terraform-azure-truefoundry-cluster

Truefoundry Azure Cluster Module

Requirements

Name	Version
terraform	>= 1.8
azurerm	>= 3.107.0

Providers

Name	Version
azurerm	>= 3.107.0

Modules

Name	Source	Version
aks	Azure/aks/azurerm	10.2.0

Resources

Name	Type
azurerm_monitor_diagnostic_setting.cluster_autoscaler_diagnostic	resource
azurerm_role_assignment.network_contributor_cluster	resource
azurerm_user_assigned_identity.cluster	resource
azurerm_kubernetes_cluster.cluster	data source

Inputs

Name	Description	Type	Default	Required
allowed_ip_ranges	Allowed IP ranges to connect to the cluster	list(string)	[ "0.0.0.0/0" ]	no
autoscaler_profile_expander	Expander for the autoscaler profile. Possible values are least-waste, priority, most-pods and random. Defaults to least-waste	string	"least-waste"	no
autoscaler_profile_max_graceful_termination_sec	Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 180	number	180	no
autoscaler_profile_max_node_provisioning_time	Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15 minutes	string	"15m"	no
autoscaler_profile_max_unready_nodes	Maximum Number of allowed unready nodes. Defaults to 3	number	3	no
autoscaler_profile_scale_down_delay_after_add	Scale down delay after add for the autoscaler profile	string	"2m"	no
autoscaler_profile_scale_down_delay_after_delete	Scale down delay after delete for the autoscaler profile	string	"30s"	no
autoscaler_profile_scale_down_unneeded	Scale down unneeded for the autoscaler profile	string	"1m"	no
autoscaler_profile_scale_down_unready	Scale down unready for the autoscaler profile	string	"2m"	no
autoscaler_profile_scale_down_utilization_threshold	Scale down utilization threshold for the autoscaler profile	number	0.7	no
autoscaler_profile_skip_nodes_with_local_storage	Skip nodes with pods with local storage, for example, EmptyDir or HostPath	bool	false	no
autoscaler_profile_skip_nodes_with_system_pods	Skip nodes with system pods for the autoscaler profile	bool	true	no
cluster_autoscaler_diagnostic_enable_override	Enable overriding of the cluster autoscaler diagnostic setting name.	bool	false	no
cluster_autoscaler_diagnostic_override_name	Cluster autoscaler diagnostic setting name. Default is '-cluster-autoscaler'	string	""	no
cluster_cost_analysis_enabled	Enable cluster cost analysis	bool	false	no
cluster_data_collection_settings	Cluster data collection settings. data_collection_interval - Determines how often the agent collects data. Valid values are 1m - 30m in 1m intervals. Default is 1m. namespace_filtering_mode_for_data_collection - Can be 'Include', 'Exclude', or 'Off'. Determines how namespaces are filtered for data collection. namespaces_for_data_collection - List of Kubernetes namespaces for data collection based on the filtering mode. container_log_v2_enabled - Flag to enable the ContainerLogV2 schema for collecting logs. See more details: https://learn.microsoft.com/en-us/azure/azure-monitor/containers/container-insights-data-collection-configure?tabs=cli#configure-dcr-with-azure-portal-1	object({ data_collection_interval = string namespace_filtering_mode_for_data_collection = string namespaces_for_data_collection = list(string) container_log_v2_enabled = bool })	{ "container_log_v2_enabled": true, "data_collection_interval": "1m", "namespace_filtering_mode_for_data_collection": "Off", "namespaces_for_data_collection": [ "kube-system", "gatekeeper-system", "azure-arc" ] }	no
cluster_monitor_data_collection_rule_data_sources_syslog_facilities	Syslog supported facilities as documented here: https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-syslog	list(string)	[ "auth", "authpriv", "cron", "daemon", "mark", "kern", "local0", "local1", "local2", "local3", "local4", "local5", "local6", "local7", "lpr", "mail", "news", "syslog", "user", "uucp" ]	no
cluster_monitor_data_collection_rule_data_sources_syslog_levels	List of syslog levels	list(string)	[ "Debug", "Info", "Notice", "Warning", "Error", "Critical", "Alert", "Emergency" ]	no
cluster_monitor_data_collection_rule_enabled	Enable cluster monitor data collection rule	bool	true	no
cluster_monitor_data_collection_rule_extensions_streams	An array of container insights table streams. See documentation in DCR for a list of the valid streams and their corresponding table: https://learn.microsoft.com/en-us/azure/azure-monitor/containers/container-insights-data-collection-configure?tabs=portal#stream-values-in-dcr	list(string)	[ "Microsoft-ContainerLog", "Microsoft-ContainerLogV2", "Microsoft-KubeEvents", "Microsoft-KubePodInventory", "Microsoft-KubeNodeInventory", "Microsoft-KubePVInventory", "Microsoft-KubeServices", "Microsoft-KubeMonAgentEvents", "Microsoft-InsightsMetrics", "Microsoft-ContainerInventory", "Microsoft-ContainerNodeInventory", "Microsoft-Perf" ]	no
cluster_monitor_metrics	Specifies a Prometheus add-on profile for the Kubernetes Cluster object({ annotations_allowed = '(Optional) Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.' labels_allowed = '(Optional) Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.' })	object({ annotations_allowed = optional(string) labels_allowed = optional(string) })	null	no
control_plane	Whether the cluster is control plane	bool	n/a	yes
control_plane_instance_type	Control plane nodepool instance type	string	"Standard_D4s_v5"	no
cpu_pools	CPU pools to be attached	list(object({ name = string instance_type = string min_count = optional(number, 0) max_count = optional(number, 2) enable_spot_pool = optional(bool, true) enable_on_demand_pool = optional(bool, true) }))	n/a	yes
critical_node_pool_enabled	Enable Critical nodepool for the cluster	bool	true	no
critical_node_pool_instance_type	Critical nodepool instance type	string	"Standard_D4s_v5"	no
disk_driver_version	Version of disk driver. Supported values v1 and v2	string	"v1"	no
disk_size	Disk size of the initial node pool in GB	string	"100"	no
dns_ip	IP from service CIDR used for internal DNS	string	"10.255.0.10"	no
enable_auto_scaling	Enable auto scaling for the cluster	bool	true	no
enable_autoscaler_profile	Enable autoscaler profile for the cluster	bool	true	no
enable_blob_driver	Enable blob storage provider	bool	true	no
enable_disk_driver	Enable disk storage provider	bool	true	no
enable_file_driver	Enable file storage provider	bool	true	no
enable_snapshot_controller	Enable snapshot controller	bool	true	no
enable_storage_profile	Enable storage profile for the cluster. If disabled enable_blob_driver, enable_file_driver, enable_disk_driver and enable_snapshot_controller will have no impact	bool	true	no
gpu_pools	GPU pools to be attached	list(object({ name = string instance_type = string min_count = optional(number, 0) max_count = optional(number, 2) enable_spot_pool = optional(bool, true) enable_on_demand_pool = optional(bool, true) }))	n/a	yes
initial_node_pool_count	Count for the initial node pool. Used only when autoscaling is disabled	number	2	no
initial_node_pool_instance_type	Instance size of the initial node pool	string	"Standard_D4s_v5"	no
initial_node_pool_max_count	Max count in the initial node pool	number	2	no
initial_node_pool_max_surge	Max surge in percentage for the intial node pool	string	"10"	no
initial_node_pool_min_count	Min count in the initial node pool	number	1	no
initial_node_pool_name	Name of the initial node pool	string	"initial"	no
kubernetes_version	Version of the kubernetes engine	string	"1.33"	no
location	Location of the resource group	string	n/a	yes
log_analytics_workspace_enable_override	Enable overriding of the log analytics workspace name.	bool	false	no
log_analytics_workspace_enabled	value to enable log analytics workspace	bool	true	no
log_analytics_workspace_override_name	Log analytics workspace name. Default is '-log-analytics'	string	""	no
max_pods_per_node	Max pods per node	number	32	no
name	Name of the cluster. If use_existing_cluster is enabled name is used to fetch details of existing cluster	string	n/a	yes
network_data_plane	Network data plane to use for cluster.Possible values are azure and cilium	string	"azure"	no
network_plugin	Network plugin to use for cluster	string	"azure"	no
network_plugin_mode	Network plugin mode to use for cluster	string	"overlay"	no
oidc_issuer_enabled	Enable OIDC for the cluster	bool	true	no
orchestrator_version	Kubernetes version for the orchestration layer (nodes). By default it will be derived with var.kubernetes_version until passed explicitly	string	"1.33"	no
pod_cidr	CIDR of the pod in cluster	string	"10.244.0.0/16"	no
private_cluster_enabled	Private cluster	bool	false	no
rbac_aad	Enable RBAC for the cluster	bool	false	no
rbac_aad_azure_rbac_enabled	Enable Azure RBAC for the cluster	bool	false	no
resource_group_name	Name of the resource group	string	n/a	yes
role_based_access_control_enabled	Enable role based access control for the cluster	bool	true	no
service_cidr	CIDR of the services in cluster	string	"10.255.0.0/16"	no
sku_tier	SKU tier of the cluster. Defaults to standard	string	"Standard"	no
subnet_id	Subnet Id for the cluster	string	n/a	yes
tags	A map of tags to add to all resources	map(string)	{}	no
use_existing_cluster	Flag to reuse existing cluster	bool	false	no
vnet_id	Vnet ID for the cluster	string	n/a	yes
workload_identity_enabled	Enable workload identity in the cluster	bool	true	no

Outputs

Name	Description
cluster_endpoint	Endpoint for your Kubernetes API server
cluster_host	The host in the azurerm_kubernetes_cluster's kube_config block. The Kubernetes cluster server host.
cluster_id	The name/id of the EKS cluster. Will block on cluster creation until the cluster is really ready
cluster_identity	The azurerm_kubernetes_cluster's identity block.
cluster_name	Name of the cluster
cluster_networking_profile	Networking profile of the cluster
cluster_oidc_issuer_url	OIDC issuer url of the cluster
use_existing_cluster	Flag to check if an existing cluster is used