AKS-AGIC-tf-test

Architecture

Resource groups with virtual network and subnets(node, pod, agic)
Application Gateway Standard V2 with private ip only
AKS cluster using Azure CNI v2 with Managed Identity(System Assigned)
Application Gateway Ingress Controller(AGIC) with RBAC settings to access AKS cluster.

Create aks-rg-{index-number} resource group, virtual network and subents(node, pod, agic)
Create application gateway.
Create AKS cluster with AGIC id option.
Add RBAC for AGIC to access AKS cluster.

Follow this documentation to enable private ip only preview for Application Gateway Standard V2. This settings must be done before terraform apply.
Set resource_count in variables.tf to the number of resource groups you want to create. (default: 5)

kubectl apply -f test-app.yaml

Since we only have private ip, access the application gateway from the AKS cluster's pod.

kubectl run test-pod --image=nginx
kubectl exec -it test-pod -- /bin/bash
curl -I http://<app-gateway-ip>

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
.gitignore		.gitignore
README.md		README.md
agic-mi-config.tf		agic-mi-config.tf
agic.tf		agic.tf
aks.tf		aks.tf
output.tf		output.tf
providers.tf		providers.tf
rg.tf		rg.tf
test-app.yaml		test-app.yaml
variables.tf		variables.tf