../../_images/azure_aks.png

Azure Kubernetes Service

Prerequisites

The L7|ESP Helm chart will be installed on a managed cloud-native Kubernetes service, therefore it is imperative to have:

  • Azure Subscription

  • Azure Service Principal Account

CLI tools

The kubectl and az command line tools will be use respectively to programmatically access the Kubernetes cluster and the Azure subscription. To install the CLI tools, follow the link below and choose the correct operating sytem:

ARM template

The latest ARM template is as follows:

 1@description('The location of AKS resource.')
 2param azureLocation string = resourceGroup().location
 3
 4@description('The name of the Managed Cluster resource.')
 5param clusterName string = 'l7esp-example'
 6
 7@description('The number of nodes for the cluster. 1 Node is enough for Dev/Test and minimum 3 nodes, is recommended for Production')
 8@minValue(1)
 9@maxValue(100)
10param clusterNodeCount int = 3
11
12@description('The size of the Virtual Machine.')
13param clusterNodeSize string = 'Standard_D4_v4'
14
15@description('Disk size (in GiB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize.')
16@minValue(0)
17@maxValue(1023)
18param clusterNodeDiskGB int = 0
19
20@description('Optional DNS prefix to use with hosted Kubernetes API server FQDN.')
21param clusterDNSPrefix string = 'l7esp-example'
22
23resource cluster 'Microsoft.ContainerService/managedClusters@2020-09-01' = {
24  location: azureLocation
25  name: clusterName
26  tags: {
27    displayname: 'AKS Cluster'
28  }
29  identity: {
30    type: 'SystemAssigned'
31  }
32  properties: {
33    dnsPrefix: clusterDNSPrefix
34    agentPoolProfiles: [
35      {
36        name: 'agentpool'
37        osDiskSizeGB: clusterNodeDiskGB
38        count: clusterNodeCount
39        vmSize: clusterNodeSize
40        osType: 'Linux'
41        type: 'VirtualMachineScaleSets'
42        mode: 'System'
43      }
44    ]
45  }
46}
47
48output clusterFQDN string = cluster.properties.fqdn

 1{
 2  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
 3  "contentVersion": "1.0.0.0",
 4  "metadata": {
 5    "_generator": {
 6      "name": "bicep",
 7      "version": "0.6.18.56646",
 8      "templateHash": "16874195123538177185"
 9    }
10  },
11  "parameters": {
12    "azureLocation": {
13      "type": "string",
14      "defaultValue": "[resourceGroup().location]",
15      "metadata": {
16        "description": "The location of AKS resource."
17      }
18    },
19    "clusterName": {
20      "type": "string",
21      "defaultValue": "l7esp-example",
22      "metadata": {
23        "description": "The name of the Managed Cluster resource."
24      }
25    },
26    "clusterNodeCount": {
27      "type": "int",
28      "defaultValue": 3,
29      "maxValue": 100,
30      "minValue": 1,
31      "metadata": {
32        "description": "The number of nodes for the cluster. 1 Node is enough for Dev/Test and minimum 3 nodes, is recommended for Production"
33      }
34    },
35    "clusterNodeSize": {
36      "type": "string",
37      "defaultValue": "Standard_D4_v4",
38      "metadata": {
39        "description": "The size of the Virtual Machine."
40      }
41    },
42    "clusterNodeDiskGB": {
43      "type": "int",
44      "defaultValue": 0,
45      "maxValue": 1023,
46      "minValue": 0,
47      "metadata": {
48        "description": "Disk size (in GiB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize."
49      }
50    },
51    "clusterDNSPrefix": {
52      "type": "string",
53      "defaultValue": "l7esp-example",
54      "metadata": {
55        "description": "Optional DNS prefix to use with hosted Kubernetes API server FQDN."
56      }
57    }
58  },
59  "resources": [
60    {
61      "type": "Microsoft.ContainerService/managedClusters",
62      "apiVersion": "2020-09-01",
63      "name": "[parameters('clusterName')]",
64      "location": "[parameters('azureLocation')]",
65      "tags": {
66        "displayname": "AKS Cluster"
67      },
68      "identity": {
69        "type": "SystemAssigned"
70      },
71      "properties": {
72        "dnsPrefix": "[parameters('clusterDNSPrefix')]",
73        "agentPoolProfiles": [
74          {
75            "name": "agentpool",
76            "osDiskSizeGB": "[parameters('clusterNodeDiskGB')]",
77            "count": "[parameters('clusterNodeCount')]",
78            "vmSize": "[parameters('clusterNodeSize')]",
79            "osType": "Linux",
80            "type": "VirtualMachineScaleSets",
81            "mode": "System"
82          }
83        ]
84      }
85    }
86  ],
87  "outputs": {
88    "clusterFQDN": {
89      "type": "string",
90      "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))).fqdn]"
91    }
92  }
93}

ARM template parameters

When deploying the ARM template, you can override parameters like so:

 1{
 2  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
 3  "contentVersion": "1.0.0.0",
 4  "parameters": {
 5      "agentCount": {
 6          "value": 4
 7      },
 8      "agentVMSize": {
 9          "value": "standard_d11_v2"
10      }
11  }
12}

  • azureLocation: The location of AKS resource. Default value: same region/location as the resource group you are deploying ARM template into.

  • clusterDNSPrefix: Optional DNS prefix to use with hosted Kubernetes API server FQDN. Default value: aks-esp

  • clusterName: The name of the Managed Cluster resource. Default value: aks101cluster-vmss

  • clusterNodeCount: The number of nodes for the cluster. One node is enough for Dev/Test and minimum 3 nodes is recommended for Production. Default: 3

  • clusterNodeDiskGB: Disk size (in GiB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize. Default value: 0

  • clusterNodeSize: The size of the virtual machine. Default: Standard_D4_v4

Deploy ARM template

Login to Azure. For example, if you are using a service principle account that has Contributor role, you can login to Azure using the following command:

$ az login \
      --service-principal \
      --username <service-principal-id> \
      --password <service-principal-password> \
      --tenant <tenant-id>

Create a resource group to deploy into, if you haven’t already:

$ az group create \
      --name <resource-group-name> \
      --location <resource-group-location>

Create ARM deployment in the resource group:

$ az group deployment create \
      --resource-group l7esp-example-rg \
      --name l7esp-example \
      --template-file ./aks.template.json \
      --parameters ./aks.parameters.json \
      --rollback-on-error \
      --verbose

Validate Resource Creation

In the Azure portal, navigate to the resource group and verify that all resources are listed:

../../_images/Armdeployment.png

Access the Kubernetes cluster

Log into your Azure Subscription to access cluster:

$ az login

Use the Azure CLI to download the Kubernetes credentials into your local config:

$ az aks get-credentials \
       --name <cluster-name> \
       --resource-group <cluster-resource>
Merged "<my-cluster>" as current context in /home/<user>/.kube/config

Check that Kubernetes nodes were successfully provisioned and are healthy:

$ kubectl get nodes
NAME                                STATUS   ROLES   AGE   VERSION
aks-agentpool-21130059-vmss000000   Ready    agent   1h    v1.22.6
aks-agentpool-21130059-vmss000001   Ready    agent   1h    v1.22.6
aks-agentpool-21130059-vmss000002   Ready    agent   1h    v1.22.6
aks-agentpool-21130059-vmss000003   Ready    agent   1h    v1.22.6

You should see a list of nodes with a Ready status.

Installing L7|ESP Helm chart

To install L7|ESP on the new Kubernetes cluster, see the Helm deployment guide.