Skip to content
This repository has been archived by the owner on Oct 12, 2023. It is now read-only.

Azure/azure-oam-solution

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits

scripts

scripts

 
 

tools

tools

 
 

tutorial

tutorial

 
 

.gitignore

.gitignore

 
 

CODE_OF_CONDUCT.md

CODE_OF_CONDUCT.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

SECURITY.md

SECURITY.md

 
 

template.json

template.json

 
 

Repository files navigation

Azure OAM Deployment

This reposititory contains instructions and scripts for easily getting an OAM-enabled Kubernetes cluster running on Azure using Crossplane.

Getting Started

Prerequisites

The tutorial uses commands that assume an Posix-like shell environment.

  • Linux
  • macOS
  • Windows with WSL

Install azoam CLI

You can download the azoam CLI from this repository. Feel free to install to your path or run from the local directory depending on your preferences.

Linux / Windows with WSL

curl -O https://raw.githubusercontent.com/Azure/azure-oam-solution/master/tools/linux_amd64/azoam
chmod +x ./azoam

macOS

curl -O https://raw.githubusercontent.com/Azure/azure-oam-solution/master/tools/macos_amd64/azoam
chmod +x ./azoam

Install Azure CLI

These instructions use the Azure CLI.

Install jq

Install jq to process JSON output.

Install kubectl

These instructions use kubectl to deploy to Kubernetes.

Create Service Principal

# log in to azure (if not logged in)
az login

# create service principal permissions limited to this subscription
az ad sp create-for-rbac --sdk-auth --role Contributor > "creds.json"

Verify the credential's file is present:

ls creds.json

Resource Group

Choose a name for the resource group:

export OAM_TUTORIAL_RESOURCE_GROUP_NAME=<name>

Example:

export OAM_TUTORIAL_RESOURCE_GROUP_NAME=oam-tutorial

If you already have a resource group and don't want to create a new one, run the command above and skip the command below.

# log in to azure (if not logged in)
az login

az group create --name $OAM_TUTORIAL_RESOURCE_GROUP_NAME --location <location>

Example:

az group create --name $OAM_TUTORIAL_RESOURCE_GROUP_NAME --location westus2

Generate SSH Key

Check if you have an ssh key:

ls ~/.ssh/id_rsa.pub

If file is not present, generate an ssh key:

ssh-keygen

Keep all defaults, and the output should be something like:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX user@pc
The key's randomart image is:
+---[RSA 2048]----+
|    .      ..Xo..|
|   . . .  . .o.X.|
|    . . o.  ..+ B|
|   .   o.o  .+ ..|
|    ..o.X   X..  |
|   . %o=      .  |
|    @.B...     . |
|   o.=. X. . .  .|
|    .oo  E. . .. |
+----[SHA256]-----+

Make a note of the resource group name you choose for reference later.

Apply ARM template

Run the following command to deploy a Kubernetes cluster with support for OAM.

az deployment group create \
  --template-uri https://raw.githubusercontent.com/Azure/azure-oam-solution/master/template.json \
  --resource-group $OAM_TUTORIAL_RESOURCE_GROUP_NAME \
  --parameter "sshRSAPublicKey=$(cat ~/.ssh/id_rsa.pub)" \
  --parameter "servicePrincipalClientId=$(jq '.clientId' --raw-output creds.json)" \
  --parameter "servicePrincipalClientSecret=$(jq '.clientSecret' --raw-output creds.json)"

Find the created AKS cluster

When the ARM template completes successfully you will have an AKS cluster in the provided resource group.

az aks list --resource-group $OAM_TUTORIAL_RESOURCE_GROUP_NAME

Export the AKS cluster name to a environment variable:

export OAM_TUTORIAL_AKS_CLUSTER_NAME=$(az aks list --resource-group $OAM_TUTORIAL_RESOURCE_GROUP_NAME --query '[].name' -o tsv)
az aks get-credentials --name $OAM_TUTORIAL_AKS_CLUSTER_NAME --resource-group $OAM_TUTORIAL_RESOURCE_GROUP_NAME

Now you should have credentials in your Kubernetes configuration for the AKS cluster. Now you can use kubectl to deploy some workloads using OAM.

Complete the tutorial

Once you can access the AKS cluster you're ready to go!

Find the tutorial here.

Cleaning Up

All of the resources created by this tutorial are all part of the same resource group. To delete all of the resources run the following command.

az group delete --name  $OAM_TUTORIAL_RESOURCE_GROUP_NAME --yes

Run the following to delete the service principal.

az ad sp delete --id "$(<creds.json | jq '.clientId' | xargs -I CLIENTID az ad sp list --filter \"appId eq 'CLIENTID'\" --query '[0].servicePrincipalNames[0]' -o tsv)"

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

About

Azure + OAM

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages