aks-appgateway-terraform: An HCL repository from fxgsell

Prerequisits

An Azure account
Terraform installed where you run this.
Create a service principal allowed to create all the resources needed for terraform, Owner permission on the subscription is required to modify permission on the created resources, if this is too much permission you can modify the script to use a predifined resource group on wich you can set the Owner permission.
Prepare an Helm repository and add the chart for aad-pod-identity.
Copy terraform.tfvars.sample to terraform.tfvars and update the missing values with those from the above service principal and helm repo.
Have the SSL certificate ready, you can obtain free certificates from SSL For Free. Extract the .key and the .crt into a folder called ssl at the root of the project.

Run make install to configure the prerequisites.
Run make apply to deploy to your Azure account.
Run make config to install the K8s config to ~/.kube/azurek8s (you can export KUBECONFIG to use it or copy it to you default file).
Run kubectl apply -f demo_app/guestbook-all-in-one.yaml to deploy the test application on the cluster.
To add the SSL Ingress:
1. Export an environement variable SECRET with the value for the name for you certificate.
2. Export an environement variable DOMAIN with the domain name for your app.
3. Then run kubectl create secret tls ${SECRET} --key ssl/private.key --cert ssl/certificate.crt
4. Create the Ingress by running sed 's/__DOMAIN__/$(DOMAIN)/g; s/__SECRET__/$(SECRET)/g' demo_app/ssl-ing-guestbook.yaml | kubectl apply -f -
To add the Ingress without SSL:
1. Run kubectl apply -f demo_app/ing-guestbook.yaml to deploy the Ingress.
Delete the resource group to remove everything.

Optionaly run make config to install the K8s config to ~/.kube/azurek8s