Deploy Kubernetes to Azure Stack using Active Directory Federated Services
Applies to: Azure Stack integrated systems and Azure Stack Development Kit
Kubernetes on Azure Stack is in preview. An Azure Stack disconnected scenario is not currently supported by the preview. Only use the marketplace item for development and test scenarios.
You can follow the steps in this article to deploy and set up the resources for Kubernetes. Use these steps when Active Directory Federated Services (AD FS) is your identity management service.
To get started, make sure you have the right permissions and that your Azure Stack is ready.
Generate an SSH public and private key pair to sign in to the Linux VM on Azure Stack. You need the public key when creating the cluster.
For instructions on generating a key, see SSH Key Generation.
Check that you have a valid subscription in your Azure Stack tenant portal, and that you have enough public IP addresses available to add new applications.
The cluster cannot be deployed to an Azure Stack Administrator subscription. You must use a User subscription.
If you do not have Kubernetes Cluster in your marketplace, talk to your Azure Stack administrator.
Create a service principal
You need to work with your Azure Stack administrator to set up your service principal when using AD FS as your identity solution. The service principal gives your application access to Azure Stack resources.
Your Azure Stack administrator provides you with the information for the service principal. The service principal information should look like:
ApplicationIdentifier : S-1-5-21-1512385356-3796245103-1243299919-1356 ClientId : 3c87e710-9f91-420b-b009-31fa9e430145 ClientSecret : <your client secret> Thumbprint : <often this value is empty> ApplicationName : Azurestack-MyApp-c30febe7-1311-4fd8-9077-3d869db28342 PSComputerName : 192.168.200.224 RunspaceId : a78c76bb-8cae-4db4-a45a-c1420613e01b
Assign your new service principal a role as a contributor to your subscription. For instructions, see Assign a role.
Open the Azure Stack portal.
Select + Create a resource > Compute > Kubernetes Cluster. Select Create.
Select Basics in Create Kubernetes Cluster.
Select your Subscription ID.
Enter the name of a new resource group or select an existing resource group. The resource name needs to be alphanumeric and lowercase.
Select the Location of the resource group. This is the region you choose for your Azure Stack installation.
2. Kubernetes Cluster Settings
Select Kubernetes Cluster Settings in Create Kubernetes Cluster.
Enter the Linux VM admin username. User name for the Linux Virtual Machines that are part of the Kubernetes cluster and DVM.
Enter the SSH Public Key used for authorization to all Linux machines created as part of the Kubernetes cluster and DVM.
Enter the Master Profile DNS Prefix that is unique to the region. This must be a region-unique name, such as
k8s-12345. Try to chose it same as the resource group name as best practice.
For each cluster, use a new and unique master profile DNS prefix.
Select the Kubernetes master pool profile count. The count contains the number of nodes in the master pool. There can be from 1 to 7. This value should be an odd number.
Select The VMSize of the Kubernetes master VMs.
Select the Kubernetes node pool profile count. The count contains the number of agents in the cluster.
Select the VMSize of the Kubernetes node VMs. This specifies the VM Size of Kubernetes node VMs.
Select ADFS for the Azure Stack identity system for your Azure Stack installation.
Enter the Service principal clientId This is used by the Kubernetes Azure cloud provider. The Client ID identified as the Application ID when your Azure Stack administrator created the service principal.
Enter the Service principal client secret. This is the client secret provided to you for your AD FS service principle from your Azure Stack administrator.
Enter the Kubernetes version. This is the version for the Kubernetes Azure provider. Azure Stack releases a custom Kubernetes build for each Azure Stack version.
Select Summary. The blade displays a validation message for your Kubernetes Cluster configurations settings.
Review your settings.
Select OK to deploy your cluster.
If you have questions about your deployment, you can post your question or see if someone has already answered the question in the Azure Stack Forum.