Install AKS engine on Linux in Azure Stack Hub
You can use a Linux machine in your Azure Stack Hub to host AKS engine in order to deploy and manage a Kubernetes cluster. In this article, we look at preparing the client VM to manage your cluster for both connected and disconnected Azure Stack Hub instances, check the install, and setting up the client VM on the ASDK.
Prepare the client VM
AKS engine is a command-line tool used to deploy and manage your Kubernetes cluster. You can run the engine on a machine in your Azure Stack Hub. From this machine, you use AKS engine to deploy the IaaS resources and software needed to run your cluster. You can then use the machine running the engine to perform management tasks on your cluster.
When choosing your client machine, consider:
- Whether the client machine should be recoverable in a disaster.
- How you will connect to the client machine and how the machine will interact with your cluster.
Install in a connected environment
You can install the client VM to manage your Kubernetes cluster on an Azure Stack Hub connected to the Internet.
Create a Linux VM in your Azure Stack Hub. For instructions, see Quickstart: Create a Linux server VM by using the Azure Stack Hub portal.
Connect to your VM.
Use your package manager to check that you have the following tools installed:
jqa JSON processor.curl- a tool for transferring files using a variety of network protocols.opensshan ssh client.tara tool used to work with TAR archives.
Install Azure CLI. Packages for Azure CLI are available for most distributions. You can find instructions at Install the Azure CLI on Linux.
Find the version of AKS engine in the AKS engine and Azure Stack version mapping table table. The AKS Base Image must be available in your Azure Stack Hub Marketplace. When running the command, you must specify the version
--version v0.xx.x. If you don't specify the version, the command will install the latest version, which may need a VHD image that is not available in your marketplace.Note
You can find the mapping of Azure Stack Hub to AKS engine version number in the AKS engine release notes.
Run the following command:
For AKS Engine versions 0.73.0 and below:
sudo apt update sudo apt install jq curl -o get-akse.sh https://raw.githubusercontent.com/Azure/aks-engine/master/scripts/get-akse.sh chmod 700 get-akse.sh ./get-akse.sh --version v0.xx.xFor AKS Engine versions 0.75.3 and above:
sudo apt update sudo apt install jq curl -o get-akse.sh https://raw.githubusercontent.com/Azure/aks-engine-azurestack/master/scripts/get-akse.sh chmod 700 get-akse.sh ./get-akse.sh --version v0.xx.xNote
If your installation method fails, try the steps in the disconnected environment.
Install in a disconnected environment
You can install the client VM to manage your Kubernetes cluster on an Azure Stack Hub disconnected from the Internet.
From a machine with access to the internet:
For AKS Engine versions 0.73.0 and below, go to GitHub Azure/aks-engine. Download an archive (*.tar.gz) for a Linux machine, for example,
aks-engine-v0.xx.x-linux-amd64.tar.gz.For AKS Engine versions 0.75.3 and above, go to GitHub Azure/aks-engine-azurestack. Download an archive (*.tar.gz) for a Linux machine, for example,
aks-engine-azurestack-v0.xx.x-linux-amd64.tar.gz.Find the version of AKS engine in the Supported Kubernetes Versions table.
Create a storage account in your Azure Stack Hub instance to upload the archive file (*.tar.gz) with the AKS engine binary. For instructions on using the Azure Storage Explorer, see Azure Storage Explorer with Azure Stack Hub.
Create a Linux VM in your Azure Stack Hub. For instructions, see Quickstart: Create a Linux server VM by using the Azure Stack Hub portal.
From the Azure Stack Hub storage account blob URL where you uploaded the archive file (*.tar.gz), download the file to your management VM. Extract the archive to the directory
/usr/local/bin.Connect to your VM.
Run the following command:
For AKS Engine versions 0.73.0 and below:
curl -o aks-engine-v0.xx.x-linux-amd64.tar.gz <httpurl/aks-engine-v0.xx.x-linux-amd64.tar.gz> tar xvzf aks-engine-v0.xx.x-linux-amd64.tar.gz -C /usr/local/binFor AKS Engine versions 0.75.3 and above:
curl -o aks-engine-azurestack-v0.xx.x-linux-amd64.tar.gz <httpurl/aks-engine-azurestack-v0.xx.x-linux-amd64.tar.gz> tar xvzf aks-engine-azurestack-v0.xx.x-linux-amd64.tar.gz -C /usr/local/bin
Verify the installation
Once your client VM is set up, check that you have installed AKS engine.
- Connect to your client VM.
- Run the following command:
Note
For AKSe version 0.75.3 and above, the command to check the current version of your AKS engine is aks-engine-azurestack version.
aks-engine version
If Azure Resource Manager endpoint is using a self-signed certificate, you need to explicitly add the root certificate to trusted certificate store of the machine. You can find the root certificate in the VM in this directory: /var/lib/waagent/Certificates.pem. Copy the certificate file with the following command:
sudo cp /var/lib/waagent/Certificates.pem /usr/local/share/ca-certificates/azurestackca.crt sudo update-ca-certificates
If you are unable to verify that you have installed AKS engine on your client VM, see Troubleshoot AKS engine install
ASDK installation
You will need to add a certificate when running the client VM for AKS engine on the ASDK.
When you are using an ASDK your Azure Resource Manager endpoint is using a self-signed certificate, you need explicitly to add this certificate to the machine's trusted certificate store. You can find the ASDK root certificate in any VM you deploy in the ASDK. For example, in an Ubuntu VM you will find it in this directory /var/lib/waagent/Certificates.pem.
Copy the certificate file with the following command:
sudo cp /var/lib/waagent/Certificates.pem /usr/local/share/ca-certificates/azurestackca.crt
sudo update-ca-certificates
Next steps
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for