Azure AKS
Guide to create AKS cluster and connect to Sprinkle
Sprinkle requires AKS cluster for data ingestion and processing. This is required to process all your data locally within your Azure private network.
Follow the below steps to create and configure AKS cluster:
STEP-1: Create AKS Cluster
Create a AKS Standard cluster with all default settings with following configuration:
Networking
Enable private cluster (if Sprinkle VM is in the same virtual private network)
Select virtual network of the sprinkle VM
STEP-2: Generate user token
Sprinkle authenticates to AKS cluster using kubernetes user token. Follow below steps to generate User token:
Install kubectl and azure CLI
Generate ~/.kube/config file:
az aks get-credentials --resource-group <resourcegroup-name> --name <aks-cluster-name>To verify the setup, run kubectl command to fetch running nodes:
kubectl get nodesCreate namespace
kubectl create namespace sprinkleCreate Admin User In kubernetes: Create file service-account-create.yml:
apiVersion: v1
kind: ServiceAccount
metadata:
name: sprinkle-admin-user
namespace: sprinklekubectl apply -f service-account-create.ymlCreate ClusterRoleBinding: create a file role-binding.yml:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: sprinkle-admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: sprinkle-admin-user
namespace: sprinklekubectl apply -f role-binding.ymlTo create a long-lived API token for a ServiceAccount, you create a new secret file sprinkle-admin-secret.yml with a special annotation,
kubernetes.io/service-account.name:
apiVersion: v1
kind: Secret
metadata:
name: sprinkle-admin-secret
namespace: sprinkle
annotations:
kubernetes.io/service-account.name: sprinkle-admin-user
type: kubernetes.io/service-account-tokenkubectl apply -f sprinkle-admin-secret.ymlUser token Token will be printed by this command, note down the generated token:
kubectl describe secrets/sprinkle-admin-secret -n sprinkleGet Cluster CA Certificate
kubectl get cm kube-root-ca.crt -o jsonpath="{['data']['ca\.crt']}"Last updated