Deploy a Platform9 Managed Kubernetes cluster and connect it to Azure Arc

Disclaimer: This scenario was contributed by the Platform9 team as part of the “Jumpstart Friends” program


The following Jumpstart scenario will guide on how to deploy a Kubernetes cluster with Platform9 Managed Kubernetes (PMK) and have it as a connected Azure Arc Kubernetes resource. With PMK, you can have your clusters deployed on-premises, in public clouds, or at the edge. In this document, we’ll explain the steps on how to create an on-premise BareOS cluster using PMK and connect it to Microsoft Azure Arc.


  • An Ubuntu 20.04 installed physical machine or VM. In this scenario, we would be using single node kubernetes cluster installation. This machine would also act as our management host.

  • The kubectl executable binary for local cluster management. If you would want to have a separate host for cluster management, follow the below steps to install kubectl on it.

    sudo apt-get update
    sudo apt-get install -y apt-transport-https ca-certificates curl
    sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg
    echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
    sudo apt-get update
    sudo apt-get install -y kubectl

    NOTE: The kubectl package is installed from the Kubernetes repository, hence the Google Cloud public signing key need to be downloaded to enable the repository. Note: All PMK cluster nodes would have kubectl installed once the cluster is deployed.

  • Install or update Azure CLI (az) to version 2.49.0 and above.

    Use the below command to check your current installed version.

    az --version
  • Helm version 3+ , to install the Azure Arc agents on the cluster.

    curl | sudo bash
  • Create Azure service principal (SP)

    To be able to complete the scenario and its related automation, Azure service principal assigned with the “Contributor” role is required. To create it, login to your Azure account run the below command (this can also be done in Azure Cloud Shell).

    az login
    subscriptionId=$(az account show --query id --output tsv)
    az ad sp create-for-rbac -n "<Unique SP Name>" --role "Contributor" --scopes /subscriptions/$subscriptionId

    For example:

    az login
    subscriptionId=$(az account show --query id --output tsv)
    az ad sp create-for-rbac -n "JumpstartArcK8s" --role "Contributor" --scopes /subscriptions/$subscriptionId

    Output should look like this:

    "displayName": "JumpstartArcK8s",

    NOTE: If you create multiple subsequent role assignments on the same service principal, your client secret (password) will be destroyed and recreated each time. Therefore, make sure you grab the correct password.

    NOTE: The Jumpstart scenarios are designed with as much ease of use in-mind and adhering to security-related best practices whenever possible. It is optional but highly recommended to scope the service principal to a specific Azure subscription and resource group as well considering using a less privileged service principal account


This deployment consists of 3 sections.

  1. Onboarding the node to Platform9 Management Plane.
  2. Creating a PMK Cluster.
  3. Connect the cluster to Microsoft Azure Arc.

Onboarding the node to Platform9 Management Plane

  • Login to your Management Plane.

    Screenshot of PMK Management Plane Login Page

    NOTE: If you do not have a registered Management Plane with Platform9, you can create one easily using PMK Free Tier deployment

  • Onboard the Ubuntu host to your Management Plane.

    For a BareOS cluster, you will need to have the nodes registered with the PMK Management Plane on which the cluster is to be deployed. For this first, add the node.

    Screenshot of Adding a node

    This should take you to the Node onboarding page. A pf9ctl utility is provided to set up the nodes and get connected with Management Plane. Follow the instructions to download and install the utility, which we will use to prepare the node and connect it with your Platform9 Management Plane.

    Screenshot of PF9 CLI

    NOTE: Preparing the node and connecting it to Management Plane might take approximately 4-5 minutes to complete.

Creating a PMK Cluster

  • The onboarded node should now be seen on our Management Plane. To create a PMK cluster via the PMK Management Plane UI, follow the steps as described below.

    • Click to add a cluster to the Management Plane.

    Screenshot of Adding Cluster

    • Create a cluster from the nodes onboarded to the Management Plane.

    Screenshot of Creating One Click Cluster

    • Enter the cluster name and k8s version. Submit the page and it will trigger the cluster creation on the node.

    Screenshot of Cluster name entry

    • The cluster should get created in a few minutes and the status should be reported as Healthy and Online.

    Screenshot of Cluster Created

Connect the cluster to Microsoft Azure Arc

  • Clone the Azure Arc Jumpstart repository and change to the pf9 script directory.

    git clone
    cd azure_arc/azure_arc_k8s_jumpstart/pf9
  • Set the variables according to your Azure service principal name and Azure environment in the script.

    Screenshot of Exporting values

    NOTE: The values can be referenced from the service principal output.

  • Set the KUBECONFIG variable for connecting to the K8s cluster. The kubeconfig file for the cluster is available for download from the Management Plane.

    Screenshot to Download Kubeconfig

    • An example output is shown below for setting the KUBECONFIG variable;
    export KUBECONFIG=~/path/to/config/file
  • Run the script to connect the Platform9 Managed Kubernetes (PMK) cluster to Azure Arc.

    sh ./

    Screenshot to Connect to Azure Arc


  • The cluster should be seen onboarded as a new Azure Arc-enabled Kubernetes resource.

    Screenshot of Cluster Verification

  • Azure Arc agents are running in the cluster.

    Screenshot to List pods azure-arc

Deleting the Deployment

  • The Azure Arc-enabled Kubernetes resource can be deleted via the Azure Portal.

    Screenshot of Azure Arc cluster deletion

  • For deleting the entire environment, just delete the Azure resource group that was created.

    Screenshot of Azure Resource group deletion