[INT] various updates to AKS deployment scripts

[integration.git] / deployment / aks / create_aks.sh

#!/bin/bash
# Copyright 2019 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
NO_PROMPT=0
RANDOM_PREFIX="ONAP"
RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4`

AKS_NAME=
AKS_RESOURCE_GROUP_NAME=
AKS_K8_VERSION=
LOCATION=
AKS_NODE_COUNT=
AKS_NODE_SIZE=
AKS_SERVICE_CIDR=
AKS_POD_CIDR=
AKS_DNS_IP=
AKS_NODE_CIDR=
AKS_NETWORK_NAME=
USER_PUBLIC_IP_PREFIX=
PUBLIC_KEY=
AKS_ADMIN_USER=

function check_required_parameter() {
  # arg1 = parameter
  # arg2 = parameter name
  if [ -z "$1" ]; then
    echo "$2 was not was provided. This parameter is required."
    exit 1
  fi
}

function check_optional_paramater() {
  # arg1 = parameter
  # arg2 = default
  if [ -z "$1" ]; then
    echo "$2"
  else
    echo "$1"
  fi
}


while test $# -gt 0; do
  case "$1" in
    -h|--help)
      echo "./create_aks.sh [options]"
      echo " "
      echo " "
      echo "required:"
      echo "--user-public-ip            public ip that will be granted access to AKS [required]"
      echo "--admin-user                admin user created on AKS nodes [required]"
      echo "--public-key                public key added for admin user [required]"
      echo "-l, --location              location to deploy AKS [required]"
      echo " "
      echo "additional options:"
      echo "-f, --no-prompt             executes with no prompt for confirmation"
      echo "-h, --help                  provide brief overview of script"
      echo "-n, --name                  AKS name [optional]"
      echo "-g, --resource-group        name of resource group that will be created [optional]"
      echo "-s, --size                  azure flavor size for Kube nodes [optional]"
      echo "-v, --kube-version          version of Kubernetes for cluster [optional]"
      echo "-c, --node-count            number of nodes for cluster [optional]"
      echo "--service-cidr              cidr for Kuberenetes services [optional]."
      echo "--dns-ip                    IP for Kuberenetes dns service [optional]. This should be from --service-cidr."
      echo "--pod-cidr                  cidr for Kuberenetes pods [optional]."
      echo "--node-cidr                 cidr for Kuberenetes nodes [optional]."
      echo "--vnet-name                 name of Vnet to create for Kubernetes Cluster [optional]"
      echo ""
      exit 0
      ;;
    -f|--no-prompt)
      shift
      NO_PROMPT=1
      ;;
    -n|--name)
      shift
      AKS_NAME=$1
      shift
      ;;
    -g|--resource-group)
      shift
      AKS_RESOURCE_GROUP_NAME=$1
      shift
      ;;
    -s|--size)
      shift
      AKS_NODE_SIZE=$1
      shift
      ;;
    -l|--location)
      shift
      LOCATION=$1
      shift
      ;;
    -v|--kube-version)
      shift
      AKS_K8_VERSION=$1
      shift
      ;;
    -c|--node-count)
      shift
      AKS_NODE_COUNT=$1
      shift
      ;;
    --service-cidr)
      shift
      AKS_SERVICE_CIDR=$1
      shift
      ;;
    --dns-ip)
      shift
      AKS_DNS_IP=$1
      shift
      ;;
    --pod-cidr)
      shift
      AKS_POD_CIDR=$1
      shift
      ;;
    --node-cidr)
      shift
      AKS_NODE_CIDR=$1
      shift
      ;;
    --vnet-name)
      shift
      AKS_NETWORK_NAME=$1
      shift
      ;;
    --user-public-ip)
      shift
      USER_PUBLIC_IP_PREFIX=$1
      shift
      ;;
    --admin-user)
      shift
      AKS_ADMIN_USER=$1
      shift
      ;;
    --public-key)
      shift
      PUBLIC_KEY=$1
      shift
      ;;
    *)
      echo "Unknown Argument $1. Try running with --help."
      exit 0
      ;;
  esac
done

check_required_parameter "$LOCATION" "--location"
check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip"
check_required_parameter "$AKS_ADMIN_USER" "--admin-user"
check_required_parameter "$PUBLIC_KEY" "--public-key"

AKS_RESOURCE_GROUP_NAME=$(check_optional_paramater "$AKS_RESOURCE_GROUP_NAME" $RANDOM_STRING"-AKSRG")
AKS_NAME=$(check_optional_paramater "$AKS_NAME" $RANDOM_STRING"-AKS")
AKS_NODE_SIZE=$(check_optional_paramater "$AKS_NODE_SIZE" "Standard_DS4_v2")
AKS_POD_CIDR=$(check_optional_paramater "$AKS_POD_CIDR" "168.1.0.0/16")
AKS_NODE_CIDR=$(check_optional_paramater "$AKS_NODE_CIDR" "169.1.0.0/16")
AKS_NETWORK_NAME=$(check_optional_paramater "$AKS_NETWORK_NAME" $RANDOM_STRING"-AKS-VNET")
AKS_SERVICE_CIDR=$(check_optional_paramater "$AKS_SERVICE_CIDR" "170.1.0.0/16")
AKS_DNS_IP=$(check_optional_paramater "$AKS_DNS_IP" "170.1.0.10")
AKS_K8_VERSION=$(check_optional_paramater "$AKS_K8_VERSION" "1.13.5")
AKS_NODE_COUNT=$(check_optional_paramater "$AKS_NODE_COUNT" "7")

if [ $NO_PROMPT = 0 ]; then
  read -p "Would you like to proceed? [y/n]" -n 1 -r
  echo " "
  if [[ ! $REPLY =~ ^[Yy]$ ]]
  then
      exit 0
  fi
fi

set -x
set -e

AKS_SUBNET_NAME=$AKS_NETWORK_NAME"-SUBNET"

echo "Creating AKS Resource Group $AKS_RESOURCE_GROUP_NAME in $LOCATION"
$DIR/create_resource_group.sh "$AKS_RESOURCE_GROUP_NAME" "$LOCATION"

az network vnet create --resource-group "$AKS_RESOURCE_GROUP_NAME" \
                       --name "$AKS_NETWORK_NAME" \
                       --address-prefix "$AKS_NODE_CIDR" \
                       --subnet-name "$AKS_SUBNET_NAME" \
                       --subnet-prefix "$AKS_NODE_CIDR"

AKS_SUBNET_ID=`az network vnet show --resource-group ${AKS_RESOURCE_GROUP_NAME} --name ${AKS_NETWORK_NAME} --query "subnets | [0] | id" --output tsv`

az aks create --name "$AKS_NAME" \
              --resource-group "$AKS_RESOURCE_GROUP_NAME" \
              --disable-rbac \
              --kubernetes-version "$AKS_K8_VERSION" \
              --location "$LOCATION" \
              --node-count "$AKS_NODE_COUNT" \
              --node-vm-size "$AKS_NODE_SIZE" \
              --service-cidr "$AKS_SERVICE_CIDR" \
              --pod-cidr "$AKS_POD_CIDR" \
              --network-plugin "kubenet" \
              --dns-service-ip "$AKS_DNS_IP" \
              --admin-username "$AKS_ADMIN_USER" \
              --ssh-key-value "$PUBLIC_KEY" \
              --vnet-subnet-id "$AKS_SUBNET_ID" \
              --vm-set-type "AvailabilitySet" \
              --load-balancer-sku "basic"
echo ""

AKS_MANAGEMENT_RESOURCE_GROUP_NAME=`az group list --query "[?starts_with(name, 'MC_${AKS_RESOURCE_GROUP_NAME}')].name | [0]" --output tsv`
AKS_NSG_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | name" --output tsv`
AKS_NSG_ID=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | id" --output tsv`

echo "Associating Security Group with AKS Subnet ${AKS_SUBNET_NAME}"
az network vnet subnet update --resource-group="$AKS_RESOURCE_GROUP_NAME" \
                              --name "$AKS_SUBNET_NAME" \
                              --vnet-name "$AKS_NETWORK_NAME" \
                              --network-security-group "$AKS_NSG_ID"

for ((i=0;i<$AKS_NODE_COUNT;i++)); do
  NIC_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkInterfaces" --query "[$i] | name" --output tsv`
  echo "Associating Security Group ${AKS_NSG_NAME} with AKS Node NIC ${NIC_NAME}"
  az network nic update --resource-group "$AKS_MANAGEMENT_RESOURCE_GROUP_NAME" -n "$NIC_NAME" --network-security-group "$AKS_NSG_NAME"
  echo ""
done