Tutorial: Deploy an Azure Kubernetes Service (AKS) cluster

Kubernetes provides a distributed platform for containerized applications. With AKS, provisioning of a production ready Kubernetes cluster is simple and quick. In this tutorial, part three of seven, a Kubernetes cluster is deployed in AKS. Steps completed include:

  • Deploying a Kubernetes AKS cluster
  • Installation of the Kubernetes CLI (kubectl)
  • Configuration of kubectl

In subsequent tutorials, the Azure Vote application is deployed to the cluster, scaled, and updated.

Before you begin

In previous tutorials, a container image was created and uploaded to an Azure Container Registry instance. If you have not done these steps, and would like to follow along, return to Tutorial 1 – Create container images.

Create Kubernetes cluster

The following example creates a cluster named myAKSCluster in a Resource Group named myResourceGroup. This Resource Group was created in the previous tutorial.

az aks create --resource-group myResourceGroup --name myAKSCluster --node-count 1 --generate-ssh-keys

After several minutes, the deployment completes, and returns json formatted information about the AKS deployment.

Install the kubectl CLI

To connect to the Kubernetes cluster from your client computer, use kubectl, the Kubernetes command-line client.

If you're using Azure CloudShell, kubectl is already installed. If you want to install it locally, run the following command:

az aks install-cli

Connect with kubectl

To configure kubectl to connect to your Kubernetes cluster, run the following command:

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

To verify the connection to your cluster, run the kubectl get nodes command.

kubectl get nodes


NAME                          STATUS    AGE       VERSION
k8s-myAKSCluster-36346190-0   Ready     49m       v1.7.9

At tutorial completion, you have an AKS cluster ready for workloads. In subsequent tutorials, a multi-container application is deployed to this cluster, scaled out, updated, and monitored.

Configure ACR authentication

Authentication needs to be configured between the AKS cluster and the ACR registry. This involves granting the AKS identity the proper rights to pull images from the ACR registry.

First, get the ID of the service principal configured for AKS. Update the resource group name and AKS cluster name to match your environment.

az aks show --resource-group myResourceGroup --name myAKSCluster --query "servicePrincipalProfile.clientId" --output tsv

Get the ACR registry resource id. Update the regsitry name to that of your ACR registry and the resource group to the resource group where the ACR registry is located.

az acr show --name <acrName> --resource-group myResourceGroup --query "id" --output tsv

Create the role assignment, which grants the proper access. Replace <clientID> and <acrID> with the values gathered in the last two steps.

az role assignment create --assignee <clientID> --role Reader --scope <acrID>

Next steps

In this tutorial, a Kubernetes cluster was deployed in AKS. The following steps were completed:

  • Deployed a Kubernetes AKS cluster
  • Installed the Kubernetes CLI (kubectl)
  • Configured kubectl

Advance to the next tutorial to learn about running application on the cluster.