Terraform -如何找到Azure Kubernetes AKS vnet ID用于网络窥视
Terraform -如何找到Azure Kubernetes AKS vnet ID用于网络窥视
提问于 2021-09-13 07:05:34
我使用单个Terraform脚本来部署AKS和应用程序网关。到目前为止,一切都如期而至,我最不需要的就是在AKS和Application之间配置vnet窥视。
根据Terraform的文档,vnet窥视需要AKS vnet名称和ID:
# AppGw to AKS
resource "azurerm_virtual_network_peering" "appgw_aks_peering" {
name = "appgw-aks-peer"
resource_group_name = "my-appgw-rg"
virtual_network_name = azurerm_virtual_network.my_vnet.name
remote_virtual_network_id = ???
}
# AKS to AppGw
resource "azurerm_virtual_network_peering" "aks_appgw_peering" {
name = "aks-appgw-peer"
resource_group_name = "my-aksnode-rg"
virtual_network_name = ???
remote_virtual_network_id = azurerm_virtual_network.my_vnet.id
}
resource "azurerm_kubernetes_cluster" "my_cluster" {
name = "my-aks"
location = "australiaeast"
resource_group_name = "my-aks-rg"
node_resource_group = "my-aksnode-rg"
addon_profile {
ingress_application_gateway {
enabled = true
gateway_id = azurerm_application_gateway.my_appgw.id
}
}
default_node_pool {
name = "np01"
node_count = 1
os_disk_size_gb = 30
vm_size = var.aks_np_vm_sku
}
...
}我遇到的问题是,在创建AKS时自动创建AKS vnet,并且任何地方都不导出名称或ID。我想不出用Terraform获取AKS vnet名称或ID的方法。有人能为我指出正确的方向或提出另一种解决方案吗?
Stack Overflow用户
发布于 2021-09-13 09:25:51
AFAIK,只能从Kubernetes资源获取子网id。最好的方法是使用Terraform创建一个vnet和一个子网,并将您的Kubernetes分配给这个子网。然后你可以添加窥视。
# AppGw to AKS
resource "azurerm_virtual_network_peering" "appgw_aks_peering" {
name = "appgw-aks-peer"
resource_group_name = "my-appgw-rg"
virtual_network_name = azurerm_virtual_network.my_vnet.name
remote_virtual_network_id = azurerm_virtual_network.aks.id
}
# AKS to AppGw
resource "azurerm_virtual_network_peering" "aks_appgw_peering" {
name = "aks-appgw-peer"
resource_group_name = "my-aksnode-rg"
virtual_network_name = azurerm_virtual_network.aks.name
remote_virtual_network_id = azurerm_virtual_network.my_vnet.id
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/69158600
复制相关文章
相似问题
腾讯云开发者
