Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[925] Migrate development cluster to Azure RBAC #146

Merged
merged 11 commits into from
Jan 30, 2024
Merged

[925] Migrate development cluster to Azure RBAC #146

merged 11 commits into from
Jan 30, 2024

Conversation

saliceti
Copy link
Member

@saliceti saliceti commented Jan 19, 2024
edited
Loading

Context

Migration of clusters to Azure RBAC. This enables it for the development cluster.

Changes proposed in this pull request

  • Add option to enable Azure RBAC for each cluster
  • Configure kubernetes and helm providers
  • Update new service template
  • Fix issues with cloning process

Guidance to review

Build a new dev cluster using the new PIM set up

Checklist

  • I have performed a self-review of my code, including formatting and typos
  • I have cleaned the commit history
  • I have added the Devops label
  • I have attached the pull request to the trello card

@saliceti saliceti force-pushed the 112-spike-azure-rbac-for-aks branch from d57e0f7 to 0c2878d Compare January 19, 2024 18:19
@saliceti saliceti force-pushed the 112-spike-azure-rbac-for-aks branch 3 times, most recently from d8a3693 to 298de4a Compare January 23, 2024 19:14
@saliceti
Copy link
Member Author

RBAC: Migrate clusters - Development

@saliceti
Enable Azure RBAC on AKS
37cfc23 
Add option to enable Azure RBAC:
- Disable local admin authentication
- Allow admin login from AD group. Each cluster has its own AD group.
@saliceti
Enable RBAC in development
1087d02
@saliceti saliceti force-pushed the 112-spike-azure-rbac-for-aks branch from 298de4a to 5ca7a51 Compare January 25, 2024 17:51
@saliceti saliceti force-pushed the 112-spike-azure-rbac-for-aks branch from 5ca7a51 to 85c0631 Compare January 25, 2024 17:56
@saliceti saliceti changed the title 112 spike azure rbac for aks [925] Migrate development cluster to Azure RBAC Jan 25, 2024
@saliceti saliceti force-pushed the 112-spike-azure-rbac-for-aks branch from 85c0631 to 82cde29 Compare January 25, 2024 18:02
@saliceti
Update new service template
a4e784a
@saliceti
Delete unused terraform variable
1f72d4c
@saliceti
Fix ingress bug with clone
56cc7a3 
The clone cluster must ignore the public IP configuration from the main
cluster as it relies on the default IP mangaged by ingress-nginx
@saliceti
Ignore gatekeeper-system namespace in export
56dddfc 
This is an internal namespace (used by Azure Policy for Kubernetes clusters)
@saliceti
Update cluster rebuild documentation
ea7db65
@saliceti saliceti force-pushed the 112-spike-azure-rbac-for-aks branch from 82cde29 to ea7db65 Compare January 25, 2024 18:10
@saliceti saliceti marked this pull request as ready for review January 25, 2024 18:12
@saliceti saliceti merged commit 1cfd963 into main Jan 30, 2024
4 checks passed
@saliceti saliceti deleted the 112-spike-azure-rbac-for-aks branch January 30, 2024 17:35
@saliceti saliceti mentioned this pull request Feb 2, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johnake johnake johnake approved these changes

Assignees
No one assigned
Labels
DevOps
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@saliceti @johnake