diff --git a/infra/modules/providers/azure/aks/main.tf b/infra/modules/providers/azure/aks/main.tf index 3299572b4bec15cab8054ee77c14cd211c39d46f..f73e0447e60c38f73da0b59e451ee78410dfbdd9 100644 --- a/infra/modules/providers/azure/aks/main.tf +++ b/infra/modules/providers/azure/aks/main.tf @@ -59,6 +59,20 @@ resource "azurerm_log_analytics_solution" "main" { } } +resource "azurerm_kubernetes_cluster_node_pool" "internal" { + kubernetes_cluster_id = azurerm_kubernetes_cluster.main.id + name = "internal" + node_count = var.agent_vm_count + vm_size = var.agent_vm_size + os_disk_size_gb = var.agent_vm_disk + vnet_subnet_id = var.vnet_subnet_id + enable_auto_scaling = var.auto_scaling_default_node + max_pods = var.max_pods + max_count = var.auto_scaling_default_node == true ? var.max_node_count : null + min_count = var.auto_scaling_default_node == true ? var.agent_vm_count : null + availability_zones = var.availability_zones +} + resource "azurerm_kubernetes_cluster" "main" { name = var.name resource_group_name = data.azurerm_resource_group.main.name diff --git a/infra/modules/providers/azure/aks/variables.tf b/infra/modules/providers/azure/aks/variables.tf index c143865f36732214843b63eb3e4fd5d54a568982..3dd2bcb850c134de892e200a3b604aec5f7baa27 100644 --- a/infra/modules/providers/azure/aks/variables.tf +++ b/infra/modules/providers/azure/aks/variables.tf @@ -161,3 +161,10 @@ variable "enable_kube_dashboard" { type = bool default = true } + +variable "availability_zones" { + description = "Availability zones for the aks nodepools" + type = list(string) + default = null +} + diff --git a/infra/modules/providers/azure/appgw/main.tf b/infra/modules/providers/azure/appgw/main.tf index 66802c0c85cef5c29ae2f49b46c7e4eab029e4c8..3ef0693f2c7003538635b4024ae8e3a346e81871 100644 --- a/infra/modules/providers/azure/appgw/main.tf +++ b/infra/modules/providers/azure/appgw/main.tf @@ -188,6 +188,8 @@ resource "azurerm_application_gateway" "main" { min_protocol_version = var.ssl_policy_min_protocol_version } + zones = var.gateway_zones + lifecycle { ignore_changes = [ ssl_certificate, diff --git a/infra/modules/providers/azure/appgw/variables.tf b/infra/modules/providers/azure/appgw/variables.tf index 7a803a529607d55b70105729c5995e48a83acfaf..260a0a3d62fb04b959fdc8ab41d53b21f4106006 100644 --- a/infra/modules/providers/azure/appgw/variables.tf +++ b/infra/modules/providers/azure/appgw/variables.tf @@ -102,3 +102,9 @@ variable "ssl_policy_min_protocol_version" { type = string default = "TLSv1_2" } + +variable "gateway_zones" { + description = "" + type = list(string) + default = null +} \ No newline at end of file diff --git a/infra/modules/providers/azure/redis-cache/variables.tf b/infra/modules/providers/azure/redis-cache/variables.tf index 0ef9191e5d34c6ae6a8a74bf8f73e5c2e333ff20..92deae681dd9550dea6dc6bcac585e7023afc335 100644 --- a/infra/modules/providers/azure/redis-cache/variables.tf +++ b/infra/modules/providers/azure/redis-cache/variables.tf @@ -81,8 +81,7 @@ variable "premium_tier_config" { variable "zones" { description = "A list of a one or more Availability Zones, where the Redis Cache should be allocated." - type = list(number) - default = [1] + type = list(string) } diff --git a/infra/templates/osdu-r3-mvp/service_resources/main.tf b/infra/templates/osdu-r3-mvp/service_resources/main.tf index 4996ecea7a536c662d31d3e177228f3308766deb..409b6e580c20d7f1718dbf7ccdef34fc2dea5106 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/main.tf +++ b/infra/templates/osdu-r3-mvp/service_resources/main.tf @@ -129,6 +129,18 @@ locals { cosmosdb_name = "${local.base_name}-system-db" + nodepool_zones = [ + "1", + "2", + "3" + ] + + gateway_zones = [ + "1", + "2", + "3" + ] + role = "Contributor" rbac_principals = [ // OSDU Identity @@ -289,9 +301,13 @@ module "appgateway" { ssl_policy_cipher_suites = var.ssl_policy_cipher_suites ssl_policy_min_protocol_version = var.ssl_policy_min_protocol_version + gateway_zones = local.gateway_zones + resource_tags = var.resource_tags min_capacity = var.appgw_min_capacity max_capacity = var.appgw_max_capacity + + } // Give AGIC Identity Access rights to Change the Application Gateway @@ -326,6 +342,7 @@ module "aks" { resource_group_name = azurerm_resource_group.main.name dns_prefix = local.aks_dns_prefix + availability_zones = local.nodepool_zones agent_vm_count = var.aks_agent_vm_count agent_vm_size = var.aks_agent_vm_size agent_vm_disk = var.aks_agent_vm_disk diff --git a/infra/templates/osdu-r3-mvp/service_resources/tests/unit/unit_test.go b/infra/templates/osdu-r3-mvp/service_resources/tests/unit/unit_test.go index 5d33f7eeae76e78cbabe257a707e812a80b5abe4..6c054df4277dde9619380adff9b42dbc0b62f9b8 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/tests/unit/unit_test.go +++ b/infra/templates/osdu-r3-mvp/service_resources/tests/unit/unit_test.go @@ -49,7 +49,7 @@ func TestTemplate(t *testing.T) { TfOptions: tfOptions, Workspace: workspace, PlanAssertions: nil, - ExpectedResourceCount: 113, + ExpectedResourceCount: 114, ExpectedResourceAttributeValues: resourceDescription, } diff --git a/infra/templates/osdu-r3-mvp/service_resources/variables.tf b/infra/templates/osdu-r3-mvp/service_resources/variables.tf index d2c4fa09cf2d0ee760af3bf3cccbc3c73fb4ce66..a4ec41344975abd0b4df662d768133c18597ee71 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/variables.tf +++ b/infra/templates/osdu-r3-mvp/service_resources/variables.tf @@ -145,8 +145,8 @@ variable "redis_queue_sku_name" { variable "redis_queue_zones" { description = "A list of a one or more Availability Zones, where the Redis Cache should be allocated." - type = list(number) - default = [1, 2] + type = list(string) + default = ["1", "2"] } variable "postgres_databases" {