROUP_NAME=$1
96 shift
97 ;;
98 -s|--size)
99 shift
100 AKS_NODE_SIZE=$1
101 shift
102 ;;
103 -l|--location)
104 shift
105 LOCATION=$1
106 shift
107 ;;
108 -v|--kube-version)
109 shift
110 AKS_K8_VERSION=$1
111 shift
112 ;;
113 -c|--node-count)
114 shift
115 AKS_NODE_COUNT=$1
116 shift
117 ;;
118 --service-cidr)
119 shift
120 AKS_SERVICE_CIDR=$1
121 shift
122 ;;
123 --dns-ip)
124 shift
125 AKS_DNS_IP=$1
126 shift
127 ;;
128 --pod-cidr)
129 shift
130 AKS_POD_CIDR=$1
131 shift
132 ;;
133 --node-cidr)
134 shift
135 AKS_NODE_CIDR=$1
136 shift
137 ;;
138 --vnet-name)
139 shift
140 AKS_NETWORK_NAME=$1
141 shift
142 ;;
143 --user-public-ip)
144 shift
145 USER_PUBLIC_IP_PREFIX=$1
146 shift
147 ;;
148 --admin-user)
149 shift
150 AKS_ADMIN_USER=$1
151 shift
152 ;;
153 --public-key)
154 shift
155 PUBLIC_KEY=$1
156 shift
157 ;;
158 *)
159 echo "Unknown Argument $1. Try running with --help."
160 exit 0
161 ;;
162 esac
163done
164
165check_required_parameter "$LOCATION" "--location"
166check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip"
167check_required_parameter "$AKS_ADMIN_USER" "--admin-user"
168check_required_parameter "$PUBLIC_KEY" "--public-key"
169
170AKS_RESOURCE_GROUP_NAME=$(check_optional_paramater "$AKS_RESOURCE_GROUP_NAME" $RANDOM_STRING"-AKSRG")
171AKS_NAME=$(check_optional_paramater "$AKS_NAME" $RANDOM_STRING"-AKS")
172AKS_NODE_SIZE=$(check_optional_paramater "$AKS_NODE_SIZE" "Standard_DS4_v2")
173AKS_POD_CIDR=$(check_optional_paramater "$AKS_POD_CIDR" "168.1.0.0/16")
174AKS_NODE_CIDR=$(check_optional_paramater "$AKS_NODE_CIDR" "169.1.0.0/16")
175AKS_NETWORK_NAME=$(check_optional_paramater "$AKS_NETWORK_NAME" $RANDOM_STRING"-AKS-VNET")
176AKS_SERVICE_CIDR=$(check_optional_paramater "$AKS_SERVICE_CIDR" "170.1.0.0/16")
177AKS_DNS_IP=$(check_optional_paramater "$AKS_DNS_IP" "170.1.0.10")
178AKS_K8_VERSION=$(check_optional_paramater "$AKS_K8_VERSION" "1.13.5")
179AKS_NODE_COUNT=$(check_optional_paramater "$AKS_NODE_COUNT" "7")
180
181if [ $NO_PROMPT = 0 ]; then
182 read -p "Would you like to proceed? [y/n]" -n 1 -r
183 echo " "
184 if [[ ! $REPLY =~ ^[Yy]$ ]]
185 then
186 exit 0
187 fi
188fi
189
190set -x
191set -e
192
193AKS_SUBNET_NAME=$AKS_NETWORK_NAME"-SUBNET"
194
195echo "Creating AKS Resource Group $AKS_RESOURCE_GROUP_NAME in $LOCATION"
196$DIR/create_resource_group.sh "$AKS_RESOURCE_GROUP_NAME" "$LOCATION"
197
198az network vnet create --resource-group "$AKS_RESOURCE_GROUP_NAME" \
199 --name "$AKS_NETWORK_NAME" \
200 --address-prefix "$AKS_NODE_CIDR" \
201 --subnet-name "$AKS_SUBNET_NAME" \
202 --subnet-prefix "$AKS_NODE_CIDR"
203
204AKS_SUBNET_ID=`az network vnet show --resource-group ${AKS_RESOURCE_GROUP_NAME} --name ${AKS_NETWORK_NAME} --query "subnets | [0] | id" --output tsv`
205
206az aks create --name "$AKS_NAME" \
207 --resource-group "$AKS_RESOURCE_GROUP_NAME" \
208 --disable-rbac \
209 --kubernetes-version "$AKS_K8_VERSION" \
210 --location "$LOCATION" \
211 --node-count "$AKS_NODE_COUNT" \
212 --node-vm-size "$AKS_NODE_SIZE" \
213 --service-cidr "$AKS_SERVICE_CIDR" \
214 --pod-cidr "$AKS_POD_CIDR" \
215 --network-plugin "kubenet" \
216 --dns-service-ip "$AKS_DNS_IP" \
217 --admin-username "$AKS_ADMIN_USER" \
218 --ssh-key-value "$PUBLIC_KEY" \
219 --vnet-subnet-id "$AKS_SUBNET_ID"
220echo ""
221
222AKS_MANAGEMENT_RESOURCE_GROUP_NAME=`az group list --query "[?starts_with(name, 'MC_${AKS_RESOURCE_GROUP_NAME}')].name | [0]" --output tsv`
223AKS_NSG_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | name" --output tsv`
224AKS_NSG_ID=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | id" --output tsv`
225
226echo "Associating Security Group with AKS Subnet ${AKS_SUBNET_NAME}"
227az network vnet subnet update --resource-group="$AKS_RESOURCE_GROUP_NAME" \
228 --name "$AKS_SUBNET_NAME" \
229 --vnet-name "$AKS_NETWORK_NAME" \
230 --network-security-group "$AKS_NSG_ID"
231
232for ((i=0;i<$AKS_NODE_COUNT;i++)); do
233 NIC_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkInterfaces" --query "[$i] | name" --output tsv`
234 echo "Associating Security Group ${AKS_NSG_NAME} with AKS Node NIC ${NIC_NAME}"
235 az network nic update --resource-group "$AKS_MANAGEMENT_RESOURCE_GROUP_NAME" -n "$NIC_NAME" --network-security-group "$AKS_NSG_NAME"
236 echo ""
237done
238