Kubernetes deployment to Azs 1811 using ADFS and Client Secrets does not work

[dmc-tech]

I have tried deploying Kubernetes cluster using the release-azs-1811 branch to an Azure Stack instance that is upgraded to 1811, uses ADFS as the identity provider and using the new Client Secret capability for SPN's

I selected AzureAD as the identity provider in the template, as I do not want to use KeyVaults or certificates. Looking in the template and associated scripts, It should not make an impact. Provision should be made for the scenario of ADFS using Client secrets https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-create-service-principals#create-a-service-principal-using-a-client-secret

When I deploy the template, it creates the deployer VM, that in turn runs the ACS-Engine and it deploys various resources. the failures occur for the Master Nodes. Looking at the logs on those VM's, it cannot start the kubelet service.
Deploying the same template on an 1811 Azure Stack instance that uses Azure AD works.

[honcao]

@dmc-tech
recently we released marketplace item Kubernetes 0.4.0 to support ADFS
Here is the document https://docs.microsoft.com/en-us/azure/azure-stack/user/azure-stack-solution-template-kubernetes-adfs.
Azure Stack version need to be 1901 and above.

[vikasnav]

Closing the issue as we have addressed this in the latest releases.