Kick start Kubernetes Managed Service(AKS) on Azure Series(Part-1)

Azure Kubernetes Service (AKS) provides a managed Kubernetes service that reduces the complexity for deployment and core management tasks, including coordinating upgrades. The AKS control plane is managed by the Azure platform, and you only pay for the AKS nodes that run your applications. 

Checking AKS versions available in your preferred Azure location

az aks get-versions --location westus --output table

Checking Azure Resource Provider

All services in Microsoft Azure are consumed through Resource providers. Unfortunately, these providers are not automatically registered when invoked through command-line utilities like the Azure CLI.

To build an AKS cluster, you need to register a few Resource products. These providers are:

• Microsoft.Compute
• Microsoft.Storage
• Microsoft.Network
• Microsoft.ContainerService

az provider list --query "[?registrationState=='Registered'].{Name:namespace, State:registrationState}" -o table

How to register Microsoft.ContainerService Resource Provider

az provider register --namespace Microsoft.ContainerService --wait

kubectl tool

The Kubernetes command-line tool, kubectl, allows you to run commands against Kubernetes clusters. You can use kubectl to deploy applications, inspect and manage cluster resources, and view logs.

If you are planning to install kubectl in windows laptop the follow the steps here https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl-on-windows. Once the the utility is installed we can a quick to validate

kubectl config view

Pre-requisites for setting up AKS Kubernetes cluster

• RBAC Access
• Cluster Creation through CLI
• Update kubeconfig by using get-credentials command
• Create clusterrolebinding for gaining access to cluster and nodes
• Browse through kubernetes dashboard

create a service principal for RBAC access during Cluster creation below.

az ad sp create-for-rbac --skip-assignment --name az-aks-eshop-eus-sp

Please use below output values in the cluster creation script below

• app-id(service principal id)
• client-secret

create a Azure resource group for AKS cluster.

az group create --location eastus --name az-aks-eshop-rg

By default different resource groups naming convention is used for cluster and nodes are created with AKS cluster creation. If you use AZ CLI aks-preview extension, node-resource-group parameter can be used to set preferred azure resource name for nodes.

az aks create --resource-group az-aks-eshop-rg --node-resource-group az-aks-node-eshop-rg --name az-aks-eshopcluster-eus --enable-rbac --enable-addons monitoring,http_application_routing --kubernetes-version 1.15.11 --generate-ssh-keys --service-principal xxxxxxxx-xxxx-xxxx-xxxx-xxxxx --client-secret xxxxxxxxx-xxxxxxxxxx-xxxxx-xxxxxxxxxxxxx --node-vm-size Standard_Ds2_v2 --node-count 1 --vm-set-type VirtualMachineScaleSets --network-plugin azure --load-balancer-sku basic --enable-cluster-autoscaler --min-count 1 --max-count 5

Once the cluster is created, get-credentials command updates the kubeconfig file with cluster credentials in

az aks get-credentials --name az-aks-eshopcluster-eus --resource-group az-aks-eshop-rg

How to configure cluster role bindings to enable kubernetes dashboard access

kubectl create clusterrolebinding kubernetes-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard

How to access kubernetes dashboard

az aks browse --resource-group az-aks-eshop-rg --name az-aks-eshopcluster-eus

Fully deployed vanilla AKS cluster can be viewed through kubernetes dashboard