Deploy an Azure Kubernetes Service (AKS) cluster

Kubernetes provides a distributed platform for containerized applications. With AKS, you can quickly create a production ready Kubernetes cluster. In this tutorial, part three of seven, you deploy a Kubernetes cluster in AKS. You learn how to:

  • Deploy a Kubernetes AKS cluster that can authenticate to an Azure Container Registry (ACR).
  • Install the Kubernetes CLI, kubectl.
  • Configure kubectl to connect to your AKS cluster.

In later tutorials, you’ll deploy the Azure Vote application to your AKS cluster and scale and update your application.

Before you begin

In previous tutorials, you created a container image and uploaded it to an ACR instance. If you haven’t done these steps and would like to follow along, start with Tutorial 1: Prepare an application for AKS.

  • If you’re using Azure CLI, this tutorial requires that you’re running the Azure CLI version 2.0.53 or later. Run az --version to find the version. If you need to install or upgrade, see Install Azure CLI.
  • If you’re using Azure PowerShell, this tutorial requires that you’re running Azure PowerShell version 5.9.0 or later. Run Get-InstalledModule -Name Az to find the version. If you need to install or upgrade, see Install Azure PowerShell.

Create a Kubernetes cluster

AKS clusters can use Kubernetes role-based access control (Kubernetes RBAC), which allows you to define access to resources based on roles assigned to users. If a user is assigned multiple roles, permissions are combined. Permissions can be scoped to either a single namespace or across the whole cluster.

To learn more about AKS and Kubernetes RBAC, see Control access to cluster resources using Kubernetes RBAC and Azure Active Directory identities in AKS.

Azure CLI

Create an AKS cluster using az aks create. The following example creates a cluster named myAKSCluster in the resource group named myResourceGroup. This resource group was created in the previous tutorial in the eastus region. The AKS cluster will also be created in the eastus region.

For more information about AKS resource limits and region availability, see Quotas, virtual machine size restrictions, and region availability in AKS.

To allow an AKS cluster to interact with other Azure resources, a cluster identity is automatically created. In this example, the cluster identity is granted the right to pull images from the ACR instance you created in the previous tutorial. To execute the command successfully, you’re required to have an Owner or Azure account administrator role in your Azure subscription.

Azure CLI

az aks create \
    --resource-group myResourceGroup \
    --name myAKSCluster \
    --node-count 2 \
    --generate-ssh-keys \
    --attach-acr <acrName>

To avoid needing an Owner or Azure account administrator role, you can also manually configure a service principal to pull images from ACR. For more information, see ACR authentication with service principals or Authenticate from Kubernetes with a pull secret. Alternatively, you can use a managed identity instead of a service principal for easier management.

After a few minutes, the deployment completes and returns JSON-formatted information about the AKS deployment.

Note: To ensure your cluster operates reliably, you should run at least two nodes.

Install the Kubernetes CLI

Use the Kubernetes CLI, kubectl, to connect to the Kubernetes cluster from your local computer.

Azure CLI

If you use the Azure Cloud Shell, kubectl is already installed. You can also install it locally using the az aks install-cli command.

Azure CLI

az aks install-cli

Connect to cluster using kubectl

Azure CLI

To configure kubectl to connect to your Kubernetes cluster, use the az aks get-credentials command. The following example gets credentials for the AKS cluster named myAKSCluster in myResourceGroup.

Azure CLI

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

To verify connection to your cluster, run kubectl get nodes to return a list of cluster nodes.

Azure CLI

kubectl get nodes

The following example output shows the list of cluster nodes.

$ kubectl get nodes

NAME                                STATUS   ROLES   AGE     VERSION
aks-nodepool1-37463671-vmss000000   Ready    agent   2m37s   v1.18.10
aks-nodepool1-37463671-vmss000001   Ready    agent   2m28s   v1.18.10

Source

About Author