Comments (4)
After did the research, I gave up the idea.
Azure CLI is a python package, but Microsoft develop team doesn't care of the package size (familar, right?). If I installed it in our alpine/k8s
image, will increase 1.2GB+ to it, which is not suiltable for a pipeline task.
reference the discussion at Azure/azure-cli#19591 (comment)
from k8s.
So what's the better way to deploy a kubernetes application in Azure?
We need az cli to get credential for AKS, but install Azure CLI takes extra 1.3GB space currently, that's not suitable for a image to run in Pipeline
az aks get-credentials --resource-group MyResourceGroup --name MyAKS
from k8s.
If the only thing you need is az aks get-credentials
, then it shouldn't be too hard to write just that bit by hand (I say this not having actually done it). I've been thinking about doing that in Go once I have the need, which I don't just yet. It's probably easier than whittling down the official Python package to what you need. Heck, you probably can do just this much with a couple calls to curl
.
from k8s.
This was reconstructed from my command history, so it's untested in this particular form, but I was able to get the Kubernetes config back. I don't know if you have to URI-escape the password, but it works if you do.
az ad sp create-for-rbac --name "manual login to AKS test SP" -o json > sp.json
APP_ID=$(jq .appId sp.json)
APP_PASS=$(jq ".password | @uri" sp.json)
TENANT_ID=$(jq .tenant sp.json)
CLUSTER_ID=subscriptions/$SUBSCRIPTION_ID/resourceGroups/$CLUSTER_RESOURCE_GROUP/providers/Microsoft.ContainerService/managedClusters/$CLUSTER_NAME
az role assignment create \
--role "Azure Kubernetes Service Cluster User Role" \
--scope /$CLUSTER_ID \
--assignee $APP_ID
token=$(
curl -X POST -d "grant_type=client_credentials&client_id=$APP_ID&client_secret=$APP_PASS&resource=https%3A%2F%2Fmanagement.azure.com%2F"
https://login.microsoftonline.com/$TENANT_ID/oauth2/token
| jq -r .access_token)
curl -s -X POST -d "" -H "Authorization:Bearer $token" \
https://management.azure.com/$CLUSTER_ID/listClusterUserCredential\?api-version\=2022-10-02-preview \
| jq -r '.kubeconfigs[0].value' \
| base64 -d \
> $HOME/.kube/config.testme
from k8s.
Related Issues (20)
- kubectl broken in latest builds HOT 6
- Candidate Tools to add HOT 24
- Is it possible to remove test data keys from the image build to avoid container security scanning alerts? HOT 5
- Environment variables not expanded. HOT 1
- Compatible with arm64 HOT 3
- Helm plugins are no longer installed HOT 3
- add automation test in build pipeline HOT 1
- Update Helm Unittest repository HOT 2
- Compatibility of Helm with K8s HOT 1
- ansible HOT 1
- Vulnerabilities on this image HOT 1
- about azure-tool HOT 1
- Missing colordiff as external diff for kubectl HOT 2
- Install helm plugin: helm-secrets HOT 3
- Add kubeconform HOT 3
- No new image releases for alpine/k8s on docker-hub? HOT 4
- add helmfile HOT 2
- Please include openssl HOT 4
- No new images releases for alpine/k8s on docker-hub? HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from k8s.