This repo contains a collection of codes to set up AKS Private Cluster, GitOps using ArgoCD, Istio, Kiali, and many more tools.
The code on this repo comes from following sources:
Terraform:
GitOps:
Istio:
az login -t {TENANTNID}
az account show -o table
If you are not in the correct subscription, change it substituting SUBSCRIPTIONID with the proper subscription id
az account set --subscription {SUBSCRIPTIONID}
export TF_VAR_logged_user_objectId=$(az ad signed-in-user show --query objectId -o tsv)
cd enterprise_scale/construction_sets/aks
configuration_folder=online/aks_secure_baseline/configuration
parameter_files=$(find $configuration_folder | grep .tfvars | sed 's/.*/-var-file &/' | xargs)
terraform init -upgrade
eval terraform apply ${parameter_files}
You are done with deployment of AKS environment, next step is to deploy the application and reference components.
To get the credentials profile from your clusters issue following command
az aks get-credentials -n <yourClusterName> -g <yourResourceGroupName>
For Admin profile
az aks get-credentials --resource-group myResourceGroup --name myAKSCluster --admin
Use kubectl config get-contexts you will be seeing all the clusters you where authenticated against, regardless of the azure subscription
kubectl config get-contexts
My case I have 2 x cluster in different azure subscription, to switch profile I need to use the context use below command to switch context between the clusters.
kubectl config use-context <yourClusterName>
To assign Admin role
AKS_CLUSTER=$(az aks show --resource-group rampup-rg-aks-re1 --name rampup-aks-akscluster-re1-001 --query id -o tsv)
ACCOUNT_UPN=$(az account show --query user.name -o tsv)
ACCOUNT_ID=$(az ad user show --id $ACCOUNT_UPN --query objectId -o tsv)
az role assignment create \
--assignee $ACCOUNT_ID \
--scope $AKS_CLUSTER \
--role "Azure Kubernetes Service Cluster Admin Role"
To use a shorthand alias for kubectl given below some example for full list visit kubectl alias
alias k='kubectl'
alias kg='kubectl get'
alias kgpo='kubectl get pod'
alias krm='kubectl delete'
alias krmf='kubectl delete -f'
alias kgsvc='kubectl get svc'
alias kd='kubectl describe'
alias kgdep='kubectl get deployment'