Add support for using application gateway for ingress #116
Conversation
This adds support for using an application gateway for ingressing traffic into the cluster. The Application Gateway Ingress Controller, which will be deployed into the cluster, is granted the `Contributor` role to modify the gateway as it sees fit. Note that the controller will need to be granted the `Microsoft.Network/publicIPAddresses/read` permission on the IP address associated with the gateway for any `ingress` Kubernetes resources to have their address correctly updated. This also adds support for setting the O/S disk type to `Ephemeral`.
|
|
| @@ -85,6 +87,11 @@ resource "azurerm_kubernetes_cluster" "main" { | |||
| } | |||
|
|
|||
| addon_profile { | |||
| ingress_application_gateway { | |||
There was a problem hiding this comment.
This should be more robust and include options for creating the application gateway as part of the addon_profile configuration.
|
|
||
| count = var.ingress_application_gateway_id == null ? 0 : 1 |
There was a problem hiding this comment.
This logic causes issues when the application gateway is created as part of a module that calls this as a submodule. Since the apply will be creating the application gateway this "count" depends on Terraform will be unable to determine this count value.
|
What is the status on supporting application gateway for ingress because currently we use the module and need this feature? |
|
Ping? We really need the disk type flag. |
|
Any news on this feature ? |
|
MAIN BRANCH PUSH DETECTED DUE TO #241, THIS PR WILL BE UPDATED. |
|
MAIN BRANCH PUSH DETECTED DUE TO #, THIS PR WILL BE UPDATED. |
1 similar comment
|
MAIN BRANCH PUSH DETECTED DUE TO #, THIS PR WILL BE UPDATED. |
|
MAIN BRANCH PUSH DETECTED DUE TO #, THIS PR NEED TO BE UPDATED TO TRIGGER CI. |
1 similar comment
|
MAIN BRANCH PUSH DETECTED DUE TO #, THIS PR NEED TO BE UPDATED TO TRIGGER CI. |
|
This PR is not needed anymore because the changes were implemented in #139 The issue #114 is closed and #115 should be closed already. @lonegunmanb Please close the PR without merging. |
|
MAIN BRANCH PUSH DETECTED DUE TO #230, THIS PR NEED TO BE UPDATED TO TRIGGER CI. |
|
MAIN BRANCH PUSH DETECTED DUE TO #, THIS PR NEED TO BE UPDATED TO TRIGGER CI. |
1 similar comment
|
MAIN BRANCH PUSH DETECTED DUE TO #, THIS PR NEED TO BE UPDATED TO TRIGGER CI. |
|
MAIN BRANCH PUSH DETECTED DUE TO #253, THIS PR NEED TO BE UPDATED TO TRIGGER CI. |
|
MAIN BRANCH PUSH DETECTED DUE TO #, THIS PR NEED TO BE UPDATED TO TRIGGER CI. |
|
MAIN BRANCH PUSH DETECTED DUE TO #249, THIS PR NEED TO BE UPDATED TO TRIGGER CI. |
This adds support for using an application gateway for ingressing traffic into the cluster. The Application Gateway Ingress Controller, which will be deployed into the cluster, is granted the
Contributorrole to modify the gateway as it sees fit.Note that the controller will need to be granted the
Microsoft.Network/publicIPAddresses/readpermission on the IP address associated with the gateway for anyingressKubernetes resources to have their address correctly updated.This also adds support for setting the O/S disk type to
Ephemeral.Fixes #114 #115