These are the required steps for you to successfully create a Kubernetes service on your own Azure account.
Components you will need to create in your account
Step by step tutorial
Create your Azure Kubernetes Service
In general, the tutorial will help you create:
- Create the AKS cluster.
- Make sure to select Kubernetes version 1.13.5
- Select 3 nodes of Standard DS2 v2 type
- Connect to the AKS cluster.
Once the cluster is created and you are connected, you'll need to extract some values.
Go to the resources page, click in the Kubernetes service you just created, and copy the API server address, this is your Cluster Address
To get the cluster certificate, you can find this after running the
az aks get-credentials command as described in the Azure tutorial. After that you can open the file
~/.kube/config and search for the cluster with the name you just created. Copy the field certificate-authority-data and paste it in a base64 decoder like https://www.base64decode.net/. Keep the result as this is the cluster certificate. What you are looking for looks like this:
- cluster: certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV4ekNDQXE... server: https://cluster-name-dns-fc43a919.hcp.westus.azmk8s.io:443 name: cluster-name
Later you need to register a service account for Forma, so it can access your cluster. Run
kubectl apply -f http://bit.ly/2JI44mF and then run
kubectl describe secrets forma-proxy-secret
Copy and save the token that is shown once the script runs successfully.
Make sure you copy this token.
Configure nodes to be reachable
Check all your Azure resources and click on any of the network interfaces created for this cluster.
Click on IP Configurations, in the sidebar menu, under Settings.
Click on the first ipconfig1 element.
Click on Enabled for public IP
Click on create new and fill the form.
After you save, it will create a public IP and assign it to your node, this might take a couple of minutes. When it is done the page should refresh and you should see the ExternalIP for your.
We also need to enable access to Forma in the ports 30000-32000, to do so go to the resources page and look for the Network security group created for the cluster. Under Settings look for Inbound security rules and add a new rule with the following configuration.
Create a Cluster configuration in Forma
Login to Forma if you haven't yet forma.worldsibu.com. And fill the "How to connect" fields accordingly to the previous instructions.
You will need the Kubernetes Cluster Address and Public External Cluster Address you got before, as well as the Token and the Connection certificate content.
Save the cluster configuration and head back to the home of Forma to create a new Network.
Summary of the data you need to get Forma to talk to your Cluster
In general, this is the data you will need to create configure your Cluster in Forma is the following, we have created this table to help you map the concepts.
|In Forma||In Azure||How to get it|
|Kubernetes Cluster Address|| API Server Address
||From the Kubernetes Service page in the overview tab|
|Public External Cluster Address||Public IP address||Check the tutorial here to get it form the IP Configurations of the Network Interface|
|Token||Token|| You get it by running the command
|Connection certificate content||Cluster certificate-authority|| By getting the yml file pointing to the certificate