Azure AKS

Guide to create AKS cluster and connect to Sprinkle

Sprinkle requires AKS cluster for data ingestion and processing. This is required to process all your data locally within your Azure private network.

Follow the below steps to create and configure AKS cluster:

STEP-1: Create AKS Cluster

Create a AKS Standard cluster with all default settings with following configuration:

Networking

Enable private cluster (if Sprinkle VM is in the same virtual private network)
Select virtual network of the sprinkle VM

STEP-2: Generate user token

Sprinkle authenticates to AKS cluster using kubernetes user token. Follow below steps to generate User token:

Install kubectl and azure CLI
Generate ~/.kube/config file:

az aks get-credentials --resource-group <resourcegroup-name> --name <aks-cluster-name>

To verify the setup, run kubectl command to fetch running nodes:

kubectl get nodes

Create namespace

kubectl create namespace sprinkle

Create Admin User In kubernetes: Create file service-account-create.yml:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: sprinkle-admin-user
  namespace: sprinkle

kubectl apply -f service-account-create.yml

Create ClusterRoleBinding: create a file role-binding.yml:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: sprinkle-admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: sprinkle-admin-user
  namespace: sprinkle

kubectl apply -f role-binding.yml

To create a long-lived API token for a ServiceAccount, you create a new secret file sprinkle-admin-secret.yml with a special annotation, kubernetes.io/service-account.name:

apiVersion: v1
kind: Secret
metadata:
  name: sprinkle-admin-secret
  namespace: sprinkle
  annotations:
    kubernetes.io/service-account.name: sprinkle-admin-user
type: kubernetes.io/service-account-token

kubectl apply -f sprinkle-admin-secret.yml

User token Token will be printed by this command, note down the generated token:

kubectl describe secrets/sprinkle-admin-secret -n sprinkle

Get Cluster CA Certificate

kubectl get cm kube-root-ca.crt -o jsonpath="{['data']['ca\.crt']}"

PreviousGoogle GKE NextWarehouse & Storage Setup

Last updated 6 months ago

apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: sprinkle-admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: sprinkle-admin-user namespace: sprinkle

apiVersion: v1 kind: Secret metadata: name: sprinkle-admin-secret namespace: sprinkle annotations: kubernetes.io/service-account.name: sprinkle-admin-user type: kubernetes.io/service-account-token