Anto Subash.

aks
azure
kubernetes
terraform
acr
Azure Kubernetes (AKS) Deployment for .Net -Part : 2

Cert Manager and Nginx Ingress Controller on AKS Cluster with static IP

Table of contents

This series is a Work in Progress

Introduction

In the previous article we have created AKS cluster using Terraform. In this article we will setup Cert Manager and Nginx Ingress Controller on AKS Cluster.

Prerequisite

Make sure you have completed the previous article and have AKS cluster ready.

Setup Cert Manager

Cert-Manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.

Install Cert Manager

Cert Manager is deployed as a series of Kubernetes components, and we will install it using Helm.

helm repo add jetstack https://charts.jetstack.io
helm repo update

Prepare the terraform script

Update the terraform script to install cert manager.

resource "azurerm_public_ip" "aks_static_ip" {
  depends_on          = [azurerm_kubernetes_cluster.aks]
  name                = "${local.name_suffix}-aks-static-ip"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_kubernetes_cluster.aks.node_resource_group
  allocation_method   = "Static"
  sku                 = "Standard"
  tags                = var.resource_group_tags
}

This will create a static IP address for the ingress controller.

locals {
  aks_namespace = "${var.resource_group_tags["project"]}-${var.resource_group_tags["environment"]}-ingress-nginx"
}

This will create a name based on the project and environment.

resource "kubernetes_namespace" "ingress_namespace" {
  depends_on = [azurerm_kubernetes_cluster.aks]
  metadata {
    name = "${local.aks_namespace}"
  }
}

This will create a namespace for the ingress controller.

resource "helm_release" "nginx_ingress" {
  depends_on = [azurerm_public_ip.aks_static_ip]
  name       = "nginx-ingress"
  repository = "https://kubernetes.github.io/ingress-nginx"
  chart      = "ingress-nginx"
  namespace  = "${local.aks_namespace}"
  version    = "4.7.0"

  set {
    name  = "controller.service.loadBalancerIP"
    value = azurerm_public_ip.aks_static_ip.ip_address
  }

  set {
    name  = "controller.service.externalTrafficPolicy"
    value = "Local"
  }
}

This will install the nginx ingress controller. we are setting the static IP address for the ingress controller.

resource "helm_release" "cert_manager" {
  depends_on = [azurerm_kubernetes_cluster.aks]
  name       = "cert-manager"
  repository = "https://charts.jetstack.io"
  chart      = "cert-manager"
  namespace  = "${local.aks_namespace}"
  version    = "1.12.0"

  set {
    name  = "installCRDs"
    value = true
  }
}

This will install the cert manager.

Plan and Apply the terraform script with tfvars

terraform plan -var-file="dev.tfvars"

This will show the plan for the terraform script.

terraform apply -var-file="dev.tfvars" -auto-approve

This will apply the terraform script.

Conclusion

In this article we have setup Cert Manager and Nginx Ingress Controller on AKS Cluster. It will help us to manage the certificates and ingress controller. In the next article we will see how to use cloudflare for DNS and setup the DNS records automatically using Terraform.

Buy Me a Coffee at ko-fi.com

Related Posts

8/16/2023

Create AKS cluster and ACR with Terraform

In this we will create Azure Kubernetes (AKS) cluster and Azure Container Registry (ACR).

8/14/2023

Azure Deployment for .Net - Introduction - Prerequisites

This is the introduction to the Azure Deployment for .Net series.