Add AKS platform support

Refs #215 #216

Signed-off-by: Mateusz Gozdek <mateusz@kinvolk.io>

Makefile

@@ -6,7 +6,7 @@ VERSION :=
 MOD ?= vendor
 DOCS_DIR ?= docs/cli
 
-ALL_BUILD_TAGS := "aws,packet,e2e,disruptivee2e,poste2e"
+ALL_BUILD_TAGS := "aws,packet,aks,e2e,disruptivee2e,poste2e"
 
 ## Adds a '-dirty' suffix to version string if there are uncommitted changes
 changes := $(shell git status --porcelain)

ci/aks/aks-cluster.lokocfg.envsubst

@@ -0,0 +1,118 @@
+variable "cert_manager_email" {
+  default = "$EMAIL"
+}
+variable "cluster_name" {
+  default = "$CLUSTER_ID"
+}
+
+variable "aws_zone_id" {
+  default = "$AWS_DNS_ZONE_ID"
+}
+
+variable "aws_access_key_id" {
+  default = "$AWS_ACCESS_KEY_ID"
+}
+
+variable "aws_secret_access_key" {
+  default = "$AWS_SECRET_ACCESS_KEY"
+}
+
+variable "aws_dns_zone" {
+  default = "$AWS_DNS_ZONE"
+}
+
+variable "resource_group_name" {
+  default = "$CLUSTER_ID"
+}
+
+variable "grafana_admin_password" {
+  default = "admin"
+}
+
+variable "asset_dir" {
+  default = "~/lokoctl-assets"
+}
+
+variable "workers_count" {
+  default = 2
+}
+
+variable "workers_type" {
+  default = "Standard_D2_v2"
+}
+
+variable "location" {
+  default = "Germany West Central"
+}
+
+variable "worker_labels" {
+  default = {
+    "testing.io" = "yes",
+    "roleofnode" = "testing",
+  }
+}
+
+cluster "aks" {
+  asset_dir    = pathexpand(var.asset_dir)
+  cluster_name = var.cluster_name
+
+  location            = var.location
+  resource_group_name = var.resource_group_name
+
+  worker_pool "default" {
+    vm_size = var.workers_type
+    count   = var.workers_count
+    labels  = var.worker_labels
+  }
+
+  tags = {
+    "owner" = "LokomotiveCIAKS"
+  }
+}
+
+component "prometheus-operator" {
+  grafana_admin_password = var.grafana_admin_password
+  disable_webhooks       = true
+
+  monitor {
+    etcd                    = false
+    kube_controller_manager = false
+    kube_scheduler          = false
+    kube_proxy              = false
+    kubelet                 = false
+  }
+
+  coredns {
+    selector = {
+      "k8s-app" = "kube-dns",
+    }
+  }
+}
+
+component "contour" {
+  ingress_hosts = [
+    "httpbin.${var.cluster_name}.${var.aws_dns_zone}",
+  ]
+  service_monitor = true
+}
+
+component "cert-manager" {
+  email           = var.cert_manager_email
+  service_monitor = true
+}
+
+component "external-dns" {
+  policy   = "sync"
+  owner_id = var.cluster_name
+  aws {
+    zone_id               = var.aws_zone_id
+    aws_access_key_id     = var.aws_access_key_id
+    aws_secret_access_key = var.aws_secret_access_key
+  }
+
+  service_monitor = true
+}
+
+component "httpbin" {
+  ingress_host = "httpbin.${var.cluster_name}.${var.aws_dns_zone}"
+}

cli/cmd/root.go

@@ -22,6 +22,7 @@ import (
 	"github.com/spf13/viper"
 
 	// Register platforms by adding an anonymous import.
+	_ "github.com/kinvolk/lokomotive/pkg/platform/aks"
 	_ "github.com/kinvolk/lokomotive/pkg/platform/aws"
 	_ "github.com/kinvolk/lokomotive/pkg/platform/baremetal"
 	_ "github.com/kinvolk/lokomotive/pkg/platform/packet"

docs/configuration-reference/platforms/aks.md

@@ -0,0 +1,129 @@
+# Lokomotive AKS configuration reference
+
+## Contents
+
+* [Introduction](#introduction)
+* [Prerequisites](#prerequisites)
+* [Configuration](#configuration)
+* [Attribute reference](#attribute-reference)
+* [Applying](#applying)
+* [Destroying](#destroying)
+
+## Introduction
+
+This configuration reference provides information on configuring a Lokomotive cluster on Azure AKS with all the configuration options available to the user.
+
+## Prerequisites
+
+* `lokoctl` [installed locally](../../installer/lokoctl.md).
+* `kubectl` installed locally to access the Kubernetes cluster.
+
+## Configuration
+
+To create a Lokomotive cluster, we need to define a configuration.
+
+Example configuration file:
+
+```tf
+#myakscluster.lokocfg
+variable "state_s3_bucket" {}
+variable "lock_dynamodb_table" {}
+variable "asset_dir" {}
+variable "cluster_name" {}
+variable "workers_count" {}
+variable "state_s3_key" {}
+variable "state_s3_region" {}
+variable "workers_vm_size" {}
+variable "location" {}
+variable "tenant_id" {}
+variable "subscription_id" {}
+variable "client_id" {}
+variable "client_secret" {}
+variable "resource_group_name" {}
+variable "application_name" {}
+variable "manage_resource_group" {}
+
+backend "s3" {
+  bucket         = var.state_s3_bucket
+  key            = var.state_s3_key
+  region         = var.state_s3_region
+  dynamodb_table = var.lock_dynamodb_table
+}
+
+# backend "local" {
+#   path = "path/to/local/file"
+#}
+
+
+cluster "aks" {
+  asset_dir    = pathexpand(var.asset_dir)
+  cluster_name = var.cluster_name
+
+  tenant_id       = var.tenant_id
+  subscription_id = var.subscription_id
+  client_id       = var.client_id
+  client_secret   = var.client_secret
+
+  location              = var.location
+  resource_group_name   = var.resource_group_name
+  application_name      = var.application_name
+  manage_resource_group = var.manage_resource_group
+
+  worker_pool "default" {
+    count   = var.workers_count
+    vm_size = var.workers_vm_size
+
+    labels = {
+      "key" = "value",
+    }
+
+    taints = [
+      "node-role.kubernetes.io/master=NoSchedule",
+    ]
+  }
+
+  tags = {
+    "key" = "value",
+  }
+}
+```
+
+**NOTE**: Should you feel differently about the default values, you can set default values using the `variable`
+block in the cluster configuration.
+
+## Attribute reference
+
+| Argument                | Description                                                  |    Default    | Required |
+| ----------------------- | ------------------------------------------------------------ | :-----------: | :------: |
+| `asset_dir`             | Location where Lokomotive stores cluster assets.             |       -       |   true   |
+| `cluster_name`          | Name of the cluster. **NOTE**: It must be unique per resource group. |       -       |   true   |
+| `tenant_id`             | Azure Tenant ID. Can also be provided using the `LOKOMOTIVE_AKS_TENANT_ID` environment variable. |       -       |   true   |
+| `subscription_id`       | Azure Subscription ID. Can also be provided using the `LOKOMOTIVE_AKS_SUBSCRIPTION_ID` environment variable. |       -       |   true   |
+| `resource_group_name`   | Name of the resource group, where AKS cluster object will be created. Please note, that AKS will also create a separate resource group for workers and other required objects, like load balancers, disks etc. If `manage_resource_group` parameter is set to `false`, this resource group must be manually created before cluster creation. |       -       |   true   |
+| `client_id`             | Azure service principal ID used  for running the AKS cluster. Can also be provided using the `LOKOMOTIVE_AKS_CLIENT_ID`. This parameter is mutually exclusive with `application_name` parameter. |       -       |  false   |
+| `client_secret`         | Azure service principal secret used  for running the AKS cluster. Can also be provided using the `LOKOMOTIVE_AKS_CLIENT_SECRET`. This parameter is mutually exclusive with `application_name` parameter. |       -       |  false   |
+| `tags`                  | Additional tags for Azure resources.                  |       -       |  false   |
+| `location`              | Azure location where resources will be created. Valid values can be obtained using the following command from Azure CLI: `az account list-locations -o table`. | "West Europe" |  false   |
+| `application_name`      | Azure AD application name. If specified, a new Application will be created in Azure AD together with a service principal, which will be used to run the AKS cluster on behalf of the user to provide full cluster creation automation. Please note that this requires [permissions to create applications in Azure AD](https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-delegate-app-roles). This parameter is mutually exclusive with `client_id` and `client_secret`. |       -       |  false   |
+| `manage_resource_group` | If `true`, a resource group for the AKS object will be created on behalf of the user. |     true      |  false   |
+| `worker_pool`           | Configuration block for worker pools. At least one worker pool must be defined. |       -       |   true   |
+| `worker_pool.count`     | Number of workers in the worker pool. Can be changed afterwards to add or delete workers. |       -       |   true   |
+| `worker_pool.vm_size`   | Azure VM size for worker nodes.                              |       -       |   true   |
+| `worker_pool.labels`    | Map of Kubernetes Node object labels.                        |       -       |  false   |
+| `worker_pool.taints`    | List of Kubernetes Node taints.                              |       -       |  false   |
+
+## Applying
+
+To create the cluster, execute the following command:
+
+```console
+lokoctl cluster apply
+```
+
+## Destroying
+
+To destroy the Lokomotive cluster, execute the following command:
+
+```console
+lokoctl cluster destroy --confirm
+```