Azure

Overveiew

This guide provides guidelines regarding kubernetes cluster creation using Microsoft Azure with AKS (Azure Kubernetes Service) with AAD (Azure Active Directory) using bash script automation.

Azure Kubernetes Cluster can be created in two ways:

  1. Bash
  2. Terraform

Pre-Requisites

Following pre-requisite requirements must be fullfilled:

  • A domain on AWS (currently we use AWS domain to forward it to Azure AKS).

  • A Micorsoft Azure account with admin rights (needed to grant consent to server application)

Note

If admin account is not available and you need to request admin consent for application permission, comment out the line 50 and uncomment the line 48 in bash/deploy-aks.sh

Configuration & Deployment

  1. GitHub Repository to deploy AKS cluster can be found here. Clone it:

  2. Project has the following directory structure:

.
├── terraform/
│   └── active_directory.tf
│   └── main.tf
│   └── outputs.tf
│   └── service_principal.tf
│   └── variables.tf
├── bash/
│   └── config
│   └── deploy-aks.sh
│   └── deploy.sh
│   └── setup-domain.sh
1
2
3
4
5
6
7
8
9
10
11
12
  1. AKS with AAD cluster creation is automated using bash scripts. These bash scripts run according to the configuration provided in the config file. Set the following parameters in order to create the desired cluster.
Parameter Description
username username of the admin account
password password of the admin account
aksName Name of the AKS cluster to be created
resourceGroup Name of ResourceGroup in which AKS Cluster is to be created
location Desired location of the cluster e.g. eastus
location Number of nodes in the cluster
externalDnsNamespace Namespace in which externaldns service is running global in our case
dnsResourceGroup ResourceGroup for externaldns service externaldns in our case
dnsZoneName DNS entry for Domain e.g. workshop.stakater.com

BASH

Azure Kuberbetes Service with Azure Active Directory requires following steps:

1. Move to the bash folder
cd bash/
1
  1. Edit the config file to setup the variables
3. Make sure all three .sh files are executable
chmod 744 <file>
1
4. Run by using the following command to start the deployment
bash ./deploy.sh
1
  1. After a while terminal will display this message:

Note

Note the Nameservers and add it to the hosted zone in AWS. Hit any key to continue deployment.

Note

Use the above Nameservers and add their values in the hosted zones.

  1. Following line will be displayed on the terminal to request the admin to consent to the permissions if the account being used is not an admin account. When the admin has consented to the permissions, Press any key to continue the deployment

Note

Ask Administrator to consent on the Application Permissions

  1. When the deployment is done, it will ask the user to login using a web browser with a token. Use the token to login via web browser.

Terraform

This guide provides guideline regarding kubernetes cluster creation using Terraform

1. Pre-requisites

  • Terraform Install.
  • az-cli Install.
  • A Micorsoft Azure account with admin rights (needed to grant consent to server application)

Note

If admin account is not available and you need to request admin consent for application permission, the command terraform apply will fail. When it fails. Request the admin to consent for the Server Application, and run terraform apply again to complete the deployment

2. Configuration

All the configuration that is to be needed should be done in variables.tf file. Edit the variables.tf for the creation of desired cluster.

3. Deployment

1. Move to terraform folder
cd terraform/
1
2. Edit `variables.tf` as per requirement.
  • Initialize Terraform
terraform init
1
3. Plan Terraform deployment. Remove errors if it shows any errors
terraform plan
1
4. Apply the changes
terraform apply
1

Verification

1. When deployment is complete, use the following command on the terminal to start the proxy server:
kubectl proxy
1
2. Open any browser and pas the URL given below to check whether cluster is deployed successfully or not:
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!
1