We have seen recently how to setup the kubernetes cluster on the bare-metal, now lets see how to setup the kubernetes cluster on cloud providers like AWS and Azure. Part of that lets see how to create the Azure kubernetes services using Terraform. You can create even via UI, but it will be too easy, so we want to cover the automation way.
What is AKS?
Azure Kubernetes Service (AKS) simplifies deploying a managed Kubernetes cluster in Azure by offloading the operational overhead to Azure. As a hosted Kubernetes service, Azure handles critical tasks, like health monitoring and maintenance. Since Kubernetes masters are managed by Azure, you only manage and maintain the agent nodes. Thus, AKS is free; you only pay for the agent nodes within your clusters, not for the masters.
Pre-requisites
Install Terraform
Follow the instructions here to install Terraform. When you’re done, you should be able to run the terraform command:
# terraformCreate your Azure Service Principal
Before we start, we need to create the service principal, for that please run following command. Follow the instruction suggested by the command.
# az login
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code A9F39EFUE to authenticate.
[
{
"cloudName": "AzureCloud",
"homeTenantId": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"id": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"isDefault": true,
"managedByTenants": [],
"name": "azureftworkspace",
"state": "Enabled",
"tenantId": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"user": {
"name": "cloud@foxutech.com",
"type": "user"
}
}
]Some case we may need to manage more then one subscription, so I suggest to set the subscription you like the use or declare in terraform variables correctly. If you like to set via azure CLI, please use following command to set it.
# az account set --subscription="SUBSCRIPTION_ID"We can now create the Service Principal which will have permissions to manage resources in the specified subscription using the following command:
# az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/SUBSCRIPTION_ID
"Creating a role assignment under the scope of "/subscriptions/xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
{
"appId": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"displayName": "azure-cli-2022-04-27-16-16-09",
"password": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"tenant": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}These values map to the Terraform variables like so:
- appId is the CLIENT_ID defined above.
- password is the CLIENT_SECRET defined above.
- tenant is the TENANT_ID defined above.
# az login --service-principal -u CLIENT_ID -p CLIENT_SECRET --tenant TENANT_ID
[
{
"cloudName": "AzureCloud",
"id": "xxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"isDefault": true,
"name": "Azureftworkspace",
"state": "Enabled",
"tenantId": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"user": {
"name": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"type": "servicePrincipal"
}
}
]Configure Azure storage to store Terraform state
Terraform tracks state locally via the terraform.tfstate file. This pattern works well in a single-person environment. However, in a more practical multi-person environment, you need to track state on the server using Azure storage. In this section, you learn to retrieve the necessary storage account information and create a storage container. The Terraform state information is then stored in that container.
Use one of the following options to create an Azure storage account and container:
Hope with this we have all required resources as following,
- Terraform installed in the machine
- Azure Service Principal — To create the azure k8s
- Azure Storage and containers — To store tfstate file
- Kubectl installed for the managing the resources
All set! Let’s deploy it.
Let’s Start Terraform
Continue reading the article in How to create Azure Kubernetes Service using Terraform — FoxuTech
