terraformazure-aksistioterraform-provider-azure
How to install ISTIO on AKS for production workload?
I'm trying to install istio on AKS Production workload using Terraform. I have created the AKS cluster with Azure RABC enabled.
I came across the following terraform script
resource "kubernetes_namespace" "istio-system" {
metadata {
annotations = {
name = "istio-namespace"
}
labels = {
mylabel = "label-value"
}
name = "istio-namespace"
}
}
resource "helm_release" "istio_base" {
name = "istio-base"
chart = "./manifests/charts/base"
namespace = "istio-system"
}
resource "helm_release" "istiod" {
name = "istiod"
chart = "./manifests/charts/istio-control/istio-discovery"
namespace = "istio-system"
}
resource "helm_release" "istio-ingress" {
name = "istio-ingress"
chart = "./manifests/charts/gateways/istio-ingress"
namespace = "istio-system"
}
resource "helm_release" "istio-egress" {
name = "istio-ingress"
chart = "./manifests/charts/gateways/istio-egress"
namespace = "istio-system"
}
This is all required to setup ISTIO on AKS production workload? Should I download these HELM charts on the machine from where the code is executed? If so, from where can I download them?
Solution
I tried to reproduce the same in my environment to install ISTIO on AKS using Terraform:
Terraform Script:
provider "helm" {
kubernetes {
config_path = "~/.kube/config"
}
}
locals {
istio_charts_url = "https://istio-release.storage.googleapis.com/charts"
}
resource "kubernetes_namespace" "istio-system" {
metadata {
annotations = {
name = "istio-namespace"
}
labels = {
mylabel = "label-value"
}
name = "istio-namespace"
}
}
resource "helm_release" "istio-base" {
repository = local.istio_charts_url
chart = "base"
name = "istio-base"
namespace = "istio-system"
version = "1.12.1"
create_namespace = true
}
resource "helm_release" "istiod" {
repository = local.istio_charts_url
chart = "istiod"
name = "istiod"
namespace = "istio-system"
create_namespace = true
version = "1.12.1"
depends_on = [helm_release.istio-base]
}
resource "kubernetes_namespace" "istio-ingress" {
metadata {
labels = {
istio-injection = "enabled"
}
name = "istio-ingress"
}
}
resource "helm_release" "istio-ingress" {
repository = local.istio_charts_url
chart = "gateway"
name = "istio-ingress"
namespace = "istio-system"
version = "1.12.1"
depends_on = [helm_release.istiod]
}
Terraform plan:
Check the installation status.
helm status istiod -n istio-system
Refer: Stack link followed by Benda.
- How to install multiple or two versions of Terraform?
- Terraform will damage your computer on macOS Intel
- Upgrade terraform to specific version
- Should I commit my .terraform-version file?
- Terraform code not creating multiple rules in Azure Storage lifecycle
- How to resolve 'Step Functions State Machine is not authorized to create managed-rule'?
- How to output URL of Azure Logic Apps with Terraform?
- Terraform fails to import key pair with Amazon EC2
- Check if the resource exists before using data
- Invalid arn error for terraform code with kms data resource
- Nat Gateway Profile for AKS using terraform
- Can I use helm for fire and forget k8s Jobs?
- Does AWS VPC Endpoint require subnets?
- Maps containing keys with spaces are not properly validated when those keys are used as resource names
- Adding additional storage to VM with terraform
- EC2 can't get a public ip address after stop-start
- Terraform Cloud Run Service URL
- Can I use condition's variable in the error_message of a Terraform variable validation?
- OPA eval command
- Rancher - controlplane node got into worker pool
- Terraform for-each with list of objects
- Timezone error creating SQL instance in Azure using Terraform
- Terraform shows `InvalidGroup.NotFound` while creating an EC2 instance
- How can I use Terraform to run a script to initialise the database on a newly-created Azure mssql_virtual_machine?
- 'terraform plan' NOT updating state file
- Pass a Terraform Output to an Azure DevOps Varibale
- Terraform outputs 'Error: Variables not allowed' when doing a plan
- terraform conditional resource creation for_each and list
- How to get the "Function Url" which is with in a Function-App deployed using Terraform?
- Unable to ping azure vm1 to azure vm2