Skip to content

vforteli/acme-multi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
aks/manifests
aks/manifests
 
 
application/AcmeApp
application/AcmeApp
 
 
iac
iac
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
acr_login.sh
acr_login.sh
 
 
aks_login.sh
aks_login.sh
 
 

Repository files navigation

Something something multi tenant AKS + something

Current steps for setup

# Deploy infra
./deployinfrastack.sh

# Create subnet for privatelinks in aks vnet
# Create privatelink manually for blob and dfs in new privatelink subnet with static ip
# Fix IPs in values.yaml if needed

# Deploy a tenant
./install_tenant acmeoverseas

Todo

  • network isolation
  • network policies tweaking
  • nginx ingress
  • appgw ingress
  • secrets.. csi + keyvault pipelines etc
  • populate identity for keyvault rbac
  • [-] dynamically add environments from some central single source of truth?
  • multiple deployments and services, test connectivity, and policies
  • wif testing with datalake
  • create users in db, add secrets to kv etc.. maybe test this with postgres instead
  • privatelink to db... do we want this or a service endpoint? costs a bit
  • privatelink setup automagically? if its worth it..
  • start adding stuff to env... not secrets but endpoints etc
  • internal everything
  • keda and scaledjobs
  • variable and parameter cleanup
  • ... more

Tenants

  • Acme Overseas acmeoverseas
  • Acme Drilling acmedrilling
  • Acme MegaCorp acmemegacorp

Helm

# Installing a tenant in AKS using script with tenant name as parameter, eg:
./install_tenant acmeoverseas
./install_tenant acmedrilling

# Uninstall a tenant
./uninstall_tenant acmeoverseas
./uninstall_tenant acmedrilling

About

Random tinkering with multi-tenant AKS

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages