Skip to content
/ azb-install Public

Script to create a new Azure Kubernetes Service (AKS) with RBAC and POD Identity enabled by default

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AzBuilder/azb-install

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
bash
bash
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

azb-install

Requirements

In order to run the installation script you will need to install Azure CLI.

Cluster creation

To create the cluster use the following commands:

git clone [email protected]:AzBuilder/azb-install.git
cd bash
./install.sh

Default Parameters

This values are used by default when running the script:

Value Description
AKS_SUBSCRIPTION Default Azure Subscription
AKS_USER_ADMIN Azure CLI User

You can change this behaviour modifying the installation script

Supported Flags

The following flags can be used when running the installation script:

Parameter Description Default Value
r AKS_RESOURCE_GROUP aks-azb-rg
l AKS_LOCATION eastus2
v AKS_VNET_NAME aks-vnet
e AKS_VNET_PREFIX 10.1.0.0/16
s AKS_SUBNET_NAME aks-subnet
t AKS_SUBNET_PREFIX 10.1.0.0/24
n AKS_NAME aks-azb
s AKS_VM_SIZE Standard_B2ms
c AKS_NODE_COUNT 1
b AKS_LB_SKU basic
i AKS_POD_IDENTITY_NAME azb-identity
p AKS_NAMESPACE azb-ns

Example:

./install.sh -r custom-rg -l southcentralus

Test Installation

In order to check the default installation create a new pod using demo.yaml

apiVersion: v1
kind: Pod
metadata:
  name: demo
  labels:
    aadpodidbinding: azb-identity
spec:
  containers:
  - name: azcli
    image: mcr.microsoft.com/azure-cli
    command: ["/bin/sh","-c","echo 'Connecting to Azure...'; az login --identity --allow-no-subscriptions; echo 'Show Azure Subscription...'; az account list --all; echo 'Contecting to AKS'; az aks get-credentials --resource-group aks-azb-rg --name aks-azb;"]
  restartPolicy: OnFailure

Run kubectl command to created the POD

kubectl create -f demo.yaml -n azb-ns

The POD creation will take one or two minutes, use this command to check POD status.

kubectl get pods
NAME   READY   STATUS      RESTARTS   AGE
demo   0/1     Completed   0          82s

Once the status is completed validate the logs to see if the POD is connecting to Azure and the AKS Cluster with the user-assigned managed identity

Example:

kubectl logs demo
Connecting to Azure...
[
  {
    "environmentName": "AzureCloud",
    "homeTenantId": "XXXXXXXXXXXXXXXXXXXX",
    "id": "XXXXXXXXXXXXXXXXXXXX",
    "isDefault": true,
    "managedByTenants": [
      {
        "tenantId": "XXXXXXXXXXXXXXXXXXXX"
      }
    ],
    "name": "Development",
    "state": "Enabled",
    "tenantId": "XXXXXXXXXXXXXXXXXXXX",
    "user": {
      "assignedIdentityInfo": "MSI",
      "name": "systemAssignedIdentity",
      "type": "servicePrincipal"
    }
  }
]
Show Azure Subscription...
[
  {
    "cloudName": "AzureCloud",
    "homeTenantId": "XXXXXXXXXXXXXXXXXXXX",
    "id": "XXXXXXXXXXXXXXXXXXXX",
    "isDefault": true,
    "managedByTenants": [
      {
        "tenantId": "XXXXXXXXXXXXXXXXXXXX"
      }
    ],
    "name": "Development",
    "state": "Enabled",
    "tenantId": "XXXXXXXXXXXXXXXXXXXX",
    "user": {
      "assignedIdentityInfo": "MSI",
      "name": "systemAssignedIdentity",
      "type": "servicePrincipal"
    }
  }
]
Contecting to AKS
Merged "aks-azb" as current context in /root/.kube/config

About

Script to create a new Azure Kubernetes Service (AKS) with RBAC and POD Identity enabled by default

Topics

bash kubernetes azure aks

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages