Install Calico on Azure AKS cluster with Bring Your Own CNI setup.
Calico Open Source is a networking and security solution for containers, virtual machines, and native host-based workloads. It supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal services.
Whether you opt to use Calico’s eBPF data plane, Linux’s standard networking pipeline, or the Windows data plane, Calico delivers blazing-fast performance with true cloud-native scalability. Calico provides developers and cluster operators with a consistent experience and set of capabilities whether running in public cloud or on-premises, or on a single node or across a multi-thousand node cluster.
More information about Tigera Calico website
This reposetory is setup for a Workshop purpuse and demsotrates how to install Calico on Azure AKS with Bring Your Own CNI setup.
You need an Azure Account with payment Subscription to execute this workshop
Warning Microsoft will charge you a small fee when executing this demo (3 instances of type Standard_DS2_v2 used)! We strongly recomend to clean up the cluster after this demo! Clean up steps are included in this demo.
All cammands for this extersise are executed into Azure Cloud shell. Azure Cloud Shell requires an Azure file share to persist files. Create one if requested.
Let's set a environment variable for the location we will use to start the resources.
To see all possible locations enter the following:
az account list-locations -o table
Replace {name of your location} with the location where your current storage account is located.
az configure --defaults location={name of your location}
There are two methods to execute the steps to starup and clean up your AKS installation.
Clone and execute bash script
1. Clone this reposetory, cd into the folder, change execution promissons, setup the cluster and deploy the resources
git clone https://github.com/erecica/Calico-AKS-BYOCNI.git && \
cd Calico-AKS-BYOCNI && \
chmod +x *.sh && \
./start-script.sh
Note After about 5~10 min the cluster should be ready and the demo app should be deployed
./cleanup-script.sh
Note Cleaning up the cluster might take 3~7 min
Execute the commands maually
Let's first clone the repository, so all the files are locally available.
git clone https://github.com/erecica/Calico-AKS-BYOCNI.git && \
cd Calico-AKS-BYOCNI
az group create --name Calico-AKS-Resourcegroup
az aks create --resource-group Calico-AKS-Resourcegroup --name Calico-AKS-Workshop --pod-cidr 192.168.0.0/16 --network-plugin none --generate-ssh-keys
Note: It might take about 6-9 min
az aks get-credentials --resource-group Calico-AKS-Resourcegroup --name Calico-AKS-Workshop
kubectl create -f ./tigera-operator.yaml
The Tigera Operator manages the lifecycle of a Calico or Calico Enterprise installation on Kubernetes. Its goal is to make installation, upgrades, and ongoing lifecycle management of Calico and Calico Enterprise as simple and reliable as possible.
kubectl create -f ./tigera-operator-installation.yaml
kubectl apply -f ./yaobank-org.yaml
kubectl get deployments -A | egrep yao
kubectl apply -f ./yoabank-loadbalancer.yaml
kubectl get svc -n yaobank-customer yaobank-customer
Note: It might take 1-2 minutes for the loadbalancer service to acquire an external IP address. Once the external IP is vissable, you should be able to visit the demo app with your breowser.
az aks delete --name Calico-AKS-Workshop --resource-group Calico-AKS-Resourcegroup -y
Note: It might take 3-6 minutes to delete the cluster
az group delete --resource-group Calico-AKS-Resourcegroup -y
kubectl config delete-cluster Calico-AKS-Workshop
kubectl config delete-context Calico-AKS-Workshop
kubectl config delete-user clusterUser_Calico-AKS-Resourcegroup_Calico-AKS-Workshop
clouddrive unmount
You will be prompted to confirm twice.
WARN: Removing a file share from Cloud Shell will terminate your current session. Do you want to continue(y/n): y
WARN: You will be prompted to create and mount a new file share on your next session. Do you want to continue(y/n): y