Installing K10 on Azure¶
Prerequisites¶
Before installing K10 on Azure Kubernetes Service (AKS), please ensure that the install prerequisites are met.
Installing K10¶
To install on Azure, you need to specify your Azure tenant, service principal client ID and service principal client secret.
$ helm install k10 kasten/k10 --namespace=kasten-io \
--set secrets.azureTenantId=<tenantID> \
--set secrets.azureClientId=<azureclient_id> \
--set secrets.azureClientSecret=<azureclientsecret>
Installing K10 on Azure Stack¶
To install on Azure Stack, you need to specify your -
Azure tenant: the Azure Stack tenant ID (you'll find it in global azure portal > Azure Directory > Properties)
Service principal client ID: client ID of the app that was used to create the Kubernetes cluster (you'll find it in global azure portal > Azure Directory > App registration)
Service principal client secret: client-secret of the app that was used to create the Kubernetes cluster (you'll find it in global azure portal > Azure Directory > App registration > Certificate and secrets)
Azure Resource Group: name of the Resource Group that was created for the Kubernetes cluster
Azure subscription ID: a valid subscription in your Azure Stack tenant (if your az client has its default cloud set to your Azure Stack instance, you can obtain the first subscription ID with
az account list | jq '.[0].id'
)Azure Resource Manager endpoint: the resource management endpoint for this Azure Stack instance (if your az client has its default cloud set to your Azure Stack instance, you can obtain it with
az cloud show | jq '.endpoints.resourceManager'
. e.g., https://management.ppe5.example.com)Active Directory endpoint: the active directory login endpoint (if your az client has its default cloud set to your Azure Stack instance, you can obtain it with
az cloud show | jq '.endpoints.activeDirectory'
. e.g.,https://login.microsoftonline.com/
)Active Directory resource ID: the resource ID to obtain AD tokens (if your az client has its default cloud set to your Azure Stack instance, you can obtain it with
az cloud show | jq '.endpoints.activeDirectoryResourceId
. e.g., https://management.example.com/71fb132f-xxxx-4e60-yyyy-example47e19)
You can find more information for creating a Kubernetes cluster on Azure Stack in this Microsoft tutorial
$ helm install k10 kasten/k10 --namespace=kasten-io \
--set secrets.azureTenantId=<tenantID> \
--set secrets.azureClientId=<azureclientID> \
--set secrets.azureClientSecret=<azureclientsecret> \
--set secrets.azureResourceGroup=<resourceGroup> \
--set secrets.azureSubscriptionID=<subscriptionID> \
--set secrets.azureResourceMgrEndpoint=<resourceManagerEndpoint> \
--set secrets.azureADEndpoint=<activeDirectoryEndpoint> \
--set secrets.azureADResourceID=<activeDirectoryResourceID> \
--set services.dashboardbff.hostNetwork=true
Validating the Install¶
To validate that K10 has been installed properly, the following
command can be run in K10's namespace (the install default is
kasten-io
) to watch for the status of all K10 pods:
$ kubectl get pods --namespace kasten-io --watch
It may take a couple of minutes for all pods to come up but all pods
should ultimately display the status of Running
.
$ kubectl get pods --namespace kasten-io
NAMESPACE NAME READY STATUS RESTARTS AGE
kasten-io aggregatedapis-svc-b45d98bb5-w54pr 1/1 Running 0 1m26s
kasten-io auth-svc-8549fc9c59-9c9fb 1/1 Running 0 1m26s
kasten-io catalog-svc-f64666fdf-5t5tv 2/2 Running 0 1m26s
...
In the unlikely scenario that pods that are stuck in any other state, please follow the support documentation to debug further.
Validate Dashboard Access¶
By default, the K10 dashboard will not be exposed externally.
To establish a connection to it, use the following kubectl
command
to forward a local port to the K10 ingress port:
$ kubectl --namespace kasten-io port-forward service/gateway 8080:8000
The K10 dashboard will be available at http://127.0.0.1:8080/k10/#/.
For a complete list of options for accessing the Kasten K10 dashboard through a LoadBalancer, Ingress or OpenShift Route you can use the instructions here.