Access AKS Cluster

This section will guide you through getting access to your AKS cluster.

Procedure

  1. Download credentials and configure the Kubernetes client:

    root@rok-tools:~# az aks get-credentials \ > --resource-group ${AZ_RESOURCE_GROUP?} \ > --name ${AKS_CLUSTER?} Merged "arrikto-cluster" as current context in /root/.kube/config

    Troubleshooting

    The command failed with an authorization error

    If the above command fails with an error message similar to the following:

    The client '82a19692-1c50-4f24-b3e2-95675ddc5213' with object id '82a19692-1c50-4f24-b3e2-95675ddc5213' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/listClusterUserCredential/action' over scope '/subscriptions/a8eb0222-2657-4a68-ae60-f06536139029/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster' or the scope is invalid. If access was recently granted, please refresh your credentials.

    it means that your identity does not have sufficient permissions to retrieve credentials for the AKS cluster.

    To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has Owner permissions. If you only have Reader permissions, contact your administrator to grant Owner permissions to your identity or to provide you a valid set of credentials for your cluster.

Verify

  1. Verify that your AKS cluster runs with Kubernetes 1.23.8:

    root@rok-tools:~# kubectl version -ojson \ > | jq -r '.serverVersion.gitVersion' v1.23.8
  2. Get the list of nodes:

    root@rok-tools:~# kubectl get nodes NAME STATUS ROLES AGE VERSION aks-agentpool-42403446-vmss000000 Ready agent 51m v1.23.8 aks-agentpool-42403446-vmss000001 Ready agent 51m v1.23.8
  3. Ensure that the system node pool has the necessary taints:

    root@rok-tools:~# kubectl get nodes \ > -l kubernetes.azure.com/mode=system \ > -o custom-columns=NAME:.metadata.name,TAINTS:.spec.taints NAME TAINTS aks-agentpool-33405330-vmss000000 [map[effect:NoSchedule key:CriticalAddonsOnly value:true]] aks-agentpool-33405330-vmss000001 [map[effect:NoSchedule key:CriticalAddonsOnly value:true]]

Summary

You have successfully configured access to your AKS cluster.

What’s Next

The next step is to add a user node pool to host Arrikto EKF workloads.