azure-aks

kubernetes on azure

az group create -n myGroup
az configure --defaults group=myGroup
az acr create -n myRegistry --sku basic
az acr login -n myRegistry
az aks create -n myCluster \
    --node-count 1 \
    --node-vm-size Standard_B2s \
    --load-balancer-sku basic \
    --node-osdisk-size 32 \
    --attach-acr myRegistry
az aks get-credentials --name myCluster

Because I often get the following;

Operation failed with status: ‘Bad Request’. Details: The credentials in ServicePrincipalProfile were invalid. Please see https://aka.ms/aks-sp-help for more details. (Details: adal: Refresh request failed. Status Code = ‘400’. Response body: {“error”:”unauthorized_client”,”error_description”:”AADSTS700016: Application with identifier > ‘' was not found in the directory ''. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

Instead I do this;

az ad sp create-for-rbac --skip-assignment -n mySP
az aks create -n tye --generate-ssh-keys --node-count 1 --node-vm-size Standard_B2s --service-principal <appId-from-previous-command> --client-secret <password-from-previous-command>

Github issue

browse dashboard

kubectl create clusterrolebinding kubernetes-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard
az aks browse -n myCluster

Docs