github.com/imran-kn/cilium-fork@v1.6.9/Documentation/gettingstarted/k8s-install-aks.rst

github.com/imran-kn/cilium-fork@v1.6.9/Documentation/gettingstarted/k8s-install-aks.rst (about)

     1  .. only:: not (epub or latex or html)
     2  
     3      WARNING: You are looking at unreleased Cilium documentation.
     4      Please use the official rendered version released here:
     5      http://docs.cilium.io
     6  
     7  .. _k8s_install_aks:
     8  
     9  *************************
    10  Installation on Azure AKS
    11  *************************
    12  
    13  This guide covers installing Cilium into an Azure AKS environment. This guide
    14  will work when setting up AKS in both `Basic <https://docs.microsoft.com/en-us/azure/aks/concepts-network#kubenet-basic-networking>`_ and `Advanced 
    15  <https://docs.microsoft.com/en-us/azure/aks/concepts-network#azure-cni-advanced-networking>`_ networking mode.
    16  
    17  This is achieved using Cilium in CNI chaining mode, with the Azure CNI plugin
    18  as the base CNI plugin and Cilium chaining on top to provide L3-L7
    19  observability, network policy enforcement enforcement, Kubernetes services
    20  implementation, as well as other advanced features like transparent encryption
    21  and clustermesh.
    22  
    23  Prerequisites
    24  =============
    25  
    26  Ensure that you have the `Azure Cloud CLI 
    27  <https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest>`_ installed.
    28  
    29  To verify, confirm that the following command displays the set of available
    30  Kubernetes versions.
    31  
    32  .. code:: bash
    33  
    34          az aks get-versions -l westus -o table
    35  
    36  Create an AKS Cluster
    37  =====================
    38  
    39  You can use any method to create and deploy an AKS cluster with the exception
    40  of specifying the Network Policy option. Doing so will still work but will
    41  result in unwanted iptables rules being installed on all of your nodes.
    42  
    43  If you want to us the CLI to create a dedicated set of Azure resources
    44  (resource groups, networks, etc.) specifically for this tutorial, the following
    45  commands (borrowed from the AKS documentation) run as a script or manually all
    46  in the same terminal are sufficient.
    47  
    48  It can take 10+ minutes for the final command to be complete indicating that
    49  the cluster is ready.
    50  
    51  .. note:: **Do NOT specify the '--network-policy' flag** when creating the cluster,
    52      as this will cause the Azure CNI plugin to push down unwanted iptables rules:
    53  
    54  .. code:: bash
    55  
    56          export RESOURCE_GROUP_NAME=group1
    57          export CLUSTER_NAME=aks-test1
    58          export LOCATION=westus
    59  
    60          az group create --name $RESOURCE_GROUP_NAME --location $LOCATION
    61          az aks create \
    62              --resource-group $RESOURCE_GROUP_NAME \
    63              --name $CLUSTER_NAME \
    64              --node-count 2 \
    65              --generate-ssh-keys \
    66              --network-plugin azure
    67  
    68  Configure kubectl to Point to Newly Created Cluster
    69  ===================================================
    70  
    71  Run the following commands to configure kubectl to connect to this
    72  AKS cluster:
    73  
    74  .. code:: bash
    75  
    76      az aks get-credentials --resource-group $RESOURCE_GROUP_NAME --name $CLUSTER_NAME
    77  
    78  To verify, you should see AKS in the name of the nodes when you run:
    79  
    80  .. code:: bash
    81  
    82      kubectl get nodes
    83      NAME                       STATUS   ROLES   AGE     VERSION
    84      aks-nodepool1-12032939-0   Ready    agent   8m26s   v1.13.10
    85  
    86  .. include:: k8s-install-azure-cni-steps.rst
    87  
    88  .. include:: k8s-install-validate.rst