Get Started with AKS

This guide provides instructions for getting started with Konvoy to get your Kubernetes cluster up and running with basic configuration requirements on an Azure Kubernetes Service (AKS) public cloud instance. If you want to customize your AKS environment, see Install AKS Advanced.

Prerequisites

Before starting the Konvoy installation, verify that you have:

• An x86_64-based Linux or macOS machine with a supported version of the operating system.
• The dkp binary for Linux, or macOS.
• Docker version 18.09.2 or later.
• kubectl for interacting with the running cluster.
• Azure CLI.
• A valid Azure account used to sign in with the Azure CLI.

WARNING: Pivoting is not supported in AKS.

Configure AKS prerequisites

1. Log in to Azure:

   az login
   

   [
     {
       "cloudName": "AzureCloud",
       "homeTenantId": "a1234567-b132-1234-1a11-1234a5678b90",
       "id": "b1234567-abcd-11a1-a0a0-1234a5678b90",
       "isDefault": true,
       "managedByTenants": [],
       "name": "Mesosphere Developer Subscription",
       "state": "Enabled",
       "tenantId": "a1234567-b132-1234-1a11-1234a5678b90",
       "user": {
         "name": "user@azuremesosphere.onmicrosoft.com",
         "type": "user"
       }
     }
   ]
   

2. Create an Azure Service Principal (SP) by running the following command:

   NOTE: If an SP with the name exists, this command will rotate the password.

   az ad sp create-for-rbac --role contributor --name "$(whoami)-konvoy" --scopes=/subscriptions/$(az account show --query id -o tsv)
   

   {
     "appId": "7654321a-1a23-567b-b789-0987b6543a21",
     "displayName": "azure-cli-2021-03-09-23-17-06",
     "password": "Z79yVstq_E.R0R7RUUck718vEHSuyhAB0C",
     "tenant": "a1234567-b132-1234-1a11-1234a5678b90"
   }
   

3. Set the required environment variables:

   export AZURE_SUBSCRIPTION_ID="<id>" # b1234567-abcd-11a1-a0a0-1234a5678b90
   export AZURE_TENANT_ID="<tenant>" # a1234567-b132-1234-1a11-1234a5678b90
   export AZURE_CLIENT_ID="<appId>"  # 7654321a-1a23-567b-b789-0987b6543a21
   export AZURE_CLIENT_SECRET='<password>' # Z79yVstq_E.R0R7RUUck718vEHSuyhAB0C
   

4. Base64 encode the same environment variables:

   export AZURE_SUBSCRIPTION_ID_B64="$(echo -n "${AZURE_SUBSCRIPTION_ID}" | base64 | tr -d '\n')"
   export AZURE_TENANT_ID_B64="$(echo -n "${AZURE_TENANT_ID}" | base64 | tr -d '\n')"
   export AZURE_CLIENT_ID_B64="$(echo -n "${AZURE_CLIENT_ID}" | base64 | tr -d '\n')"
   export AZURE_CLIENT_SECRET_B64="$(echo -n "${AZURE_CLIENT_SECRET}" | base64 | tr -d '\n')"
   

Bootstrap a kind cluster and CAPI controllers

1. Create a bootstrap cluster:

   dkp create bootstrap --kubeconfig $HOME/.kube/config
   

Name your cluster

Give your cluster a unique name suitable for your environment. In AKS it is critical that the name is unique as no two clusters in the same AKS account can have the same name.

Set the environment variable to be used throughout this documentation:

CLUSTER_NAME=my-aks-cluster

Create a new AKS Kubernetes cluster

1. Create a Kubernetes cluster:

   dkp create cluster aks --cluster-name=${CLUSTER_NAME} --additional-tags=owner=$(whoami) --kubernetes-version=1.21.7
   

2. (Optional) Specify an authorized key file to have SSH access to the machines.

   The file must contain exactly one entry, as described in this manual.

   You can use the .pub file that complements your private ssh key. For example, use the public key that complements your RSA private key:

   --ssh-public-key-file=${HOME}/.ssh/id_rsa.pub
   

   The default username for SSH access is konvoy. For example, use your own username:

   --ssh-username=$(whoami)
   

3. Wait for the cluster control-plane to be ready:

   kubectl wait --for=condition=ControlPlaneReady "clusters/${CLUSTER_NAME}" --timeout=20m
   

Explore the new Kubernetes cluster

1. Fetch the kubeconfig file:

   dkp get kubeconfig -c ${CLUSTER_NAME} > ${CLUSTER_NAME}.conf
   

2. List the Nodes with the command:

   kubectl --kubeconfig=${CLUSTER_NAME}.conf get nodes
   

   NOTE: It may take a couple of minutes for the Status to move to Ready while calico-node pods are being deployed.

3. List the Pods with the command:

   kubectl --kubeconfig=${CLUSTER_NAME}.conf get pods -A
   

Delete the Kubernetes cluster and cleanup your environment

1. Delete the provisioned Kubernetes cluster and wait a few minutes:

   dkp delete cluster --cluster-name=${CLUSTER_NAME}
   

2. Delete the kind Kubernetes cluster:

   dkp delete bootstrap --kubeconfig $HOME/.kube/config