Deploy a Platform9 Managed Kubernetes cluster and connect it to Azure Arc
Disclaimer: This scenario was contributed by the Platform9 team as part of the “Jumpstart Friends” program
The following Jumpstart scenario will guide on how to deploy a Kubernetes cluster with Platform9 Managed Kubernetes (PMK) and have it as a connected Azure Arc Kubernetes resource. With PMK, you can have your clusters deployed on-premises, in public clouds, or at the edge. In this document, we’ll explain the steps on how to create an on-premise BareOS cluster using PMK and connect it to Microsoft Azure Arc.
Prerequisites
-
An Ubuntu 20.04 installed physical machine or VM. In this scenario, we would be using single node kubernetes cluster installation. This machine would also act as our management host.
-
The kubectl executable binary for local cluster management. If you would want to have a separate host for cluster management, follow the below steps to install kubectl on it.
sudo apt-get update sudo apt-get install -y apt-transport-https ca-certificates curl sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list sudo apt-get update sudo apt-get install -y kubectlNOTE: The kubectl package is installed from the Kubernetes repository, hence the Google Cloud public signing key need to be downloaded to enable the repository. Note: All PMK cluster nodes would have kubectl installed once the cluster is deployed.
-
Install or update Azure CLI (az) to version 2.49.0 and above.
Use the below command to check your current installed version.
az --version -
Helm version 3+ , to install the Azure Arc agents on the cluster.
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | sudo bash -
Create Azure service principal (SP)
To be able to complete the scenario and its related automation, Azure service principal assigned with the “Contributor” role is required. To create it, login to your Azure account run the below command (this can also be done in Azure Cloud Shell).
az login subscriptionId=$(az account show --query id --output tsv) az ad sp create-for-rbac -n "<Unique SP Name>" --role "Contributor" --scopes /subscriptions/$subscriptionIdFor example:
az login subscriptionId=$(az account show --query id --output tsv) az ad sp create-for-rbac -n "JumpstartArcK8s" --role "Contributor" --scopes /subscriptions/$subscriptionIdOutput should look like this:
{ "appId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX", "displayName": "JumpstartArcK8s", "password": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX", "tenant": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX" }NOTE: If you create multiple subsequent role assignments on the same service principal, your client secret (password) will be destroyed and recreated each time. Therefore, make sure you grab the correct password.
NOTE: The Jumpstart scenarios are designed with as much ease of use in-mind and adhering to security-related best practices whenever possible. It is optional but highly recommended to scope the service principal to a specific Azure subscription and resource group as well considering using a less privileged service principal account
Deployment
This deployment consists of 3 sections.
- Onboarding the node to Platform9 Management Plane.
- Creating a PMK Cluster.
- Connect the cluster to Microsoft Azure Arc.
Onboarding the node to Platform9 Management Plane
-
Login to your Management Plane.
NOTE: If you do not have a registered Management Plane with Platform9, you can create one easily using PMK Free Tier deployment
-
Onboard the Ubuntu host to your Management Plane.
For a BareOS cluster, you will need to have the nodes registered with the PMK Management Plane on which the cluster is to be deployed. For this first, add the node.
This should take you to the Node onboarding page. A pf9ctl utility is provided to set up the nodes and get connected with Management Plane. Follow the instructions to download and install the utility, which we will use to prepare the node and connect it with your Platform9 Management Plane.
NOTE: Preparing the node and connecting it to Management Plane might take approximately 4-5 minutes to complete.
Creating a PMK Cluster
-
The onboarded node should now be seen on our Management Plane. To create a PMK cluster via the PMK Management Plane UI, follow the steps as described below.
- Click to add a cluster to the Management Plane.
- Create a cluster from the nodes onboarded to the Management Plane.
- Enter the cluster name and k8s version. Submit the page and it will trigger the cluster creation on the node.
- The cluster should get created in a few minutes and the status should be reported as Healthy and Online.
Connect the cluster to Microsoft Azure Arc
-
Clone the Azure Arc Jumpstart repository and change to the pf9 script directory.
git clone https://github.com/microsoft/azure_arc.git cd azure_arc/azure_arc_k8s_jumpstart/pf9 -
Set the variables according to your Azure service principal name and Azure environment in the pf9_az_connect_k8s.sh script.
NOTE: The values can be referenced from the service principal output.
-
Set the KUBECONFIG variable for connecting to the K8s cluster. The kubeconfig file for the cluster is available for download from the Management Plane.
- An example output is shown below for setting the KUBECONFIG variable;
export KUBECONFIG=~/path/to/config/file -
Run the pf9_az_connect_k8s.sh script to connect the Platform9 Managed Kubernetes (PMK) cluster to Azure Arc.
sh ./pf9_az_connect_k8s.sh
Verification
-
The cluster should be seen onboarded as a new Azure Arc-enabled Kubernetes resource.
-
Azure Arc agents are running in the cluster.
Deleting the Deployment
-
The Azure Arc-enabled Kubernetes resource can be deleted via the Azure Portal.
-
For deleting the entire environment, just delete the Azure resource group that was created.
