azure-aks

kubernetes on azure#


        bash
        
            
        
     
az group create -n myGroup
az configure --defaults group=myGroup
az acr create -n myRegistry --sku basic
az acr login -n myRegistry
az aks create -n myCluster \
    --node-count 1 \
    --node-vm-size Standard_B2s \
    --load-balancer-sku basic \
    --node-osdisk-size 32 \
    --attach-acr myRegistry
az aks get-credentials --name myCluster

Because I often get the following;

Operation failed with status: ‘Bad Request’. Details: The credentials in ServicePrincipalProfile were invalid. Please see https://aka.ms/aks-sp-help for more details. (Details: adal: Refresh request failed. Status Code = ‘400’. Response body: {“error”:”unauthorized_client”,”error_description”:”AADSTS700016: Application with identifier > ‘' was not found in the directory ''. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

Instead I do this;


        bash
        
            
        
     
az ad sp create-for-rbac --skip-assignment -n mySP
az aks create -n tye --generate-ssh-keys --node-count 1 --node-vm-size Standard_B2s --service-principal <appId-from-previous-command> --client-secret <password-from-previous-command>

Github issue

browse dashboard#


        lua
        
            
        
     
kubectl create clusterrolebinding kubernetes-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard
az aks browse -n myCluster

Docs

posts#

2021-01-30 Low-Cost Kubernetes on DigitalOcean
2020-05-13 Optimising for Cost in Azure Kubernetes Service