# Azure Arc Enabled SQL Managed Instance in AKS

This notebook and repo will create a
- AKS Cluster
- Custom Location
- Azure Arc Enabled Direct Connected Data Controller
- 3 replica Azure Arc Enabled SQL Managed Instance

It requires

- Azure Cli [install from here](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli) 
- kubectl - I install with chocolatey `choco install kubernetes-cli -y` or [install instructions](https://kubernetes.io/docs/tasks/tools/install-kubectl-windows/)

## First set some variables for the session

I use the SecretsManagement PowerShell module to store my secrets which can be installed with `Install-Module SecretsManagement`. I add secrets with `Set-Secret -Name nameofsecret -Secret secretvalue`.


In [None]:
$location = 'eastus' # Azure location
$resourceGroup = 'beardarc' # Exisiting resource group

$aksClusterName = 'beard-aks-cluster' #name of the AKS cluster
$clusterNodePoolSize = "Standard_DS4_v2" # VM size of the AKS cluster
$customLocation  = 'beard-aks-cluster-location' # Name of the custom location
$dataController= "ben-aks-direct" # name of the data controller

# I store the user name and password for the data controller with SecretsManagement
$benscreds = New-Object System.Management.Automation.PSCredential ((Get-Secret -Name beardmi-benadmin-user -AsPlainText), (Get-Secret -Name beardmi-benadmin-pwd))
$ENV:AZDATA_USERNAME="$($benscreds.UserName)"
$ENV:AZDATA_PASSWORD="$($benscreds.GetNetworkCredential().Password)"
$ENV:ACCEPT_EULA = 'yes'
$subscription_id = New-Object System.Management.Automation.PSCredential ('subscription-id', (Get-Secret -Name subscription-id)) 
$ENV:SUBSCRIPTION = "$($subscription_id.GetNetworkCredential().Password)"


## Create the AKS Cluster

Using Azure Cli log into Azure and create an AKS

In [None]:
# az login
az account set -s $ENV:SUBSCRIPTION 
az aks create -g $resourceGroup -n $aksClusterName --node-vm-size $clusterNodePoolSize # --generate-ssh-keys 
az aks get-credentials -g $resourceGroup -n $aksClusterName --overwrite-existing

{


  "aadProfile": null,


  "addonProfiles": null,


  "agentPoolProfiles": [


    {


      "availabilityZones": null,


      "count": 3,


      "enableAutoScaling": null,


      "enableEncryptionAtHost": false,


      "enableFips": false,


      "enableNodePublicIp": false,


      "gpuInstanceProfile": null,


      "kubeletConfig": null,


      "kubeletDiskType": "OS",


      "linuxOsConfig": null,


      "maxCount": null,


      "maxPods": 110,


      "minCount": null,


      "mode": "System",


      "name": "nodepool1",


      "nodeImageVersion": "AKSUbuntu-1804gen2containerd-2021.06.09",


      "nodeLabels": {},


      "nodePublicIpPrefixId": null,


      "nodeTaints": null,


      "orchestratorVersion": "1.19.11",


      "osDiskSizeGb": 128,


      "osDiskType": "Ephemeral",


      "osSku": "Ubuntu",


      "osType": "Linux",


      "podSubnetId": null,


      "powerState": {


        "code": "Running"


      },


      "provisioningState": "Succeeded",


      "proximityPlacementGroupId": null,


      "scaleSetEvictionPolicy": null,


      "scaleSetPriority": null,


      "spotMaxPrice": null,


      "tags": null,


      "type": "VirtualMachineScaleSets",


      "upgradeSettings": null,


      "vmSize": "Standard_DS4_v2",


      "vnetSubnetId": null


    }


  ],


  "apiServerAccessProfile": null,


  "autoScalerProfile": null,


  "autoUpgradeProfile": null,


  "azurePortalFqdn": "beard-aks--beardarc-6d8f99-8022f290.portal.hcp.eastus.azmk8s.io",


  "disableLocalAccounts": null,


  "diskEncryptionSetId": null,


  "dnsPrefix": "beard-aks--beardarc-6d8f99",


  "enablePodSecurityPolicy": null,


  "enableRbac": true,


  "extendedLocation": null,


  "fqdn": "beard-aks--beardarc-6d8f99-8022f290.hcp.eastus.azmk8s.io",


  "fqdnSubdomain": null,


  "httpProxyConfig": null,


  "id": "/subscriptions/6d8f994c-9051-4cef-ba61-528bab27d213/resourcegroups/beardarc/providers/Microsoft.ContainerService/managedClusters/beard-aks-cluster",


  "identity": {


    "principalId": "6fc6babc-9e0f-4674-81d8-8fc3ff70ffdb",


    "tenantId": "add02cc8-7eaf-4746-902a-53d0ceeff326",


    "type": "SystemAssigned",


    "userAssignedIdentities": null


  },


  "identityProfile": {


    "kubeletidentity": {


      "clientId": "2de1c925-ab66-456a-93d1-7166e29aa600",


      "objectId": "969682c7-0832-4723-8495-a92d14271bf5",


      "resourceId": "/subscriptions/6d8f994c-9051-4cef-ba61-528bab27d213/resourcegroups/MC_beardarc_beard-aks-cluster_eastus/providers/Microsoft.ManagedIdentity/userAssignedIdentities/beard-aks-cluster-agentpool"


    }


  },


  "kubernetesVersion": "1.19.11",


  "linuxProfile": {


    "adminUsername": "azureuser",


    "ssh": {


      "publicKeys": [


        {


          "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAu5Qi3xTmAuAQSPi2rUjrK6NDYE672y6q4pignuCzKk/zLx9t194vlc9Ry2ZKXqDQvAKT6ynv6nl7r/v+BgJkTSiObBqX+6i+U42hcu+AdXzWwYczqzK6GuCRjBqMuN8j1yPvRUi4U9lUqF6VNq86jMP1VJ95yDpHfKMm7ooFv/I2pNCZ2A9X9QBW1Akp3EJz0ZO/mhcEk61T9qwjyK0WUkgEhyLNvK5zcm9X1yr7IMfAYS1gPbu0MZ4R6v7SxK7zi24TdeVBWlFtW0DS7hpUujlS6Uu5JjyS5bL2IjwCBGICCmszTfFft6TlAYnww9YnLfYtF7vAL8hHbZ+i2q7l rob@sewells-consulting.co.uk\n"


        }


      ]


    }


  },


  "location": "eastus",


  "maxAgentPools": 100,


  "name": "beard-aks-cluster",


  "networkProfile": {


    "dnsServiceIp": "10.0.0.10",


    "dockerBridgeCidr": "172.17.0.1/16",


    "loadBalancerProfile": {


      "allocatedOutboundPorts": null,


      "effectiveOutboundIps": [


        {


          "id": "/subscriptions/6d8f994c-9051-4cef-ba61-528bab27d213/resourceGroups/MC_beardarc_beard-aks-cluster_eastus/providers/Microsoft.Network/publicIPAddresses/ce1c9723-ea3d-4b0d-917d-664dfa170efd",


          "resourceGroup": "MC_beardarc_beard-aks-cluster_eastus"


        }


      ],


      "idleTimeoutInMinutes": null,


      "managedOutboundIps": {


        "count": 1


      },


      "outboundIpPrefixes": null,


      "outboundIps": null


    },


    "loadBalancerSku": "Standard",


    "networkMode": null,


    "networkPlugin": "kubenet",


    "networkPolicy": null,


    "outboundType": "loadBalancer",


    "podCidr": "10.244.0.0/16",


    "serviceCidr": "10.0.0.0/16"


  },


  "nodeResourceGroup": "MC_beardarc_beard-aks-cluster_eastus",


  "podIdentityProfile": null,


  "powerState": {


    "code": "Running"


  },


  "privateFqdn": null,


  "privateLinkResources": null,


  "provisioningState": "Succeeded",


  "resourceGroup": "beardarc",


  "servicePrincipalProfile": {


    "clientId": "msi",


    "secret": null


  },


  "sku": {


    "name": "Basic",


    "tier": "Free"


  },


  "tags": null,


  "type": "Microsoft.ContainerService/ManagedClusters",


  "windowsProfile": null


}


Merged "beard-aks-cluster" as current context in C:\Users\mrrob\.kube\config


# Check that the cluster is running

Using kubectl check that the nodes are ready, they should be named `aks-nodepool*`

In [None]:
kubectl get nodes

NAME                                STATUS   ROLES   AGE   VERSION


aks-nodepool1-25504130-vmss000000   Ready    agent   10m   v1.19.11


aks-nodepool1-25504130-vmss000001   Ready    agent   10m   v1.19.11


aks-nodepool1-25504130-vmss000002   Ready    agent   10m   v1.19.11


# AZ Cli Extensions

ensure that we have the latest versions of the required AZ Cli extensions

Open a seperate PowerShell window and run this - PowerShell Interactive Notebooks dont like this command!!

````
az extension add --name connectedk8s  
az extension add --name k8s-extension  
az extension add --name customlocation  
az extension add --name arcdata  
az extension update --name connectedk8s  
az extension update --name k8s-extension  
az extension update --name customlocation  
az extension update --name arcdata  
````



