AKS与ACR集成

Question

尝试创建ACR并将其与现有AKS群集集成

下面是资源块，其中将对aks节点池执行角色分配{用户分配的托管身份}，并尝试使用数据块来获取现有的aks详细信息

#Create Resource Group 
resource "azurerm_resource_group" "acr_rg" {
  location = var.location
  name     = "${var.global-prefix}-${var.repo-id}-rg"
}

#Create ACR Registry for Powerme
resource "azurerm_container_registry" "acr" {
  name                = var.repo-id
  resource_group_name = azurerm_resource_group.acr_rg.name
  location            = azurerm_resource_group.acr_rg.location
  sku                 = "Premium"
  admin_enabled       = true
}

#Featching AKS details for Integration with ACR
data "azurerm_kubernetes_cluster" "aks_cluster" {
  resource_group_name = var.aks_rg
  name                = var.k8s_cluster
}

#Role assignment of vmss to acr
resource "azurerm_role_assignment" "acrpull_role" {
  scope                = azurerm_container_registry.acr.id
  role_definition_name = "AcrPull"
  principal_id         = data.azurerm_kubernetes_cluster.aks_cluster.kubelet_identity[0].object_id
}

错误

$ terraform plan
╷
│ Error: Error: Managed Kubernetes Cluster "mycluster" was not found in Resource Group "myresource"
│ 
│   with data.azurerm_kubernetes_cluster.aks_cluster,
│   on acr.tf line 17, in data "azurerm_kubernetes_cluster" "aks_cluster":
│   17: data "azurerm_kubernetes_cluster" "aks_cluster" {
╵

Answer 1

如果您有多个订阅访问权限，请确保使用以下命令设置具有aks集群和资源组的订阅：

az account set --subscription "your subscription you want to use"

设置订阅后，您可以使用相同的代码成功获取AKS集群和资源组。