From a121464c61fbdcec6df30069292aede825ae0632 Mon Sep 17 00:00:00 2001 From: Arnaud Lheureux Date: Tue, 6 Jul 2021 11:08:44 +0000 Subject: [PATCH 1/3] Refresh 2107 --- .devcontainer/devcontainer.json | 2 +- .devcontainer/docker-compose.yml | 2 +- configuration/README.md | 4 ++-- configuration/demo/level3/aks/README.md | 2 +- .../aks_secure_baseline/01-terraform.md | 2 +- .../aks/online/aks_secure_baseline/02-aks.md | 4 ++-- .../aks/online/aks_secure_baseline/README.md | 8 +++---- .../configuration/agw/agw.tfvars | 2 +- .../configuration/agw/agw_application.tfvars | 10 ++++---- .../configuration/agw/domain.tfvars | 14 +++++------ .../configuration/aks.tfvars | 24 +++++++++---------- .../configuration/keyvault/keyvaults.tfvars | 10 ++++---- ...lication_rule_collection_definition.tfvars | 2 +- ..._network_rule_collection_definition.tfvars | 2 +- .../configuration/networking/firewalls.tfvars | 2 +- .../configuration/networking/ip_groups.tfvars | 4 ++-- .../configuration/networking/nsg.tfvars | 2 +- .../networking/public_ips.tfvars | 2 +- .../configuration/resource_groups.tfvars | 2 +- .../aks/101-single-cluster/README.md | 2 +- .../aks/102-multi-nodepools/README.md | 2 +- .../aks/103-multi-clusters/README.md | 2 +- .../aks/104-private-cluster/readme.md | 4 ++-- .../aks/401-blue-green-nodepool/README.md | 8 +++---- .../applications/argocd/README.md | 2 +- .../applications/flux/README.md | 4 ++-- .../data_analytics/README.md | 3 ++- .../databricks/101-simple-cluster/README.md | 4 ++-- .../cluster/databricks.tfvars | 6 ++--- .../101-simple-cluster/databricks.tfvars | 6 +---- .../101-aml-workspace/README.md | 2 +- .../102-aml-workspace-compute/README.md | 2 +- .../data_analytics/machine_learning/readme.md | 2 +- .../101-synapse-workspace/README.md | 2 +- .../102-synapse-workspace-pool/README.md | 2 +- sap | 1 - 36 files changed, 75 insertions(+), 79 deletions(-) delete mode 160000 sap diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index a03e7a46..94895d35 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -32,7 +32,7 @@ // "shutdownAction": "none", // Uncomment the next line to run commands after the container is created. - "postCreateCommand": "cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chmod 600 ~/.ssh/* && pre-commit install && pre-commit autoupdate && sudo chown -R $(whoami) /tf/caf && git config --global core.editor vi", + "postCreateCommand": "cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chmod 600 ~/.ssh/* && sudo chown -R $(whoami) /tf/caf && git config --global core.editor vi && pre-commit install && pre-commit update", // Add the IDs of extensions you want installed when the container is created in the array below. "extensions": [ diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index ce204904..a27fbea4 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -6,7 +6,7 @@ version: '3.7' services: rover: - image: aztfmod/rover:0.15.4-2105.2603 + image: aztfmod/rover:1.0.1-2106.3012 user: vscode labels: diff --git a/configuration/README.md b/configuration/README.md index 4e41668d..78524a96 100644 --- a/configuration/README.md +++ b/configuration/README.md @@ -29,10 +29,10 @@ You can either click "Use this template" at the root of this GitHub repository, First step is to get the landing zones logic in the same work space, so let's clone the environment locally: ```bash -git clone --branch 2106.1 https://github.com/Azure/caf-terraform-landingzones.git /tf/caf/landingzones +git clone --branch 2107.0 https://github.com/Azure/caf-terraform-landingzones.git /tf/caf/landingzones # Or refresh an existing clone cd /tf/caf/landingzones -git checkout 2106.1 +git checkout 2107.0 git pull ``` diff --git a/configuration/demo/level3/aks/README.md b/configuration/demo/level3/aks/README.md index 8dcf8cd0..1ca595b6 100644 --- a/configuration/demo/level3/aks/README.md +++ b/configuration/demo/level3/aks/README.md @@ -51,7 +51,7 @@ rover -lz /tf/caf/landingzones/caf_solution/ \ -level level3 \ -env ${environment} \ -a [plan|apply|destroy] - + ``` ## Destroy an AKS landing zone deployment diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/01-terraform.md b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/01-terraform.md index e0a58448..85f70b3f 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/01-terraform.md +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/01-terraform.md @@ -46,7 +46,7 @@ az account set --subscription {SUBSCRIPTIONID} # If you are running in Azure Cloud Shell, you need to run the following additional command: export TF_VAR_logged_user_objectId=$(az ad signed-in-user show --query objectId -o tsv) -# Go to the AKS construction set folder +# Go to the AKS construction set folder cd caf-terraform-landingzones-starter/enterprise_scale/construction_sets/aks configuration_folder=online/aks_secure_baseline/configuration diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/02-aks.md b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/02-aks.md index d2220dfb..4391a9cf 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/02-aks.md +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/02-aks.md @@ -7,7 +7,7 @@ Make sure the current folder is "*enterprise_scale/construction_sets/aks*" ```bash # Login to the AKS if in ESLZ echo $(terraform output -json | jq -r .aks_clusters_kubeconfig.value.cluster_re1.aks_kubeconfig_cmd) | bash - + # Otherwise use this to login echo $(terraform output -json | jq -r .aks_clusters_kubeconfig.value.cluster_re1.aks_kubeconfig_admin_cmd) | bash @@ -115,7 +115,7 @@ If there is a need to change the folder to your own folk, please modify [flux.ya # Get the ingress controller subnet name ingress_subnet_name=$(terraform output -json | jq -r .vnets.value.vnet_aks_re1.subnets.aks_ingress.name) # Update the traefik yaml - # Mac UNIX: + # Mac UNIX: sed -i "" "s/azure-load-balancer-internal-subnet:.*/azure-load-balancer-internal-subnet:\ ${ingress_subnet_name}/g" online/aks_secure_baseline/workloads/baseline/traefik.yaml # Linux: diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/README.md b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/README.md index 25d51a7d..cdfbbb4c 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/README.md +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/README.md @@ -10,7 +10,7 @@ This implementation is based on [Cloud Adoption Framework Landing Zones for Terr ## Applied Azure Policies for Online Landing zones -The list below details only notable Policies for this implementation, it is not exhaustive. +The list below details only notable Policies for this implementation, it is not exhaustive. Please view Azure Policy portal or [List all assigned Azure Policies](#list-all-assigned-azure-policies) section to list out the details of assigned policies | Policy | Config files | @@ -30,7 +30,7 @@ Please view Azure Policy portal or [List all assigned Azure Policies](#list-all- az policy assignment list --disable-scope-strict-match # To view details of assigned Policies of the a resource -az policy assignment list --disable-scope-strict-match --scope {RESOURCEID} +az policy assignment list --disable-scope-strict-match --scope {RESOURCEID} ``` ## Prerequisites @@ -86,10 +86,10 @@ If you opt-in to setup a shell on your machine, there are required access and to sudo apt install jq ``` - kubectl: For more information visit [here](https://kubernetes.io/docs/tasks/tools/install-kubectl/) + kubectl: For more information visit [here](https://kubernetes.io/docs/tasks/tools/install-kubectl/) ```bash - # kubectl: + # kubectl: curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl ``` diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/agw.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/agw.tfvars index 5dcb99d6..2bb9e767 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/agw.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/agw.tfvars @@ -53,7 +53,7 @@ application_gateways = { trusted_root_certificate = { wildcard_ingress = { name = "wildcard-ingress" - # data = + # data = keyvault_key = "secrets" } } diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/agw_application.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/agw_application.tfvars index 2d821090..b8a24de1 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/agw_application.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/agw_application.tfvars @@ -11,12 +11,12 @@ application_gateway_applications = { front_end_port_key = "443" # host_name = "www.y4plq60ubbbiop9w1dh36tlgfpxqctfj.com" dns_zone = { - key = "dns_zone1" + key = "dns_zone1" record_type = "a" - record_key = "agw" + record_key = "agw" } - request_routing_rule_key = "default" + request_routing_rule_key = "default" # key_vault_secret_id = "" # keyvault_certificate = { # certificate_key = "aspnetapp.cafdemo.com" @@ -39,10 +39,10 @@ application_gateway_applications = { protocol = "Https" pick_host_name_from_backend_address = true # trusted_root_certificate_names = ["wildcard-ingress"] - trusted_root_certificate_names = ["wildcard-ingress"] + trusted_root_certificate_names = ["wildcard-ingress"] } - + backend_pool = { fqdns = [ diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/domain.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/domain.tfvars index 61a8b64b..0477d62c 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/domain.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/agw/domain.tfvars @@ -8,12 +8,12 @@ dns_zones = { records = { a = { agw = { - name = "@" - # records = ["10.0.0.0"] + name = "@" + # records = ["10.0.0.0"] resource_id = { - public_ip_address = { - key = "agw_pip1_re1" - } + public_ip_address = { + key = "agw_pip1_re1" + } } } } @@ -24,7 +24,7 @@ dns_zones = { domain_name_registrations = { # # Register for a random domain name - # As dnsType as not be set + # As dnsType as not be set # random_domain = { name = "" // Set as empty for CI. this will creation a random_domain_name.com @@ -70,4 +70,4 @@ domain_name_registrations = { } } } -} +} diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/aks.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/aks.tfvars index 8b1e3bac..ceb7d70e 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/aks.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/aks.tfvars @@ -3,7 +3,7 @@ aks_clusters = { name = "akscluster-re1-001" resource_group_key = "aks_re1" os_type = "Linux" - + diagnostic_profiles = { operations = { name = "aksoperations" @@ -18,7 +18,7 @@ aks_clusters = { } # kubernetes_version = "1.19.6" - vnet_key = "vnet_aks_re1" + vnet_key = "vnet_aks_re1" network_profile = { network_plugin = "azure" @@ -41,7 +41,7 @@ aks_clusters = { addon_profile = { oms_agent = { - enabled = true + enabled = true log_analytics_key = "central_logs_region1" } azure_policy = { @@ -77,15 +77,15 @@ aks_clusters = { node_pools = { pool1 = { - name = "npuser01" - mode = "User" - subnet_key = "aks_nodepool_user1" - max_pods = 30 - vm_size = "Standard_DS3_v2" - node_count = 3 - os_disk_type = "Ephemeral" - enable_auto_scaling = false - os_disk_size_gb = 120 + name = "npuser01" + mode = "User" + subnet_key = "aks_nodepool_user1" + max_pods = 30 + vm_size = "Standard_DS3_v2" + node_count = 3 + os_disk_type = "Ephemeral" + enable_auto_scaling = false + os_disk_size_gb = 120 # orchestrator_version = "1.19.6" tags = { "project" = "user services" diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/keyvault/keyvaults.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/keyvault/keyvaults.tfvars index 9c7b843e..3b446634 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/keyvault/keyvaults.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/keyvault/keyvaults.tfvars @@ -12,22 +12,22 @@ keyvaults = { creation_policies = { logged_in_user = { # if the key is set to "logged_in_user" add the user running terraform in the keyvault policy - secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"] + secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"] certificate_permissions = ["Create", "Get", "List", "Delete", "Purge", "Recover"] } ingress_msi = { - managed_identity_key = "ingress" - secret_permissions = ["Get"] + managed_identity_key = "ingress" + secret_permissions = ["Get"] certificate_permissions = ["Get"] } - + apgw_keyvault_secrets = { managed_identity_key = "apgw_keyvault_secrets" certificate_permissions = ["Get"] secret_permissions = ["Get"] } - + } } } diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewall_application_rule_collection_definition.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewall_application_rule_collection_definition.tfvars index 464e351f..6fb9afc4 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewall_application_rule_collection_definition.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewall_application_rule_collection_definition.tfvars @@ -115,7 +115,7 @@ azurerm_firewall_application_rule_collection_definition = { # source_addresses = [ # "*", # ] - + source_ip_groups_keys = [ "aks_ip_group1" ] diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewall_network_rule_collection_definition.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewall_network_rule_collection_definition.tfvars index cebec4d3..b46ce24a 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewall_network_rule_collection_definition.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewall_network_rule_collection_definition.tfvars @@ -50,7 +50,7 @@ azurerm_firewall_network_rule_collection_definition = { "aks_ip_group1" ] destination_ports = [ - "443","9000","22" + "443", "9000", "22" ] destination_addresses = [ "AzureCloud" diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewalls.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewalls.tfvars index 0c889942..0aae8605 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewalls.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/firewalls.tfvars @@ -4,7 +4,7 @@ azurerm_firewalls = { resource_group_key = "vnet_hub_re1" vnet_key = "vnet_hub_re1" # public_ip_key = "firewall_re1" # if this is defined, public_ip_keys is ignored - public_ip_keys = ["firewall_re1","firewall_pip2_re1"] + public_ip_keys = ["firewall_re1", "firewall_pip2_re1"] azurerm_firewall_network_rule_collections = [ "aks" diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/ip_groups.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/ip_groups.tfvars index f09e54a2..42b61248 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/ip_groups.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/ip_groups.tfvars @@ -3,7 +3,7 @@ ip_groups = { name = "aks_ip_group1" # cidrs = ["1.1.1.1/10"] # if cidrs is defined all vnet & subnet are ignored resource_group_key = "aks_spoke_re1" - vnet_key = "vnet_aks_re1" - subnet_keys = ["aks_nodepool_system","aks_nodepool_user1"] # can be either unclared or empty, will take vnet cidr instead + vnet_key = "vnet_aks_re1" + subnet_keys = ["aks_nodepool_system", "aks_nodepool_user1"] # can be either unclared or empty, will take vnet cidr instead } } diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/nsg.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/nsg.tfvars index 4b08de42..04807d8c 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/nsg.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/nsg.tfvars @@ -6,7 +6,7 @@ network_security_group_definition = { # This entry is applied to all subnets with no NSG defined azure_kubernetes_cluster_nsg = { nsg = [ - + ] } azure_bastion_nsg = { diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/public_ips.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/public_ips.tfvars index fbcc3842..a8a034e6 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/public_ips.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/networking/public_ips.tfvars @@ -38,5 +38,5 @@ public_ip_addresses = { idle_timeout_in_minutes = "4" } - + } diff --git a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/resource_groups.tfvars b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/resource_groups.tfvars index 0ae43885..828c6e77 100644 --- a/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/resource_groups.tfvars +++ b/enterprise_scale/construction_sets/aks/online/aks_secure_baseline/configuration/resource_groups.tfvars @@ -18,7 +18,7 @@ resource_groups = { name = "aks_spoke_re1" region = "region1" } - + ops_re1 = { name = "ops_re1" region = "region1" diff --git a/reference_implementations/azure_kubernetes_services/aks/101-single-cluster/README.md b/reference_implementations/azure_kubernetes_services/aks/101-single-cluster/README.md index f104aa73..986dbab4 100644 --- a/reference_implementations/azure_kubernetes_services/aks/101-single-cluster/README.md +++ b/reference_implementations/azure_kubernetes_services/aks/101-single-cluster/README.md @@ -47,7 +47,7 @@ export random_length=10 # Set the folder name of this example example=101-single-cluster -rover -lz /tf/caf/public/landingzones/caf_solutions/ \ +rover -lz /tf/caf/landingzones/caf_solution/ \ -tfstate landingzone_aks.tfstate \ -var-folder /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example} \ -var tags={example=\"${example}\"} \ diff --git a/reference_implementations/azure_kubernetes_services/aks/102-multi-nodepools/README.md b/reference_implementations/azure_kubernetes_services/aks/102-multi-nodepools/README.md index 93a75dd0..ce6f072c 100644 --- a/reference_implementations/azure_kubernetes_services/aks/102-multi-nodepools/README.md +++ b/reference_implementations/azure_kubernetes_services/aks/102-multi-nodepools/README.md @@ -46,7 +46,7 @@ export environment=[YOUR_ENVIRONMENT] # Set the folder name of this example export example=102-multi-nodepools -rover -lz /tf/caf/public/landingzones/caf_solutions/ \ +rover -lz /tf/caf/landingzones/caf_solution/ \ -tfstate landingzone_aks.tfstate \ -var-folder /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example} \ -var tags={example=\"${example}\"} \ diff --git a/reference_implementations/azure_kubernetes_services/aks/103-multi-clusters/README.md b/reference_implementations/azure_kubernetes_services/aks/103-multi-clusters/README.md index d70ee7a7..a081a9de 100644 --- a/reference_implementations/azure_kubernetes_services/aks/103-multi-clusters/README.md +++ b/reference_implementations/azure_kubernetes_services/aks/103-multi-clusters/README.md @@ -48,7 +48,7 @@ example=103-multi-clusters ### Run AKS landing zone deployment ```bash -rover -lz /tf/caf/public/landingzones/caf_solutions/ \ +rover -lz /tf/caf/landingzones/caf_solution/ \ -tfstate landingzone_aks.tfstate \ -var-folder /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example} \ -var tags={example=\"${example}\"} \ diff --git a/reference_implementations/azure_kubernetes_services/aks/104-private-cluster/readme.md b/reference_implementations/azure_kubernetes_services/aks/104-private-cluster/readme.md index 1d9c0a89..f8ad2fd7 100644 --- a/reference_implementations/azure_kubernetes_services/aks/104-private-cluster/readme.md +++ b/reference_implementations/azure_kubernetes_services/aks/104-private-cluster/readme.md @@ -50,7 +50,7 @@ In this section we add the Azure Firewall in the regional hub. example="104-private-cluster" -rover -lz /tf/caf/public/landingzones/caf_networking/ \ +rover -lz /tf/caf/landingzones/caf_solution/ \ -tfstate networking_hub.tfstate \ -var-folder /tf/caf/configuration/${environment}/level2/networking/hub \ -var-folder /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example}/networking_hub/single_region \ @@ -65,7 +65,7 @@ rover -lz /tf/caf/public/landingzones/caf_networking/ \ ```bash example=104-private-cluster -rover -lz /tf/caf/public/landingzones/caf_solutions/ \ +rover -lz /tf/caf/landingzones/caf_solution/ \ -tfstate landingzone_aks.tfstate \ -var-folder /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example} \ -var tags={example=\"${example}\"} \ diff --git a/reference_implementations/azure_kubernetes_services/aks/401-blue-green-nodepool/README.md b/reference_implementations/azure_kubernetes_services/aks/401-blue-green-nodepool/README.md index f8200549..318256b4 100644 --- a/reference_implementations/azure_kubernetes_services/aks/401-blue-green-nodepool/README.md +++ b/reference_implementations/azure_kubernetes_services/aks/401-blue-green-nodepool/README.md @@ -48,7 +48,7 @@ example=401-blue-green-nodepool ### Step 0: Deploy Blue Nodepool ```bash -rover -lz /tf/caf/public/landingzones/caf_solutions/ \ +rover -lz /tf/caf/landingzones/caf_solution/ \ -tfstate landingzone_aks.tfstate \ -var-file /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example}/configuration.tfvars \ -var-file /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example}/aks_step0.tfvars \ @@ -60,7 +60,7 @@ rover -lz /tf/caf/public/landingzones/caf_solutions/ \ ### Step 1: Upgrade Control Plane, system Nodepool and adding Green Nodepool ```bash -rover -lz /tf/caf/public/landingzones/caf_solutions/ \ +rover -lz /tf/caf/landingzones/caf_solution/ \ -tfstate landingzone_aks.tfstate \ -var-file /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example}/configuration.tfvars \ -var-file /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example}/aks_step1.tfvars \ @@ -75,7 +75,7 @@ rover -lz /tf/caf/public/landingzones/caf_solutions/ \ Login to the cluster using *aks_kubeconfig_admin_cmd* or *aks_kubeconfig_cmd* output: *"az aks get-credentials..."* ```bash -rover -lz /tf/caf/public/landingzones/caf_solutions/ \ +rover -lz /tf/caf/landingzones/caf_solution/ \ -tfstate landingzone_aks.tfstate \ -level level3 \ -a output \ @@ -98,7 +98,7 @@ kubectl drain -l agentpool=nodepool1 --ignore-daemonsets --delete-local-data Delete Blue NodePool ```bash -rover -lz /tf/caf/public/landingzones/caf_solutions/ \ +rover -lz /tf/caf/public/landingzones/caf_solution/ \ -tfstate ${example}_landingzone_aks.tfstate \ -var-file /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example}/configuration.tfvars \ -var-file /tf/caf/reference_implementations/azure_kubernetes_services/aks/${example}/aks_step2.tfvars \ diff --git a/reference_implementations/azure_kubernetes_services/applications/argocd/README.md b/reference_implementations/azure_kubernetes_services/applications/argocd/README.md index e9f24e04..be82d263 100644 --- a/reference_implementations/azure_kubernetes_services/applications/argocd/README.md +++ b/reference_implementations/azure_kubernetes_services/applications/argocd/README.md @@ -28,7 +28,7 @@ landingzone_key="cluster_aks" # Key of the cluster to deploy the application cluster_key="cluster_re1" -rover -lz /tf/caf/public/landingzones/caf_solutions/add-ons/aks_applications/ \ +rover -lz /tf/caf/landingzones/caf_solution/add-ons/aks_applications/ \ -tfstate ${application}1.tfstate \ -var-folder /tf/caf/reference_implementations/azure_kubernetes_services/applications/${application} \ -var tags={application=\"${application}\"} \ diff --git a/reference_implementations/azure_kubernetes_services/applications/flux/README.md b/reference_implementations/azure_kubernetes_services/applications/flux/README.md index ec0a015d..e5f46c4d 100644 --- a/reference_implementations/azure_kubernetes_services/applications/flux/README.md +++ b/reference_implementations/azure_kubernetes_services/applications/flux/README.md @@ -21,7 +21,7 @@ Please make sure to change the cluster_key in /tf/caf/examples/applications/{app ```bash app_example=flux -rover -lz /tf/caf/applications \ +rover -lz /tf/caf/landingzones/caf_solution/add-ons/aks_applications/ \ -tfstate ${app_example}.tfstate \ -var-folder /tf/caf/examples/applications/${app_example} \ -var tags={application=\"${app_example}\"} \ @@ -34,7 +34,7 @@ Have fun playing with the landing zone an once you are done, you can simply dele ```bash app_example=flux -rover -lz /tf/caf/applications \ +rover -lz /tf/caf/landingzones/caf_solution/add-ons/aks_applications/ \ -tfstate ${app_example}.tfstate \ -var-folder /tf/caf/examples/applications/${app_example} \ -var tags={application=\"${app_example}\"} \ diff --git a/reference_implementations/data_analytics/README.md b/reference_implementations/data_analytics/README.md index a040385f..c03cc1fd 100644 --- a/reference_implementations/data_analytics/README.md +++ b/reference_implementations/data_analytics/README.md @@ -14,7 +14,8 @@ For a review of the hierarchy approach of Cloud Adoption Framework for Azure lan ## Setting up your test environment -In order to deploy the data analytics platform landing zones, you must beforehand deploy either a demo or sandpit environment up to level 2. +In order to deploy the data analytics platform landing zones, you must beforehand deploy either a demo or sandpit environment up to and including the level 2 (hub networking). + This can be achieved following the steps there [configuration](../../configuration)