azure-aks

kubernetes on azure#

bash
az group create -n myGroup az configure --defaults group=myGroup az acr create -n myRegistry --sku basic az acr login -n myRegistry az aks create -n myCluster \ --node-count 1 \ --node-vm-size Standard_B2s \ --load-balancer-sku basic \ --node-osdisk-size 32 \ --attach-acr myRegistry az aks get-credentials --name myCluster

Because I often get the following;

Operation failed with status: ‘Bad Request’. Details: The credentials in ServicePrincipalProfile were invalid. Please see https://aka.ms/aks-sp-help for more details. (Details: adal: Refresh request failed. Status Code = ‘400’. Response body: {“error”:”unauthorized_client”,”error_description”:”AADSTS700016: Application with identifier > ‘' was not found in the directory ''. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

Instead I do this;

bash
az ad sp create-for-rbac --skip-assignment -n mySP az aks create -n tye --generate-ssh-keys --node-count 1 --node-vm-size Standard_B2s --service-principal <appId-from-previous-command> --client-secret <password-from-previous-command>

Github issue

browse dashboard#

lua
kubectl create clusterrolebinding kubernetes-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard az aks browse -n myCluster

Docs

posts#