Enable Pod Identities on AKS¶
This section will guide you though enabling the Pod identities feature on your AKS cluster which is necessary for running Arrikto Enterprise Kubeflow.
What You'll Need¶
- A configured management environment.
- An existing AKS cluster.
- Access to the AKS cluster.
Procedure¶
Register the
EnablePodIdentityPreview
feature:root@rok-tools:~# az feature register --name EnablePodIdentityPreview --namespace Microsoft.ContainerService { "id": "/subscriptions/a8eb0222-2657-4a68-ae60-f06536139029/providers/Microsoft.Features/providers/Microsoft.ContainerService/features/EnablePodIdentityPreview", "name": "Microsoft.ContainerService/EnablePodIdentityPreview", "properties": { "state": "Registered" }, "type": "Microsoft.Features/providers/features" }
Wait for it to become Registered:
root@rok-tools:~# az feature list -o table \ > --query "[?contains(name, 'Microsoft.ContainerService/EnablePodIdentityPreview')].{Name:name,State:properties.state}" Name State --------------------------------------------------- ---------- Microsoft.ContainerService/EnablePodIdentityPreview Registered
Refresh the registration of the corresponding resource provider:
root@rok-tools:~# az provider register -n Microsoft.ContainerService
Update your AKS cluster to enable Pod identities:
root@rok-tools:~# az aks update \ > --resource-group ${AZ_RESOURCE_GROUP?} \ > --name ${AKS_CLUSTER?} \ > --enable-pod-identity
Troubleshooting
The command failed with a 'Bad Request' error.
If the command failed with the following message:
Operation failed with status: 'Bad Request'. Details: PodIdentity addon requires managed identity.
it means that you have not enabled managed identities on your AKS cluster. Make sure you have followed the Create AKS Cluster section.
Summary¶
You have successfully updated your AKS cluster to enable Pod Identities.