top of page

Recent Posts

Archive

Tags

Cheat sheet: Quick Start to managing AKS with Azure CLI and Kubectl

Recently I have had the pleasure of deep diving into Kubernetes by way of Microsoft Azure's managed Kubernetes Service (AKS). There has been much activity with clients going head first into containerization for various reasons and learning how to manage these resources is a valuable skill for any modern cloud architect. Coming from and infrastructure background, I can understand that anything that resembles development work can seem insurmountable. Luckily the Azure CLI and PowerShell make it easy for those with infrastructure skill to begin to learn about managing AKS deployments.

The first thing that we will have to look at for this tutorial is downloading the following:

  1. Azure CLI (Native Azure command-line interface)- https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest

  2. Kubectl (Kubernetes command-line tool) - https://kubernetes.io/docs/tasks/tools/install-kubectl/

My preference for using the Azure CLI on Windows is PowerShell or the PowerShell ISE.

We first have to log into the subscription with the Azure CLI:

  1. Run az login

  2. A browser window will open and you can select your credentials

  3. A message will appear in your console that will say if you connected successfully

  4. Set your subscription context:

a. az account set -s "NAME_OF_SUBSCRIPTION"

Now that we are logged in, let's get some credentials to our cluster. These are instructions for downloading the Admin kube config for the cluster. The Admin Kubeconfig is the master key to the cluster, enabling permissions to do any operation on the cluster, and is downloaded here for example purposes only. Make sure that you keep file safe.

Navigate in your PowerShell console to your .kube directory at C:\users\<username>\.kube (this can really be any directory that your wish, but if not the .kube directory then you will have to append "--kubeconfig <path>\<to>\kubeconfig") to each command that you run.

  1. Run az aks get-credentials --resource-group <AKS CLUSTER RESOURCE GROUP> --name <AKS CLUSTER NAME> --admin -f .\<desirednameofadminfile>

  2. Verify your connection to the cluster:

  3. Kubectl cluster-info

  4. Run your kubectl commands!

Sample kubectl commands:

kubectl cluster-info - Make sure you are connected to the correct cluster!

kubectl create namespace <namespace>

kubectl create quota <quotaname> --hard=cpu=1,memory=2Gi --namespace=<namespacename>

Kubectl apply -f <yamlfile>.yaml

See the kubectl command reference here

If you want to give access to the cluster without giving access to the entire cluster, you must create a role binding (as opposed to a cluster role binding which will give access to the entire cluster). A role binding will give access to a namespace for a specific Azure Active Directory user or group. Hint: user the object ID when referencing the user or group in the yaml file. Example yaml configuration files can be found here in the official Kubernetes documentation here.

I recommend reading through the documentation as it is super easy and intuitive to use and will definitely add valuable skills to your toolbelt.

Single post: Blog_Single_Post_Widget

Follow

  • LinkedIn

©2018 by Jennifer Morris

bottom of page