Introduction
In the official documentation of installing Terraform Enterprise with Flexible Deployment Options for Azure Kubernetes Service, by default the overrides.yamlfile used in the Helm chart creates a public Load Balancer.
This article aims to guide you on what configuration needs to be present in the overrides.yaml to create an internal Load Balancer in Azure.
Expected Outcome
Terraform Enterprise will have an internal Load Balancer with a private IP and is not exposed to the internet.
Prerequisites
- Terraform Enterprise Flexible Deployment option on Azure Kubernetes Service (AKS)
Use Case
Run Terraform Enterprise Flexible Deployment Option on Azure Kubernetes Service with an internal Load Balancer
Procedure
- Have 2 private subnets available in your network infrastructure
- Add the following piece to your
overrides.yamlfile to create an internal Load Balancer
service:
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "true"
type: LoadBalancer
ports:
- name: https-443
port: 443
protocol: TCP
targetPort: 8443
- Additionally, the below configuration can also be used if the Load Balancer is required to have a specific IP address
service:
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "true"
service.beta.kubernetes.io/azure-load-balancer-ipv4: <load-balancer-ip>
type: LoadBalancer
ports:
- name: https-443
port: 443
protocol: TCP
targetPort: 8443
- Apply the Helm chart as explained in our official documentation after choosing the right configuration for your use case
- The Load Balancer IP can also be checked with the following command
kubectl get services -n terraform-enterprise
- Check out the EXTERNAL-IP value
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
terraform-enterprise LoadBalancer 10.0.123.180 10.211.1.5 443:30877/TCP 2m9s