fix: Ingress internal loadbalancer (#110)

* added ingress loadbalancer with private subnet

* fix vnet ita peering

* minor fix: pod identity argocd in italy north

* fix internal ingress annotations

* pre-commit fixs

src/aks-platform/05_argocd.tf

@@ -81,7 +81,7 @@ module "argocd_pod_identity" {
 
   cluster_name        = module.aks[0].name
   resource_group_name = azurerm_resource_group.rg_aks.name
-  location            = var.location_westeurope
+  location            = var.location
   tenant_id           = data.azurerm_subscription.current.tenant_id
 
   identity_name = "argocd-pod-identity"

src/aks-platform/05_ingress.tf

@@ -25,7 +25,10 @@ module "nginx_ingress" {
   }
 
   values = [
-    "${templatefile("${path.module}/ingress/loadbalancer.yaml.tpl", { load_balancer_ip = var.ingress_load_balancer_ip })}"
+    templatefile("${path.module}/ingress/loadbalancer.yaml.tpl", {
+      load_balancer_ip    = var.ingress_load_balancer_ip
+      private_subnet_name = module.snet_aks.name
+    })
   ]
 
   set = [

src/aks-platform/ingress/loadbalancer.yaml.tpl

@@ -1,4 +1,6 @@
 controller:
   service:
+    annotations:
       service.beta.kubernetes.io/azure-load-balancer-internal: "true"
       service.beta.kubernetes.io/azure-load-balancer-ipv4: ${load_balancer_ip}
+      service.beta.kubernetes.io/azure-load-balancer-internal-subnet: ${private_subnet_name}

src/core/01_network.tf

@@ -45,7 +45,7 @@ module "vnet_ita_peering" {
   source_resource_group_name       = azurerm_resource_group.rg_ita_vnet.name
   source_virtual_network_name      = module.vnet_italy.name
   source_remote_virtual_network_id = module.vnet_italy.id
-  source_use_remote_gateways       = false
+  source_use_remote_gateways       = true
   source_allow_forwarded_traffic   = true
 
   target_resource_group_name       = azurerm_resource_group.rg_vnet.name