Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • v2.28.0
  • v2.27.0
  • v2.25.1
  • v2.24.3
  • v2.26.0
  • v2.24.2
  • v2.25.0
  • v2.24.1
  • v2.22.2
  • v2.23.3
  • v2.24.0
  • v2.23.2
  • v2.23.1
  • v2.23.0
  • v2.22.1
  • v2.22.0
  • v2.21.0
  • v2.20.0
  • v2.19.1
  • v2.18.2
21 results

azure.md

Blame
    • azure.md 4.90 KiB

    Azure

    To deploy Kubernetes on Azure uncomment the cloud_provider option in group_vars/all/all.yml and set it to 'azure'.

    All your instances are required to run in a resource group and a routing table has to be attached to the subnet your instances are in.

    Not all features are supported yet though, for a list of the current status have a look here

    Parameters

    Before creating the instances you must first set the azure_ variables in the group_vars/all/all.yml file.

    All values can be retrieved using the Azure CLI tool which can be downloaded here: https://docs.microsoft.com/en-gb/cli/azure/install-azure-cli After installation you have to run az login to get access to your account.

    azure_cloud

    Azure Stack has different API endpoints, depending on the Azure Stack deployment. These need to be provided to the Azure SDK. Possible values are: AzureChinaCloud, AzureGermanCloud, AzurePublicCloud and AzureUSGovernmentCloud. The full list of existing settings for the AzureChinaCloud, AzureGermanCloud, AzurePublicCloud and AzureUSGovernmentCloud is available in the source code here

    azure_tenant_id + azure_subscription_id

    run az account show to retrieve your subscription id and tenant id: azure_tenant_id -> Tenant ID field azure_subscription_id -> ID field

    azure_location

    The region your instances are located, can be something like westeurope or westcentralus. A full list of region names can be retrieved via az account list-locations

    azure_resource_group

    The name of the resource group your instances are in, can be retrieved via az group list

    azure_vmtype

    The type of the vm. Supported values are standard or vmss. If vm is type of Virtual Machines then value is standard. If vm is part of Virtual Machine Scale Sets then value is vmss

    azure_vnet_name

    The name of the virtual network your instances are in, can be retrieved via az network vnet list

    azure_vnet_resource_group

    The name of the resource group that contains the vnet.

    azure_subnet_name

    The name of the subnet your instances are in, can be retrieved via az network vnet subnet list --resource-group RESOURCE_GROUP --vnet-name VNET_NAME

    azure_security_group_name

    The name of the network security group your instances are in, can be retrieved via az network nsg list

    azure_security_group_resource_group

    The name of the resource group that contains the network security group. Defaults to azure_vnet_resource_group

    azure_route_table_name

    The name of the route table used with your instances.

    azure_route_table_resource_group

    The name of the resource group that contains the route table. Defaults to azure_vnet_resource_group

    azure_aad_client_id + azure_aad_client_secret

    These will have to be generated first:

    • Create an Azure AD Application with:

       az ad app create --display-name kubernetes --identifier-uris http://kubernetes --homepage http://example.com --password CLIENT_SECRET

    display name, identifier-uri, homepage and the password can be chosen Note the AppId in the output.

    • Create Service principal for the application with:

      az ad sp create --id AppId

    This is the AppId from the last command

    • Create the role assignment with:

      az role assignment create --role "Owner" --assignee http://kubernetes --subscription SUBSCRIPTION_ID

    azure_aad_client_id must be set to the AppId, azure_aad_client_secret is your chosen secret.

    azure_loadbalancer_sku

    Sku of Load Balancer and Public IP. Candidate values are: basic and standard.

    azure_exclude_master_from_standard_lb

    azure_exclude_master_from_standard_lb excludes master nodes from standard load balancer.

    azure_disable_outbound_snat

    azure_disable_outbound_snat disables the outbound SNAT for public load balancer rules. It should only be set when azure_exclude_master_from_standard_lb is standard.

    azure_primary_availability_set_name

    (Optional) The name of the availability set that should be used as the load balancer backend .If this is set, the Azure cloudprovider will only add nodes from that availability set to the load balancer backend pool. If this is not set, and multiple agent pools (availability sets) are used, then the cloudprovider will try to add all nodes to a single backend pool which is forbidden. In other words, if you use multiple agent pools (availability sets), you MUST set this field.

    azure_use_instance_metadata

    Use instance metadata service where possible

    Provisioning Azure with Resource Group Templates

    You'll find Resource Group Templates and scripts to provision the required infrastructure to Azure in contrib/azurerm