This repo is a companion repo to the Provision an AKS Cluster learn guide, containing Terraform configuration files to provision an AKS cluster on Azure.
After installing the Azure CLI and logging in. Create an Active Directory service principal account.
$ az ad sp create-for-rbac --skip-assignment
{
"appId": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa",
"displayName": "azure-cli-2019-04-11-00-46-05",
"name": "http://azure-cli-2019-04-11-00-46-05",
"password": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa",
"tenant": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa"
}Then, replace terraform.tfvars values with your appId and password.
Terraform will use these values to provision resources on Azure.
After you've done this, initalize your Terraform workspace, which will download
the provider and initialize it with the values provided in the terraform.tfvars file.
$ terraform init
Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...
- Downloading plugin for provider "azurerm" (1.27.0)...
Terraform has been successfully initialized!Then, provision your AKS cluster by running terraform apply. This will
take approximately 10 minutes.
$ terraform apply
# Output truncated...
Plan: 3 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
# Output truncated...
Apply complete! Resources: 3 added, 0 changed, 0 destroyed.
Outputs:
kubernetes_cluster_name = light-eagle-aks
resource_group_name = light-eagle-rgTo configure kubetcl run the following command:
$ az aks get-credentials --resource-group light-eagle-rg --name light-eagle-aks;The resource group name and AKS name correspond to the output variables showed after the successful Terraform run.
You can view these outputs again by running:
$ terraform outputTo use the Kubernetes dashboard, we need to create a ClusterRoleBinding. This
gives the cluster-admin permission to access the kubernetes-dashboard.
$ kubectl create clusterrolebinding kubernetes-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard --user=clusterUser
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard createdFinally, to access the Kubernetes dashboard, run the following command:
$ az aks browse --resource-group light-eagle-rg --name light-eagle-aks
Merged "light-eagle-aks" as current context in /var/folders/s6/m22_k3p11z104k2vx1jkqr2c0000gp/T/tmpcrh3pjs_
Proxy running on http://127.0.0.1:8001/
Press CTRL+C to close the tunnel...You should be able to access the Kubernetes dashboard at http://127.0.0.1:8001/.