Azure Kubernetes Deployment

Initial Creation

> az login
You have logged in. Now let us find all the subscriptions to which you have access...
[
  {
    "cloudName": "AzureCloud",
    "id": "b72dbbd7-fd13-4f3f-aa84-d666cc6de823",
    "isDefault": true,
    "name": "RND-DEV-SSG-AzureTraining0612",
    "state": "Enabled",
    "tenantId": "8b87af7d-8647-4dc7-8df4-5f69a2011bb5",
    "user": {
      "name": "thomas.kanianthara@soprasteria.com",
      "type": "user"
    }
  }
]

> az aks create --resource-group tom-resource-group --name tomAksCluster --node-count 3 --enable-addons monitoring --generate-ssh
SSH key files 'C:\Users\tkanianthara\.ssh\id_rsa' and 'C:\Users\tkanianthara\.ssh\id_rsa.pub' have been generated under ~/.ssh to allow SSH access to the VM. If using machines without permanent storage like Azure Cloud Shell without an attached file share, back up your keys to a safe location
Waiting for AAD role to propagate …
Could not create a role assignment for monitoring addon.  Are you an Owner on this subscription?
[K{- Finished ..
  "aadProfile": null,
  "addonProfiles": {
    "omsagent": {
      "config": {
        "logAnalyticsWorkspaceResourceID": "/subscriptions/b72dbbd7-fd13-4f3f-aa84-d666cc6de823/resourcegroups/defaultresourcegroup-sea/providers/microsoft.operationalinsights/workspaces/defaultworkspace-b72dbbd7-fd13-4f3f-aa84-d666cc6de823-sea"
      },
      "enabled": true
    }
  },
  "agentPoolProfiles": [
    {
      "availabilityZones": null,
      "count": 3,
      "enableAutoScaling": null,
      "enableNodePublicIp": null,
      "maxCount": null,
      "maxPods": 110,
      "minCount": null,
      "name": "nodepool1",
      "nodeTaints": null,
      "orchestratorVersion": "1.13.11",
      "osDiskSizeGb": 100,
      "osType": "Linux",
      "provisioningState": "Succeeded",
      "scaleSetEvictionPolicy": null,
      "scaleSetPriority": null,
      "type": "AvailabilitySet",
      "vmSize": "Standard_DS2_v2",
      "vnetSubnetId": null
    }
  ],
  "apiServerAccessProfile": null,
  "dnsPrefix": "tomAksClus-tom-resource-gro-b72dbb",
  "enablePodSecurityPolicy": null,
  "enableRbac": true,
  "fqdn": "tomaksclus-tom-resource-gro-b72dbb-c402b0af.hcp.southeastasia.azmk8s.io",
  "id": "/subscriptions/b72dbbd7-fd13-4f3f-aa84-d666cc6de823/resourcegroups/tom-resource-group/providers/Microsoft.ContainerService/managedClusters/tomAksCluster",
  "identity": null,
  "kubernetesVersion": "1.13.11",
  "linuxProfile": {
    "adminUsername": "azureuser",
    "ssh": {
      "publicKeys": [
        {
          "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyh7K3aHGmcscQ200NwZaDWJV1YX5TJGHAxx707lY6Xrw9xg94006bstsJ7+47tO4FYU4dmK9E5yifAN2bh4MzTJUn/x4c5M2In1gEYTEsBXcdJJqg1hCQpAhFiV8CkRkxj2a37XbiBJi5eZzEsg7mjBVhPWli1UAHdGcQGYA3MDhM3fcwknnt7sPcpR+KkrtXonHS4heJE65x7cCMguYeovPU45vpuk+aE7aH5J4K8YNNy0NfnVA3Iev4YVPhazwwJV3TofL8rZuxgLtRha1TJ/8O4wha08CscgcvvNjLNulH+Or1jBH6z3iT4FAzItads4OzMxBykL4+nwLWPFxj"
        }
      ]
    }
  },
  "location": "southeastasia",
  "maxAgentPools": 1,
  "name": "tomAksCluster",
  "networkProfile": {
    "dnsServiceIp": "10.0.0.10",
    "dockerBridgeCidr": "172.17.0.1/16",
    "loadBalancerProfile": null,
    "loadBalancerSku": "Basic",
    "networkPlugin": "kubenet",
    "networkPolicy": null,
    "podCidr": "10.244.0.0/16",
    "serviceCidr": "10.0.0.0/16"
  },
  "nodeResourceGroup": "MC_tom-resource-group_tomAksCluster_southeastasia",
  "provisioningState": "Succeeded",
  "resourceGroup": "tom-resource-group",
  "servicePrincipalProfile": {
    "clientId": "3d1990f8-b7c4-4f79-b6dd-24b851b629de",
    "secret": null
  },
  "tags": null,
  "type": "Microsoft.ContainerService/ManagedClusters",
  "windowsProfile": null
}

Azure Cluster network details

  • Pod CIDR: 10.244.0.0/16

  • Service CIDR: 10.0.0.0/16

  • DNS service IP: 10.0.0.10

  • Docker bridge CIDR: 172.17.0.1/16