Giter Club home page Giter Club logo

Comments (4)

ozbillwang avatar ozbillwang commented on August 16, 2024

After did the research, I gave up the idea.

Azure CLI is a python package, but Microsoft develop team doesn't care of the package size (familar, right?). If I installed it in our alpine/k8s image, will increase 1.2GB+ to it, which is not suiltable for a pipeline task.

reference the discussion at Azure/azure-cli#19591 (comment)

from k8s.

ozbillwang avatar ozbillwang commented on August 16, 2024

So what's the better way to deploy a kubernetes application in Azure?

We need az cli to get credential for AKS, but install Azure CLI takes extra 1.3GB space currently, that's not suitable for a image to run in Pipeline

az aks get-credentials --resource-group MyResourceGroup --name MyAKS

from k8s.

dhduvall avatar dhduvall commented on August 16, 2024

If the only thing you need is az aks get-credentials, then it shouldn't be too hard to write just that bit by hand (I say this not having actually done it). I've been thinking about doing that in Go once I have the need, which I don't just yet. It's probably easier than whittling down the official Python package to what you need. Heck, you probably can do just this much with a couple calls to curl.

from k8s.

dhduvall avatar dhduvall commented on August 16, 2024

This was reconstructed from my command history, so it's untested in this particular form, but I was able to get the Kubernetes config back. I don't know if you have to URI-escape the password, but it works if you do.

az ad sp create-for-rbac --name "manual login to AKS test SP" -o json > sp.json
APP_ID=$(jq .appId sp.json)
APP_PASS=$(jq ".password | @uri" sp.json)
TENANT_ID=$(jq .tenant sp.json)

CLUSTER_ID=subscriptions/$SUBSCRIPTION_ID/resourceGroups/$CLUSTER_RESOURCE_GROUP/providers/Microsoft.ContainerService/managedClusters/$CLUSTER_NAME

az role assignment create \
    --role "Azure Kubernetes Service Cluster User Role" \
    --scope /$CLUSTER_ID \
    --assignee $APP_ID

token=$(
    curl -X POST -d "grant_type=client_credentials&client_id=$APP_ID&client_secret=$APP_PASS&resource=https%3A%2F%2Fmanagement.azure.com%2F"
    https://login.microsoftonline.com/$TENANT_ID/oauth2/token
    | jq -r .access_token)

curl -s -X POST -d "" -H "Authorization:Bearer $token" \
    https://management.azure.com/$CLUSTER_ID/listClusterUserCredential\?api-version\=2022-10-02-preview \
    | jq -r '.kubeconfigs[0].value' \
    | base64 -d \
    > $HOME/.kube/config.testme

from k8s.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.