I was following this tutorial to setup AKS with Application Gateway Ingress Controller.
I am wondering what is the equivalent of this Azure CLI Command using Bicep Templates?
az aks create -n myCluster -g myResourceGroup --network-plugin azure --enable-managed-identity -a ingress-appgw --appgw-name myApplicationGateway --appgw-subnet-cidr "10.2.0.0/16" --generate-ssh-keys
Especially as it seems that the node resource group name can only be configured using ARM/Bicep as the corresponding parameter mentioned in the FAQ seems to have vanished in the current version of the AKS Extension.
Update: The thing i'm mostly uncertain about is how to activate and configure the Add-On "ingress-appgw" via Template.
I saw that in the export of an AKS Cluster provisioned by the above command i get this section:
"addonProfiles": {
"azurepolicy": {
"enabled": true
},
"ingressApplicationGateway": {
"enabled": true,
"config": {
"applicationGatewayName": "my-agw",
"effectiveApplicationGatewayId": "[parameters('applicationGateways_my_agw_externalid')]",
"subnetCIDR": "10.2.0.0/16"
}
}
}
If that is enough to achieve the same job i'm good but i'm not sure if the Azure CLI Command does some extra sorcery on top of that in AKS to make it all work.
You can use this template as starter: https://github.com/Azure/azure-quickstart-templates/blob/91da267dce8691485d916f7315a3fe6ffcee21aa/quickstarts/microsoft.network/aks-application-gateway-ingress-controller/azuredeploy.json#L1797
It's ARM, but you can easily transform it to Bicep, something like:
addonProfiles: {
{
ingressApplicationGateway: {
enabled: true
config: {
applicationGatewayId: applicationGateway.id
}
}
}
Add identity if you use it.