azure-service-operator icon indicating copy to clipboard operation
azure-service-operator copied to clipboard

Published 20 hours ago verified publisher icon Azure

Feature: Resource Template Deployment CRD or generic resource

Open old-guy-coder opened this issue 9 months ago • 4 comments

Request a feature to add a CRD in ASO to support applying an ARM fragment using a kubernetes resource, this could be similar to how Terraform support this using the azurerm_resource_group_template_deployment resource.

I could see use cases where this would be useful to allow the support of Day 0 resources that are supported in ARM but not currently implemented in ASO as a temporary measure until they do become available.

The resource might look something like this:

apiVersion: resources.azure.com/v1api20240101
kind: ResourceGroupTemplateDeployment
metadata:
  name: aks-resource-name
spec:
  owner:
    name: resource-group-rg
  templateContent: |
{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "vnetName": {
            "type": "string",
            "metadata": {
                "description": "Name of the VNET"
            }
        }
    },
    "variables": {},
    "resources": [
        {
            "type": "Microsoft.Network/virtualNetworks",
            "apiVersion": "2020-05-01",
            "name": "[parameters('vnetName')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "addressSpace": {
                    "addressPrefixes": [
                        "{{ .Values.vnet.addressSpace }}"
                    ]
                }
            }
        }
    ],
    "outputs": {
      "exampleOutput": {
        "type": "string",
        "value": "someoutput"
      }
    }
}
  deploymentMode: Complete|Partial
  parametersContent: |
{
  "vnetName": {
    value: "{{ .Values.vnet.name }}"
  }
}

This resource could automatically attempt to delete resources deployed by the ARM Template when it is deleted.

The thinking for this resource is that this would allow teams to use resources on Day 0 of release as they are supported in ARM and Bicep and reduce the pressures on getting these resources implemented in ASO.

There would be some caveats:

  • The validation that you would normally get from kubectl would not be supported, I think this would be accepted as is if you are using this resource
  • The user would need to ensure the ARM template is valid, again this would be accepted as is, as part of using this resource

Other points

  • Could the outputs from the ARM template be handled similar to operatorSpec so these could be output to a ConfigMap?
  • Could support Bicep as well but that may involve additional work and since Bicep can be converted to ARM may not be necessary

There are possibly some other caveats that would apply to this resource

old-guy-coder avatar May 22 '24 16:05 old-guy-coder