Please check the quotas and region availability for Azure Kubernetes Service (AKS) page to select a region where AKS is supported.
Create a new Resource Group using the Azure Portal or use the Azure CLI
az group create -n "aks-gitops-rg" -l "eastus"Please follow the walkthrough to create a new AKS cluster with HTTP Application Routing enabled. Make sure to select the same Resource Group and Location specified earlier.
Create the Azure Container Registry using the Azure Portal or use the Azure CLI. Make sure to select the same Resource Group and Location specified earlier.
az acr create --resource-group "aks-gitops-rg" --name "aks-gitops-acr" --sku "Standard" --location "eastus"To establish trust between an AKS cluster and an ACR registry, you modify the Azure Active Directory Service Prinicipal used with AKS by adding the Contributor role to it with the scope of the ACR repository. To do so, run the following commands, replacing <aks-rg-name> and <aks-cluster-name> with the resource group and name of your AKS cluster, and <acr-rg-nam> and <acr-repo-name> with the resource group and repository name of your ACR repository with which you want to create trust.
export AKS_SP_ID=$(az aks show -g <aks-rg-name> -n <aks-cluster-name> --query "servicePrincipalProfile.clientId" -o tsv)
export ACR_RESOURCE_ID=$(az acr show -g <acr-rg-name> -n <acr-repo-name> --query "id" -o tsv)
az role assignment create --assignee $AKS_SP_ID --scope $ACR_RESOURCE_ID --role contributorYou'll use VSTS as the CI/CD tool. Sign up for a new account/create an account from the Azure Portal if you don't have one already.
ChartMuseum is a private Helm chart respository that lives in your cluster. You will need it to store the Helm charts generated as part of the build process.
You need to create an Azure Blob Storage account that will be configured in the coming steps to work with ChartMuseum.
Make sure to use a unique name.
az storage account create --name "aks-gitops-chartmuseum" --resource-group "aks-gitops-rg"--sku "Standard_LRS" --location "eastus"Set default Azure storage account environment variables. You can have multiple storage accounts in your Azure subscription. To select one of them to use for all subsequent storage commands, you can set these environment variables:
export AZURE_STORAGE_ACCOUNT=<account_name>
export AZURE_STORAGE_ACCESS_KEY=<key>Every blob in Azure storage must be in a container. You can create a container by using the command below.
az storage container create --name "charts"Helm is a Kubernetes package manager. It facilitates the installation of common applications as well as your own applications.
Follow the Helm installation instructions to install the Helm CLI on your machine.
Initialize Helm on the cluster.
helm init --upgrade --service-account defaultChartMuseum is a private Helm chart respository that lives in your cluster. You will need it to store the Helm charts generated as part of the build process.
Create a file named custom.yaml with the content below, replacing the AZURE_STORAGE_ACCOUNT and AZURE_STORAGE_ACCESS_KEY with the correct values.
env:
open:
STORAGE: microsoft
STORAGE_MICROSOFT_CONTAINER: charts
# prefix to store charts for microsoft storage backend
STORAGE_MICROSOFT_PREFIX:
secret:
AZURE_STORAGE_ACCOUNT: "********" ## azure storage account
AZURE_STORAGE_ACCESS_KEY: "********" ## azure storage account access keyThen run the installation, passing in custom.yaml.
helm install --name chartmuseum -f custom.yaml stable/chartmuseum