Access AKS Cluster¶
This section will guide you through getting access to your AKS cluster.
Overview
What You’ll Need¶
- A configured management environment.
- An existing AKS cluster.
Procedure¶
Download credentials and configure the Kubernetes client:
root@rok-tools:~# az aks get-credentials \ > --resource-group ${AZ_RESOURCE_GROUP?} \ > --name ${AKS_CLUSTER?} Merged "arrikto-cluster" as current context in /root/.kube/configTroubleshooting
The command failed with an authorization error
If the above command fails with an error message similar to the following:
The client '82a19692-1c50-4f24-b3e2-95675ddc5213' with object id '82a19692-1c50-4f24-b3e2-95675ddc5213' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/listClusterUserCredential/action' over scope '/subscriptions/a8eb0222-2657-4a68-ae60-f06536139029/resourceGroups/arrikto/providers/Microsoft.ContainerService/managedClusters/arrikto-cluster' or the scope is invalid. If access was recently granted, please refresh your credentials.it means that your identity does not have sufficient permissions to retrieve credentials for the AKS cluster.
To proceed, make sure you have followed the Configure Azure CLI section to configure your Azure CLI with an identity that has
Owner
permissions. If you only haveReader
permissions, contact your administrator to grantOwner
permissions to your identity or to provide you a valid set of credentials for your cluster.
Verify¶
Verify that your AKS cluster runs with Kubernetes 1.23.8:
root@rok-tools:~# kubectl version -ojson \ > | jq -r '.serverVersion.gitVersion' v1.23.8Get the list of nodes:
root@rok-tools:~# kubectl get nodes NAME STATUS ROLES AGE VERSION aks-agentpool-42403446-vmss000000 Ready agent 51m v1.23.8 aks-agentpool-42403446-vmss000001 Ready agent 51m v1.23.8Ensure that the system node pool has the necessary taints:
root@rok-tools:~# kubectl get nodes \ > -l kubernetes.azure.com/mode=system \ > -o custom-columns=NAME:.metadata.name,TAINTS:.spec.taints NAME TAINTS aks-agentpool-33405330-vmss000000 [map[effect:NoSchedule key:CriticalAddonsOnly value:true]] aks-agentpool-33405330-vmss000001 [map[effect:NoSchedule key:CriticalAddonsOnly value:true]]
What’s Next¶
The next step is to add a user node pool to host Arrikto EKF workloads.