Microsoft Azure
Kubedna now supports Microsoft Azure, allowing you to easily deploy and manage your Kubernetes clusters directly on the Azure platform. This guide provides step-by-step instructions to configure your project, set up authentication, and design your Kubernetes cluster.
Subscription Selection
When creating a new project in Kubedna, begin by selecting your desired subscription tier. Choose one of the following based on your business needs:
Nucleus (Standard)
Genome (Business)
Biom (Enterprise)
Project Configuration
Provide the following details to configure your project:
Project Name: Choose a unique name that identifies your project.
Project Description: Include a brief overview or summary of the project’s purpose.
Azure Resource Group Setup
Specify the Azure Resource Group that you wish to use. The resource group helps in organizing and managing related resources in your Azure subscription.
Resource Group Name: Enter the exact name of the resource group where your resources will be deployed.
Token & Permission Configuration
For Kubedna to manage your Azure resources, you need to supply token information with the necessary permissions. Provide the following token details:
Client ID: Your Azure application’s Client ID.
Secret: The corresponding secret (password) for your Azure application.
Required Permissions:
Ensure that the generated token has the following rights (translated into Azure permissions):
Azure Permission Mapping
Create Load Balancers
Azure Actions:
Microsoft.Network/loadBalancers/write
Microsoft.Network/loadBalancers/read
Common Built-in Role: Network Contributor
These permissions allow provisioning and managing load balancer resources in Azure.
Create Virtual Machines
Azure Actions:
Microsoft.Compute/virtualMachines/write
Microsoft.Compute/virtualMachines/read
(Plus additional compute operations as needed.)
Common Built-in Role: Virtual Machine Contributor or Contributor
This set enables deploying and managing VM instances.
Allocate IP Addresses
Azure Actions:
Microsoft.Network/publicIPAddresses/write
Microsoft.Network/publicIPAddresses/read
Common Built-in Role: Network Contributor
These actions cover allocating and managing both public and private IP addresses.
Create and Edit Firewall Rules
Azure Actions:
Microsoft.Network/networkSecurityGroups/write
Microsoft.Network/networkSecurityGroups/read
Common Built-in Role: Network Contributor
These permissions are used to manage network security groups and firewall configurations.
Create and Edit Networks
Azure Actions:
Microsoft.Network/virtualNetworks/write
Microsoft.Network/virtualNetworks/read
Common Built-in Role: Network Contributor
This allows for the provisioning and modification of virtual networks.
Create and Edit NAT
Azure Actions:
Microsoft.Network/natGateways/write
Microsoft.Network/natGateways/read
Common Built-in Role: Network Contributor
These permissions enable managing NAT gateway configurations for outbound connectivity.
Create and Edit INTERNET NETWORK
Azure Actions:
This permission is a bit broader and typically involves configuring internet-facing components, which might include:
Microsoft.Network/applicationGateways/write
(for application gateways)Microsoft.Network/publicIPAddresses/write
(for public IP configurations)And potentially additional actions related to DNS and connectivity.
Common Built-in Role: Network Contributor
The exact mapping may vary depending on the specific resources you intend to configure for public internet access.
For more details on how to configure these permissions in Azure, click here for MS Azure Docs
Designing Your Kubernetes Cluster
After successfully configuring your project and authentication, it’s time to design your Kubernetes cluster.
5.1. Adding the Control Plane Node Group
Purpose: This node group will manage the Kubernetes control plane.
Steps:
Choose your Location: Select the Azure region where you want the control plane to reside.
Select VM Type: Choose the appropriate virtual machine type based on your workload requirements.
5.2. Adding the Workernode Group
Purpose: This group will handle the worker nodes that run your containerized applications.
Steps:
Choose your Location: Select the Azure region (must be the same as the control plane; nodes in different locations are not yet supported under Microsoft Azure).
Select VM Type: Pick the appropriate virtual machine type for your workernodes.
Note: Currently, Microsoft Azure does not support deploying nodes in different regions within the same Kubernetes cluster. Ensure that all nodes (control plane and workernodes) are in the same location.
Finalizing Cluster Initialization
Once your Kubernetes cluster is fully designed:
Initialize Cluster: Click the Initialize button to deploy your vanilla Kubernetes cluster on Azure.
Status Notification: You will receive an email with the status and further instructions once your cluster is ready.