Skip to main content

Creating Kubernetes resources with Terraform

There are a few different ways to set up Kubernetes deployments, pods, services, etc. Some of the key ways are with Kubernetes manifests or helm charts. Today we're going to see how to spin up Kubernetes resources using Terraform.

1. AKS (Azure Kubernetes) cluster, but you can use any Kubernetes cluster you like. You'll just need to change the provider and your authentication may be different. In either case, we simply need our .kubeconfig for Terraform to know where to deploy the resource.
2. AZ CLI downloaded and logged in.
3. An Azure account
4. An ACR (Azure Container Registry) or another container image registry.

The first thing you'll need to confirm is what Docker image you want to use for deployment and where that image is located. In my case, I have it in ACR (Azure Container Registry) so it can be accessed by my AKS cluster.

I'm going to use the latest Redis image that I pushed up to ACR. If you are not authenticated to your ACR, simply run az acr login --name name_of_your_registry to get access to the resources.

The next thing I need to do is authenticate to my AKS cluster. You'll want to run az aks get-credentials -n name_of_your_cluster -g _resource_group_name. That way our .kubeconfig is stored on our localhost and we can interact with our Kubernetes cluster. Once authenticated I'm able to see my Kubernetes nodes.

The big take-away here is that when you run the command to get your aks credentials, you're defaulting your kubernetes configuration to be your cluster in Azure. The authentication is happening because you're logged in with your AZ credentials to your subscription.

Now we're ready to take a look at our code.

Please Note: This code is found at -

The first piece of code we have is our main configuration (

provider "azurerm" {
  version = "=1.38.0"

resource "kubernetes_deployment" "Redis" {
  metadata {
    name =
    labels = {
      test =

  spec {
    replicas = 3

    selector {
      match_labels = {
        test =

    template {
      metadata {
        labels = {
          test =

      spec {
        container {
          image = var.image_id
          name  =

Let's take a look at what's happening here.

The first thing is we're calling the azurerm provider. This allows us to communicate with Azure. It also defaults to using our credentials that we logged into AZ CLI with.

The second part is our kubernetes_deployment resource. This resource gives us the ability to create a Kubernetes deployment. There are a ton of other resources for Kubernetes found here:

You'll also see some keywords var. These come from our variable configurations, which we'll take a look at now. The first configuration being our

variable "name" {
  type = string
  description = "name of app for metadata"

variable "image_id" {
  type = string
  description = "image being used in your deployment"

The above shows what variables we are planning on passing in, the types, and descriptions. This is where our var.image_id and variables come from in our

Now let's take a look at our terraform.tfvars configuration. Think of any configuration ending with .tfvars as what you're passing in at runtime.

name = "redis-app"
image_id = ""

This is passing in our and var.image_id values.

Now that we have our configurations, we're ready to start our terraform deployment. The first think you'll want to do is change directory (cd) to your directory that is holding all of your terraform configurations.

Now at the terminal let's run terraform init to initialize/stage our environment.

Now that we have initialized our environment, we're ready to run terraform plan to confirm everything is correct and we're ready to deploy.

Now that our plan as gone through, we're ready to run terraform apply to create our Kubernetes deployment.

Our Kubernetes deployment is now being created!


Popular posts from this blog

Run PowerShell code with Ansible on a Windows Host

Ansible is one of the Configuration Manager kings in the game. With it's easy-to-understand syntax and even easier to use modules, Ansible is certainly a go-to when you're picking what Configuration Management you want to use for your organization. Your question may be "but Ansible is typically on Linux and what happens when I'm in a Windows environment?". Luckily I'm here to tell you that Ansible will still work! I was pleasantly surprised with how easy it is to use Ansible on Windows with a little WinRM magic. Let's get started.

Pre-requisites for this post:
1) WinRM set up to connect to your Windows host from Ansible
2) Ansible set up for Windows Remote Management
3) SSH access to the Ansible host
4) Proper firewall rules to allow WinRM (port 5985) access from your Ansible host to your Windows host
5) Hosts file set up in Ansible that has your IP or hostname of your Windows Server.
6) At least one Linux host running Ansible and one Windows Server host …

Running PowerShell commands in a Dockerfile

As Docker continues to grow we are starting to see the containerization engine more and more on Windows. With the need for containers on Windows, we also need the same automation we get in Linux with Dockerfiles. Today we're going to create a Dockerfile that runs PowerShell cmdlets.
Prerequisites; 1. Docker for Windows
2. A code editor (VSCode preferred)

Let's go ahead and get our Dockerfile set up. Below is the Dockerfile I used for this post.

from MAINTAINER Michael Levan RUN powershell -Command Install-WindowsFeature -Name Web-Server RUN powershell -Command New-Item -Type File -Path C:\ -Name config
As you can see from the above, this is a tiny Dockerfile. What this will do is install the IIS Windows 

Feature and create a new file in C:\ called "config".
You should see something very similar to the below screenshot;

Next let's create a running container out of our image. First we'll need to run docker container ls to

 get o…

DevOps tooling in the Microsoft realm

When I really started to dive into automation and practicing DevOps with specific tooling, there were a few key players. At the time Microsoft was not one of them. They were just starting to embrace the open source world, including the art and practice of DevOps. Since then Microsoft has went all in and the tech giant has made some incredible tooling. Recently I switched to a Microsoft-heavy environment and I love it. I went from AWS/Python/Ansible/Jenkins to Azure/PowerShell/ARM/Azure DevOps. My first programming language was PowerShell so being back in the saddle allowed me to do a full circle between all of the different types of tooling in both worlds. Today I want to share some of that tooling with you.

The first thing I want to talk about is ARM. What is ARM? ARM is a configuration management tool that allows you to perform software-defined-infrastructure. Much like Ansible and Terraform, ARM allows you to define what you want your environment to look like at scale. With ARM, yo…