tomasaschan · February 14, 2018 19:50
diff --git a/provision-aks-acr.ps1 b/provision-aks-acr.ps1
 param(
  $resourceGroup = 'sandbox-<firstname>.<lastname>',
  $clusterName = '<firstname>-<lastname>-cluster',
  $registryName = '<firstname><lastname>',
  $privateKeyName = '<firstname>.<lastname>-secret',
  $email = '[email protected]'
 )

 Write-Host "Provisioning resources..."
 az configure --defaults group=$resourceGroup

 $existingClusters = az aks list --query "[].name"

 if ($clusterName -in ($existingClusters | ConvertFrom-Json)) {
  Write-Host "Cluser named $clusterName already exists"
 }
 else {
  Write-Host "Provisioning cluster $clusterName..."
  az aks create `
    --name $clusterName `
    --generate-ssh-keys #`
  # --node-count $nodeCount `
 }

 $existingRegistires = az acr list --query "[].name" | ConvertFrom-Json

 if ($registryName -in $existingRegistires) {
  Write-Host "Registry $registryName already exists"
 }
 else {
  Write-Host "Provisioning registry $registryName"
  az acr create --name $registryName --sku Basic
 }

 Write-Host "Configuring security..."
 $kubectlContexts = kubectl config get-contexts --output name
 if ($clusterName -notin $kubectlContexts) {
  az aks get-credentials --name $clusterName
 }

 az acr login --name $registryName | Out-Null
 $registryLoginServer = az acr list --query "[0].loginServer" --output tsv

 $existingSecrets = kubectl get secrets --output name
 if ("secrets/$privateKeyName" -notin $existingSecrets) {
  # Create a private secret that AKS can use to communicate with ACSs
  az acr update --name $registryName --admin-enabled true | Out-Null
  $acrPassword = az acr credential show --query "passwords[0].value" --name $registryName
  kubectl create secret docker-registry $privateKeyName `
    --docker-server $registryLoginServer `
    --docker-username $registryName `
    --docker-password $acrPassword `
    --docker-email $email
 }

 Write-Host ""
 Write-Host "All good to go!"
 Write-Host "Tag images $registryLoginServer to push to ACR"
 Write-Host "Use secret named $privateKeyName for image pulls in service definitions"

 @{
  registry = "$registryLoginServer";
  keyName = "$privateKeyName"
 } | ConvertTo-Json | Out-File ./azure-config.json
	param(
	$resourceGroup = 'sandbox-<firstname>.<lastname>',
	$clusterName = '<firstname>-<lastname>-cluster',
	$registryName = '<firstname><lastname>',
	$privateKeyName = '<firstname>.<lastname>-secret',
	$email = '[email protected]'
	)

	Write-Host "Provisioning resources..."
	az configure --defaults group=$resourceGroup

	$existingClusters = az aks list --query "[].name"

	if ($clusterName -in ($existingClusters \| ConvertFrom-Json)) {
	Write-Host "Cluser named $clusterName already exists"
	}
	else {
	Write-Host "Provisioning cluster $clusterName..."
	az aks create `
	--name $clusterName `
	--generate-ssh-keys #`
	# --node-count $nodeCount `
	}

	$existingRegistires = az acr list --query "[].name" \| ConvertFrom-Json

	if ($registryName -in $existingRegistires) {
	Write-Host "Registry $registryName already exists"
	}
	else {
	Write-Host "Provisioning registry $registryName"
	az acr create --name $registryName --sku Basic
	}

	Write-Host "Configuring security..."
	$kubectlContexts = kubectl config get-contexts --output name
	if ($clusterName -notin $kubectlContexts) {
	az aks get-credentials --name $clusterName
	}

	az acr login --name $registryName \| Out-Null
	$registryLoginServer = az acr list --query "[0].loginServer" --output tsv

	$existingSecrets = kubectl get secrets --output name
	if ("secrets/$privateKeyName" -notin $existingSecrets) {
	# Create a private secret that AKS can use to communicate with ACSs
	az acr update --name $registryName --admin-enabled true \| Out-Null
	$acrPassword = az acr credential show --query "passwords[0].value" --name $registryName
	kubectl create secret docker-registry $privateKeyName `
	--docker-server $registryLoginServer `
	--docker-username $registryName `
	--docker-password $acrPassword `
	--docker-email $email
	}

	Write-Host ""
	Write-Host "All good to go!"
	Write-Host "Tag images $registryLoginServer to push to ACR"
	Write-Host "Use secret named $privateKeyName for image pulls in service definitions"

	@{
	registry = "$registryLoginServer";
	keyName = "$privateKeyName"
	} \| ConvertTo-Json \| Out-File ./azure-config.json