Create the Azure Kubernetes Service (AKS)

Required permissions: create Azure Kubernetes service; the user must be the OWNER of the resource group

To create the AKS:

  1. Get the subnet ID which you want to use for AKS and store it to an environment variable:
# SUBNET_ID=$(az network vnet subnet show \
--resource-group <RESOURCE_GROUP> \
--vnet-name <VNET_NAME> \
--name <SUBNET_NAME> \
--query id -o tsv)

For example, to use the virtual network demo-vnet from the resource group srg-demo and subnet aks-subnet, you would run the following command:

# SUBNET_ID=$(az network vnet subnet show --resource-group srg-demo --vnet-name demo-vnet --name aks-subnet --query id -o tsv)

  1. Create the AKS in this subnet by running the command:
# az aks create \
-g <RESOURCE GROUP> \
-n <AKS NAME> \
-c <NUMBER OF NODES> \
--kubernetes-version <Kubernetes version> \
--generate-ssh-keys \
--node-vm-size <VM SIZE> \
--vm-set-type VirtualMachineScaleSet \
--service-principal "<SP APP ID>" \
--client-secret "<SP PASSWORD>" \
--load-balancer-sku basic \
--vnet-subnet-id $SUBNET_ID

where:

<RESOURCE GROUP> is your main resource group

<AKS NAME> is your AKS resource name

<NUMBER OF NODES> is the number of worker nodes

<KUBERNETES VERSION> is the version of the Kubernetes cluster we want to create, which must be supported by your OMT version. You must be OWNER (or be OWNER of resource group) to be able to assign the virtual network to the AKS.

<VM SIZE> for example, Standard_D4s_v3.

For a production cluster, do not use a size less than Standard_D8s_v3 with less than 32 GB of RAM.

For a list of possible VMs, run the command:

# az vm list-sizes -l <LOCATION> | jq ".[] | .name"

Example command:

# az aks create \
-g "srg-demo" \
-n "srg-demo-aks" \
-c "3" \
--kubernetes-version 1.26 \
--generate-ssh-keys \
--node-vm-size "Standard_D4s_v3" \
--vm-set-type VirtualMachineScaleSets \
--service-principal "52f25b66-2700-474d-a2a0-016f0b149e22" \
--client-secret "bf47aa85-9578-4d61-a8e9-ffafe5a1e22b" \
--load-balancer-sku basic \
--vnet-subnet-id $SUBNET_ID

The az aks create command will generate private and public keys, which are stored in the ~/.ssh directory. Download id_rsa to a secure network location. Later, this will be uploaded to the jump host and used to connect to AKS nodes from the jump host.

Next Step: Prepare the Subnet for the NFS Server and Jump Host