Skip to content
ARM template(s) to deploy a managed Kubernetes cluster in Azure
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
addons feat(model): Update model to latest api Jun 30, 2019
rbac feat(model): Update model to latest api Jun 30, 2019
.gitignore feat(model): Update model to latest api Jun 30, 2019
README.md feat(model): Update model to latest api Jun 30, 2019
azuredeploy.json
azuredeploy.parameters.json feat(model): Update model to latest api Jun 30, 2019

README.md

AKS Infrastructure as Code

This template deploys an AKS cluster.

See https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough for a walkthrough.

To use keys stored in keyvault, replace "value":"" with a reference to keyvault in parameters file. For example:

"servicePrincipalClientSecret": {
      "reference": {
        "keyVault": {
          "id": "<specify Resource ID of the Key Vault you are using>"
        },
        "secretName": "<specify name of the secret in the Key Vault to get the service principal password from>"
      }
    }

Installation

Create Resource Group

az group create -n <resource-group-name> -l <location>

Create Service Prinicipal

az ad sp create-for-rbac --name <name>

Cluster Preview Features

To use the cluster autoscaler and multiple node pools, you need the aks-preview CLI extension version 0.4.1 or higher.

# Install the aks-preview extension
az extension add --name aks-preview

# Update the extension to make sure you have the latest version installed
az extension update --name aks-preview

To create an AKS that uses multiple node pools and scale sets, you must also enable a feature flag on your subscription.

az feature register --name MultiAgentpoolPreview --namespace Microsoft.ContainerService
az feature register --name VMSSPreview --namespace Microsoft.ContainerService

# Wait till status is registered
az feature list -o table --query "[?contains(name, 'Microsoft.ContainerService/MultiAgentpoolPreview')].{Name:name,State:properties.state}"
az feature list -o table --query "[?contains(name, 'Microsoft.ContainerService/VMSSPreview')].{Name:name,State:properties.state}"

az provider register --namespace Microsoft.ContainerService

Cluster Creation

Local

 az group deployment create --name "<deployment-name>" \
                           --resource-group "<resource-group>" \
                           --template-file azuredeploy.json \
                           --parameters "./azuredeploy.custom.parameters.json"

GitHub

az group deployment create --name "<deployment-name>" \
                           --resource-group "<resource-group>" \
                           --template-uri "https://raw.githubusercontent.com/sylus/aks-iac/master/azuredeploy.json" \
                           --parameters "./azuredeploy.custom.parameters.json"

Note: Use your own custom parameters file to pass into the AKS template.

Azure AD

Before you use an Azure Active Directory account with an AKS cluster, you must create role-binding or cluster role-binding.

az aks get-credentials --resource-group "<resource-group>" --name "<cluster-name>" --admin --overwrite-existing

Apply the binding by using kubectl:

kubectl apply -f rbac/rbac-aad-user.yaml

Pull the context for the non-admin user by using the az aks get-credentials command.

az aks get-credentials --resource-group "<resource-group>" --name "<cluster-name>"

After you run the kubectl command, you'll be prompted to authenticate by using Azure.

For more information: https://docs.microsoft.com/en-us/azure/aks/azure-ad-integration

Delete all Resources

az group delete --name <resource-group-name>
You can’t perform that action at this time.