So I’ve previously done posts on the TerraForm template that I built to support creating a kubernetes cluster. The intention behind this was to provide a solution for standing up a kubernetes cluster in Azure Government. To see more information on that cluster, I have a blog post here.
Now one of the questions I did get with it, is “How do we integrate this with Azure Container Registry?” And for those not familiar, Azure Container Registry is a PaaS offering that Azure provides that allows you to push your container images to a docker registry and not have to manage the underlying VM, patching, updates, and other maintenance. This allows you to just pay for the space to store the container images, which admittedly are very small.
The first part of implementing this logic was to create the Container Registry in TerraForm by using the following.
A key note is that the use of the “count
” variable is to enable that this registry will not be created unless you create a “lkma
” which is the VM that operates as the master.
resource "azurerm_container_registry" "container-registry" {
count = "${lookup(var.instance_counts, "lkma", 0) == 0 ? 0 : 1}"
name = "containerRegistry1"
resource_group_name = "${azurerm_resource_group.management.name}"
location = "${var.azure_location}"
admin_enabled = true
sku = "Standard"
depends_on = ["azurerm_role_assignment.kub-ad-sp-ra-kv1"]
}
So honestly didn’t require that much in the way of work. For the next part, it is literally just adding a few lines of code to enable the connection between the registry and the kubernetes cluster. Those lines are the following:
echo 'Configure ACR registry for Kubernetes cluster'
kubectl create secret docker-registry <SECRET_NAME> --docker-server $5
--docker-email $6 --docker-username=$7 --docker-password $8
echo 'Script Completed'
So really, that is about it. I’ve already made these changes to the GitHub template, so please check it out. The above lines of code allow a user principal information that I pass to the script to be used to connect the Azure container registry to my cluster. That’s really about it!
My name is Kevin Mack, I'm a software developer in the Harrisburg Area. I have been a software developer since 2005, and in that time have worked on a large variety of projects. Everything from small applications, to mobile and Enterprise solutions. I love technology and enjoy my work and am always looking to learn something new. In my spare time I love spending time with my family, and learning new ways to leverage technology to make people's lives better. If you ask me what I do, I'll probably tell you I can paid to solve problems all-day-every-day.
Check out my blog at https://kmack.azurewebsites.net/ and https://totalalm.azurewebsites.net/