AKS Create and Delete Cluster: Difference between revisions
| (10 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
* https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal | * https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal | ||
=Internal= | =Internal= | ||
* [[AKS_Operations#Create_and_Delete_Cluster|AKS]] | * [[AKS_Operations#Create_and_Delete_Cluster|AKS Operations]] | ||
=Creation Procedure= | =Creation Procedure= | ||
==Console== | |||
Go to https://portal.azure.com. | |||
Create a resource → Containers → Kubernetes Service | |||
===Basic=== | |||
Subscription: | |||
Resource group: Create New → aks-dev | |||
Cluster details: | |||
Cluster names: aks-dev | |||
Region: ... | |||
Availability zones: 1, 2, 3. | |||
Kubernetes version: 1.19.7 | |||
Primary node pool | |||
Node size: Standard D8as_v4 | |||
Node count: 3 | |||
===Node pools=== | |||
No additional node pools. | |||
Enable virtual nodes: no | |||
Enable virtual machine scale sets: yes by default (required) | |||
===Authentication=== | |||
Cluster infrastructure: [[AKS_Concepts#Service_Principal|Service principal]] or [[AKS_Concepts#System-Assigned_Managed_Identity|System-assigned managed identity]]. | |||
Use System-assigned managed identity. | |||
Kubernetes authentication and authorization | |||
Role-based access control (RBAC): Enabled | |||
AKS-managed Azure Active Directory: Disabled | |||
Node pool OS disk encryption. | |||
Encryption type: Default Encryption at-rest with a platform-managed key. | |||
===Networking=== | |||
Networking configuration: Kubenet or Azure CNI. | |||
Use Kubenet. | |||
DNS name prefix. This is the DNS name prefix to use with the hosted Kubernetes API server FQDN: | |||
aks-dev | |||
Traffic routing: | |||
Load balancer: Standard | |||
Enable [[AKS_Concepts#HTTP_Application_Routing|HTTP application routing]]. | |||
Security: | |||
Enable [[AKS_Concepts#Private_Cluster|private cluster]]: Disable | |||
Set authorized IP ranges: Disable | |||
Network policy: None | |||
===Integration=== | |||
====Azure Container Registry==== | |||
{{Internal|AKS_Concepts#Azure_Container_Registry|Azure Container Registry}} | |||
No container registry declared. | |||
====Azure Monitor==== | |||
====Azure Policy==== | |||
==CLI== | |||
=Deletion Procedure= | =Deletion Procedure= | ||
Latest revision as of 22:45, 9 April 2021
External
Internal
Creation Procedure
Console
Go to https://portal.azure.com.
Create a resource → Containers → Kubernetes Service
Basic
Subscription:
Resource group: Create New → aks-dev
Cluster details:
Cluster names: aks-dev
Region: ...
Availability zones: 1, 2, 3.
Kubernetes version: 1.19.7
Primary node pool
Node size: Standard D8as_v4
Node count: 3
Node pools
No additional node pools.
Enable virtual nodes: no
Enable virtual machine scale sets: yes by default (required)
Authentication
Cluster infrastructure: Service principal or System-assigned managed identity.
Use System-assigned managed identity.
Kubernetes authentication and authorization
Role-based access control (RBAC): Enabled
AKS-managed Azure Active Directory: Disabled
Node pool OS disk encryption.
Encryption type: Default Encryption at-rest with a platform-managed key.
Networking
Networking configuration: Kubenet or Azure CNI.
Use Kubenet.
DNS name prefix. This is the DNS name prefix to use with the hosted Kubernetes API server FQDN:
aks-dev
Traffic routing:
Load balancer: Standard
Enable HTTP application routing.
Security:
Enable private cluster: Disable
Set authorized IP ranges: Disable
Network policy: None
Integration
Azure Container Registry
No container registry declared.