我通过以下terraform语句将Azure AKS群集部署到了现有的vnet中。它可以正常工作,并且使用Azure负载平衡器和分配给它的公共IP地址创建了AKS群集。我只需要使用内部Azure负载平衡器进行安装。我如何更改terraform代码以仅获取内部Azure负载平衡器?谢谢
resource "azurerm_kubernetes_cluster" "aks" {
name = "${var.tags.department}-${var.tags.stage}-${var.tags.environment}_aks"
location = var.location
resource_group_name = azurerm_resource_group.aksrg.name
dns_prefix = lower("${var.tags.department}-${var.tags.stage}-${var.tags.environment}-aks")
private_link_enabled = true
node_resource_group = "${var.tags.department}-${var.tags.stage}-${var.tags.environment}_aks_nodes_rg"
linux_profile {
admin_username = "testadmin"
ssh_key {
key_data = file("/ssh/id_rsa.pub") #ssh-keygen
}
}
default_node_pool {
name = "default"
vm_size = "Standard_DS1_v2"
enable_auto_scaling = false
enable_node_public_ip = false
node_count = 1
vnet_subnet_id = azurerm_subnet.akssubnet.id
}
network_profile {
network_plugin = "azure"
service_cidr = "172.100.0.0/24"
dns_service_ip = "172.100.0.10"
docker_bridge_cidr = "172.101.0.1/16"
load_balancer_sku = "standard"
}
service_principal {
client_id = azurerm_azuread_service_principal.aks_sp.application_id
client_secret = azurerm_azuread_service_principal_password.aks_sp_pwd.value
}
addon_profile {
kube_dashboard {
enabled = true
}
}
role_based_access_control {
enabled = false
}
}
答案 0 :(得分:2)
对于您的问题,可以看到您像这样设置AKS集群的network_profile:
network_profile {
network_plugin = "azure"
service_cidr = "172.100.0.0/24"
dns_service_ip = "172.100.0.10"
docker_bridge_cidr = "172.101.0.1/16"
load_balancer_sku = "standard"
}
然后您设置属性load_balancer_sku,它将为您创建一个standard类型的负载均衡器。并且此属性只能使用值basic和standard。因此,没有负载均衡器似乎无法创建AKS集群。您可以在Github中看到issue。如它所说,最新的CLI也无法帮助您实现这一目标。
如果您对此问题还有其他疑问,请告诉我。很高兴能帮助您解决问题。