Skip to content

Commit

Permalink
update
Browse files Browse the repository at this point in the history
  • Loading branch information
baoduy committed Jul 8, 2024
1 parent 3a28be7 commit 3f512ef
Show file tree
Hide file tree
Showing 10 changed files with 152 additions and 164 deletions.
172 changes: 86 additions & 86 deletions src/Aks/index.ts
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import * as native from "@pulumi/azure-native";
import * as pulumi from "@pulumi/pulumi";
import { Input, Output, output } from "@pulumi/pulumi";
import vmsDiagnostic from "./VmSetMonitor";
import { BasicResourceArgs, KeyVaultInfo, ResourceInfo } from "../types";
import * as native from '@pulumi/azure-native';
import * as pulumi from '@pulumi/pulumi';
import { Input, Output, output } from '@pulumi/pulumi';
import vmsDiagnostic from './VmSetMonitor';
import { BasicResourceArgs, KeyVaultInfo, ResourceInfo } from '../types';
import {
currentEnv,
defaultScope,
Expand All @@ -11,28 +11,28 @@ import {
parseResourceInfoFromId,
isPrd,
tenantId,
} from "../Common/AzureEnv";
import Locker from "../Core/Locker";
import aksIdentityCreator from "./Identity";
import { stack } from "../Common/StackEnv";
import { createDiagnostic } from "../Logs/Helpers";
import { getAksName, getResourceGroupName } from "../Common/Naming";
import { roleAssignment } from "../AzAd/RoleAssignment";
import { EnvRolesResults } from "../AzAd/EnvRoles";
import { getAksConfig } from "./Helper";
import { addCustomSecret } from "../KeyVault/CustomHelper";
import * as inputs from "@pulumi/azure-native/types/input";
import { getKeyVaultBase } from "@drunk-pulumi/azure-providers/AzBase/KeyVaultBase";
import { IdentityResult } from "../AzAd/Identity";
import { ManagedCluster } from "@pulumi/azure-native/containerservice";
} from '../Common/AzureEnv';
import Locker from '../Core/Locker';
import aksIdentityCreator from './Identity';
import { stack } from '../Common/StackEnv';
import { createDiagnostic } from '../Logs/Helpers';
import { getAksName, getResourceGroupName } from '../Common';
import { roleAssignment } from '../AzAd/RoleAssignment';
import { EnvRolesResults } from '../AzAd/EnvRoles';
import { getAksConfig } from './Helper';
import { addCustomSecret } from '../KeyVault/CustomHelper';
import * as inputs from '@pulumi/azure-native/types/input';
import { getKeyVaultBase } from '@drunk-pulumi/azure-providers/AzBase/KeyVaultBase';
import { IdentityResult } from '../AzAd/Identity';
import { ManagedCluster } from '@pulumi/azure-native/containerservice';

const autoScaleFor = ({
enableAutoScaling,
nodeType,
env,
}: {
env: Environments;
nodeType: "Default" | "System" | "User";
nodeType: 'Default' | 'System' | 'User';
enableAutoScaling?: boolean;
}) => {
const nodeCount = 1;
Expand All @@ -41,12 +41,12 @@ const autoScaleFor = ({

if (env === Environments.Prd) {
switch (nodeType) {
case "User":
case 'User':
maxCount = 5;
break;

case "Default":
case "System":
case 'Default':
case 'System':
default:
maxCount = 3;
break;
Expand All @@ -62,9 +62,9 @@ const autoScaleFor = ({
};

const defaultNodePoolProps = {
availabilityZones: isPrd ? ["1", "2", "3"] : undefined,
availabilityZones: isPrd ? ['1', '2', '3'] : undefined,
type: native.containerservice.AgentPoolType.VirtualMachineScaleSets,
vmSize: "Standard_B2s",
vmSize: 'Standard_B2s',

maxPods: 50,
enableFIPS: false,
Expand All @@ -83,25 +83,25 @@ const defaultNodePoolProps = {

export enum VmSizes {
/** 32G RAM - 4CPU - $221.92 */
Standard_E4as_v4 = "Standard_E4as_v4",
Standard_E4as_v4 = 'Standard_E4as_v4',
/** 8G RAM - 2CPU - $77.38 */
Standard_B2ms = "Standard_B2ms",
Standard_B2ms = 'Standard_B2ms',
/** 16G RAM - 4CPU - $154.03 */
Standard_B4ms = "Standard_B4ms",
Standard_B4ms = 'Standard_B4ms',
/** 8G RAM - 2CPU - 87.60 */
Standard_D2as_v4 = "Standard_D2as_v4",
Standard_D2as_v4 = 'Standard_D2as_v4',
/** 8G RAM - 2CPU - 87.60 */
Standard_D2s_v3 = "Standard_D2s_v3",
Standard_D2s_v3 = 'Standard_D2s_v3',
/** 8G RAM - 4CPU - 182.5 */
Standard_D4s_v3 = "Standard_D4s_v3",
Standard_D4s_v3 = 'Standard_D4s_v3',
/** 16G RAM - 4CPU - $175.20 */
Standard_D4as_v4 = "Standard_D4as_v4",
Standard_D4as_v4 = 'Standard_D4as_v4',
/** 4G RAM - 2CPU - $69.35 */
Standard_A2_v2 = "Standard_A2_v2",
Standard_A2_v2 = 'Standard_A2_v2',
/** 8G RAM - 4CPU - $144.54 */
Standard_A4_v2 = "Standard_A4_v2",
Standard_A4_v2 = 'Standard_A4_v2',
/** 32G RAM - 4CPU - $205.13 */
Standard_A4m_v2 = "Standard_A4m_v2",
Standard_A4m_v2 = 'Standard_A4m_v2',
}

export interface NodePoolProps
Expand Down Expand Up @@ -144,8 +144,8 @@ export type AksNetworkProps = {
};
};

export type AksNodePoolProps = Omit<NodePoolProps, "subnetId" | "aksId">;
export type DefaultAksNodePoolProps = Omit<AksNodePoolProps, "name" | "mode">;
export type AksNodePoolProps = Omit<NodePoolProps, 'subnetId' | 'aksId'>;
export type DefaultAksNodePoolProps = Omit<AksNodePoolProps, 'name' | 'mode'>;

export interface AksProps extends BasicResourceArgs {
//nodeResourceGroup?: string;
Expand Down Expand Up @@ -219,10 +219,10 @@ export default async ({

if (ignoreChanges.length <= 0) {
ignoreChanges.push(
"privateLinkResources",
"networkProfile",
"linuxProfile",
"windowsProfile",
'privateLinkResources',
'networkProfile',
'linuxProfile',
'windowsProfile',
);
}

Expand Down Expand Up @@ -256,14 +256,14 @@ export default async ({
disableRunCommand: true,
enablePrivateCluster: features?.enablePrivateCluster,
enablePrivateClusterPublicFQDN: true,
privateDNSZone: "system",
privateDNSZone: 'system',
},

addonProfiles: {
azureKeyvaultSecretsProvider: {
config: addon.enableAzureKeyVault
? {
enableSecretRotation: "true",
enableSecretRotation: 'true',
}
: undefined,
enabled: Boolean(addon.enableAzureKeyVault),
Expand Down Expand Up @@ -312,7 +312,7 @@ export default async ({
...defaultNodePool,
...autoScaleFor({
env: currentEnv,
nodeType: "System",
nodeType: 'System',
enableAutoScaling: features?.enableAutoScale,
// powerState: {
// code: "Running",
Expand All @@ -322,13 +322,13 @@ export default async ({
// },
}),

name: "defaultnodes",
mode: "System",
name: 'defaultnodes',
mode: 'System',
count: 1,
vnetSubnetID: network.subnetId,
kubeletDiskType: "OS",
osSKU: "Ubuntu",
osType: "Linux",
kubeletDiskType: 'OS',
osSKU: 'Ubuntu',
osType: 'Linux',
},
],
linuxProfile: linux
Expand All @@ -339,27 +339,27 @@ export default async ({
: undefined,
//This is not inuse
windowsProfile: {
adminUsername: "azureuser",
adminUsername: 'azureuser',
enableCSIProxy: true,
},
autoScalerProfile: {
balanceSimilarNodeGroups: "true",
expander: "random",
maxEmptyBulkDelete: "10",
maxGracefulTerminationSec: "600",
maxNodeProvisionTime: "15m",
maxTotalUnreadyPercentage: "45",
newPodScaleUpDelay: "0s",
okTotalUnreadyCount: "3",
scaleDownDelayAfterAdd: "30m",
scaleDownDelayAfterDelete: "60s",
scaleDownDelayAfterFailure: "10m",
scaleDownUnneededTime: "10m",
scaleDownUnreadyTime: "20m",
scaleDownUtilizationThreshold: "0.5",
scanInterval: "60s",
skipNodesWithLocalStorage: "false",
skipNodesWithSystemPods: "true",
balanceSimilarNodeGroups: 'true',
expander: 'random',
maxEmptyBulkDelete: '10',
maxGracefulTerminationSec: '600',
maxNodeProvisionTime: '15m',
maxTotalUnreadyPercentage: '45',
newPodScaleUpDelay: '0s',
okTotalUnreadyCount: '3',
scaleDownDelayAfterAdd: '30m',
scaleDownDelayAfterDelete: '60s',
scaleDownDelayAfterFailure: '10m',
scaleDownUnneededTime: '10m',
scaleDownUnreadyTime: '20m',
scaleDownUtilizationThreshold: '0.5',
scanInterval: '60s',
skipNodesWithLocalStorage: 'false',
skipNodesWithSystemPods: 'true',
},

//Still under preview
Expand Down Expand Up @@ -432,7 +432,7 @@ export default async ({
? native.containerservice.OutboundType.UserDefinedRouting
: native.containerservice.OutboundType.LoadBalancer,

loadBalancerSku: "Standard",
loadBalancerSku: 'Standard',
loadBalancerProfile: network.outboundIpAddress
? {
outboundIPs: network.outboundIpAddress.ipAddressId
Expand Down Expand Up @@ -463,7 +463,7 @@ export default async ({
new native.containerservice.MaintenanceConfiguration(
`${aksName}-MaintenanceConfiguration`,
{
configName: "default",
configName: 'default',
// notAllowedTime: [
// {
// end: "2020-11-30T12:00:00Z",
Expand Down Expand Up @@ -502,12 +502,12 @@ export default async ({
enableAutoScaling: features.enableAutoScale,
}),

count: p.mode === "System" ? 1 : 0,
count: p.mode === 'System' ? 1 : 0,
//orchestratorVersion: kubernetesVersion,
vnetSubnetID: network.subnetId,
kubeletDiskType: "OS",
osSKU: "Ubuntu",
osType: "Linux",
kubeletDiskType: 'OS',
osSKU: 'Ubuntu',
osType: 'Linux',
}),
);
}
Expand All @@ -520,18 +520,18 @@ export default async ({
pulumi
.all([aks.identity, aks.identityProfile, network.subnetId])
.apply(([identity, identityProfile, sId]) => {
if (acrScope && identityProfile && identityProfile["kubeletidentity"]) {
if (acrScope && identityProfile && identityProfile['kubeletidentity']) {
roleAssignment({
name: `${name}-aks-identity-profile-pull`,
principalId: identityProfile["kubeletidentity"].objectId!,
principalType: "ServicePrincipal",
roleName: "AcrPull",
principalId: identityProfile['kubeletidentity'].objectId!,
principalType: 'ServicePrincipal',
roleName: 'AcrPull',
scope: acrScope,
});

addCustomSecret({
name: `${name}-identity-clientId`,
value: identityProfile["kubeletidentity"].clientId!,
value: identityProfile['kubeletidentity'].clientId!,
dependsOn: aks,
contentType: name,
vaultInfo,
Expand All @@ -542,8 +542,8 @@ export default async ({
roleAssignment({
name: `${name}-system-net`,
principalId: identity.principalId,
roleName: "Contributor",
principalType: "ServicePrincipal",
roleName: 'Contributor',
principalType: 'ServicePrincipal',
scope: getResourceIdFromInfo({
group: parseResourceInfoFromId(sId)!.group,
}),
Expand Down Expand Up @@ -577,12 +577,12 @@ export default async ({
targetResourceId: id,
logWpId,
logsCategories: [
"guard",
"kube-controller-manager",
"kube-audit-admin",
"kube-audit",
"kube-scheduler",
"cluster-autoscaler",
'guard',
'kube-controller-manager',
'kube-audit-admin',
'kube-audit',
'kube-scheduler',
'cluster-autoscaler',
],
dependsOn: aks,
});
Expand Down
12 changes: 6 additions & 6 deletions src/Builder/AksBuilder.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ import {
BuilderAsync,
SshBuilderProps,
BuilderProps,
} from "./types";
import { generateSsh, SshResults } from "../Core/KeyGenetators";
import { ManagedClusterSKUTier } from "@pulumi/azure-native/containerservice";
} from './types';
import { generateSsh, SshResults } from '../Core/KeyGenerators';
import { ManagedClusterSKUTier } from '@pulumi/azure-native/containerservice';
import Aks, {
AksNodePoolProps,
AskAddonProps,
Expand All @@ -18,7 +18,7 @@ import Aks, {
AksNetworkProps,
DefaultAksNodePoolProps,
AksResults,
} from "../Aks";
} from '../Aks';

class AksBuilder
extends BuilderAsync<AksResults>
Expand All @@ -37,7 +37,7 @@ class AksBuilder
private _nodePoolsProps: AksNodePoolProps[] = [];
private _addonProps: AskAddonProps | undefined = undefined;
private _featureProps: AskFeatureProps | undefined = undefined;
private _authProps: Omit<AksAccessProps, "envRoles"> | undefined = {};
private _authProps: Omit<AksAccessProps, 'envRoles'> | undefined = {};
private _tier: ManagedClusterSKUTier = ManagedClusterSKUTier.Free;
private _networkProps: AksNetworkProps | undefined = undefined;
private _defaultNode: DefaultAksNodePoolProps | undefined = undefined;
Expand Down Expand Up @@ -65,7 +65,7 @@ class AksBuilder
this._featureProps = props;
return this;
}
public withAuth(props: Omit<AksAccessProps, "envRoles">): IAksBuilder {
public withAuth(props: Omit<AksAccessProps, 'envRoles'>): IAksBuilder {
this._authProps = props;
return this;
}
Expand Down
12 changes: 6 additions & 6 deletions src/Builder/types/askBuilder.ts
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
//AKS Builder types
import * as native from "@pulumi/azure-native";
import { SshGenerationProps, SshResults } from "../../Core/KeyGenetators";
import { IBuilderAsync } from "./genericBuilder";
import * as native from '@pulumi/azure-native';
import { SshGenerationProps, SshResults } from '../../Core/KeyGenerators';
import { IBuilderAsync } from './genericBuilder';
import {
AksAccessProps,
AksNetworkProps,
Expand All @@ -10,9 +10,9 @@ import {
AskAddonProps,
AskFeatureProps,
DefaultAksNodePoolProps,
} from "../../Aks";
} from '../../Aks';

export type SshBuilderProps = Omit<SshGenerationProps, "vaultInfo" | "name">;
export type SshBuilderProps = Omit<SshGenerationProps, 'vaultInfo' | 'name'>;
export type AksImportProps = { id: string; ignoreChanges?: string[] };

export interface ISshBuilder {
Expand All @@ -26,7 +26,7 @@ export interface IAksDefaultNodePoolBuilder {
withDefaultNodePool(props: DefaultAksNodePoolProps): IAksBuilder;
}
export interface IAksBuilder extends IBuilderAsync<AksResults> {
withAuth(props: Omit<AksAccessProps, "envRoles">): IAksBuilder;
withAuth(props: Omit<AksAccessProps, 'envRoles'>): IAksBuilder;
withNodePool(props: AksNodePoolProps): IAksBuilder;
withAddon(props: AskAddonProps): IAksBuilder;
withFeature(props: AskFeatureProps): IAksBuilder;
Expand Down
Loading

0 comments on commit 3f512ef

Please sign in to comment.