5/21/2023

Create Kubernetes Cluster in Azure (AKS) with Pulumi

 


The purpose of this post is to show how to create AKS cluster with Pulumi.

We are going to use Pulumi CDK with Typescript to provision AKS cluster.


Prerequisites


1. Azure Free Tier Account

https://azure.microsoft.com/en-us/free/


2. Install Pulumi

https://www.pulumi.com/docs/install/


3. Install Azure CLI

https://learn.microsoft.com/en-us/cli/azure/install-azure-cli

For Ubuntu:

sudo apt-get update sudo apt-get install azure-cli


4.  GitHub Account


5. SSH public key of your local machine


Steps


1. Once you create Azure Free account get the management group ID as below.


Example:

aks-k8s:mgmtGroupId :  0135988c4-3255-4107-83n1-24d55889bc7af9


2. Login to pulumi cloud

Execute below command and it will redirect you to a page that has a login options.

Use GitHub account as login option.


$ pulumi login


3. Create Pulumi Project and Stack

As shown in below image execute $ pulumi new command.

These will be the details u want:

config:
aks-k8s:kubernetesVersion: 1.25.6
aks-k8s:mgmtGroupId: 0135988c4-3255-4107-83n1-24d55889bc7af9
aks-k8s:nodeVmSize: Standard_DS2_v2
aks-k8s:numWorkerNodes: "1"
aks-k8s:prefixForDns: pulumi
aks-k8s:sshPubKey: ssh-rsa XXXXXXXXXXAAAAAAAAAAAAAAAAAAAAAAAAAA
azure-native:location: swedencentral


This will create a project with below structure.


$ ls

index.ts  node_modules  package.json  package-lock.json  Pulumi.yaml  Pulumi.dev.yaml tsconfig.json


4. Login to the Azure using CLI tool

You can execute below command and open the browser with below URL, then enter given device code.

$ az login --use-device-code

To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code HXXXXX to authenticate.


5. Create Azure resources


As shown in below image execute $ pulumi up command.





6. Install Azure kubectl and configure kubeconfig

Execute 

$ sudo az aks install-cli 

 
 

The detected architecture is 'x86_64', which will be regarded as 'amd64' and the corresponding binary will be downloaded. If there is any problem, please download the appropriate binary by yourself. 

Please ensure that /usr/local/bin is in your search PATH, so the `kubectl` command can be found. 

Downloading client to "/tmp/tmputia9lds/kubelogin.zip" from "https://github.com/Azure/kubelogin/releases/download/v0.0.29/kubelogin.zip" 

Please ensure that /usr/local/bin is in your search PATH, so the `kubelogin` command can be found. 

dhanuka84@dhanuka84:~/research/pulumi/aks 


7. Login to the Kubernetes cluster using kubectl tool.

You need to get the resource group and cluster name from Azure console.

Then execute below command.

$ az aks get-credentials --resource-group resourceGrodfdsfdfff56 --name managedClusdfdfd 


Now you need to assign correct role to access user, we will use Azure console for this purpose.

Go to the AKS cluster and select IAM.

 

 
 
 Now we need to assign Azure Kubernetes Service RBAC Cluster Admin role to the user.
 

 

 
 Select Add role assignment
 

 

 
 Select correct role.


 

 
Select Members 


 

 
 Select the user


 


Review and assign the user role to user.

 
 

 


8. Now you can access kubernetes cluster using kubectl from your local machine