Install Calico on Azure AKS cluster with Bring Your Own CNI setup.

Calico Open Source is a networking and security solution for containers, virtual machines, and native host-based workloads. It supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal services.

Whether you opt to use Calico’s eBPF data plane, Linux’s standard networking pipeline, or the Windows data plane, Calico delivers blazing-fast performance with true cloud-native scalability. Calico provides developers and cluster operators with a consistent experience and set of capabilities whether running in public cloud or on-premises, or on a single node or across a multi-thousand node cluster.

More information about Tigera Calico website

This reposetory is setup for a Workshop purpuse and demsotrates how to install Calico on Azure AKS with Bring Your Own CNI setup.

You need an Azure Account with payment Subscription to execute this workshop

Warning Microsoft will charge you a small fee when executing this demo (3 instances of type Standard_DS2_v2 used)! We strongly recomend to clean up the cluster after this demo! Clean up steps are included in this demo.

All cammands for this extersise are executed into Azure Cloud shell. Azure Cloud Shell requires an Azure file share to persist files. Create one if requested.

Let's set a environment variable for the location we will use to start the resources.

To see all possible locations enter the following:

az account list-locations -o table

Replace {name of your location} with the location where your current storage account is located.

az configure --defaults location={name of your location}

There are two methods to execute the steps to starup and clean up your AKS installation.

Clone and execute bash script

git clone https://github.com/erecica/Calico-AKS-BYOCNI.git && \ 
cd Calico-AKS-BYOCNI && \
chmod +x *.sh && \
./start-script.sh

Note After about 5~10 min the cluster should be ready and the demo app should be deployed

./cleanup-script.sh

Note Cleaning up the cluster might take 3~7 min

Execute the commands maually

Let's first clone the repository, so all the files are locally available.

git clone https://github.com/erecica/Calico-AKS-BYOCNI.git && \ 
cd Calico-AKS-BYOCNI

az group create --name Calico-AKS-Resourcegroup

az aks create --resource-group Calico-AKS-Resourcegroup --name Calico-AKS-Workshop --pod-cidr 192.168.0.0/16 --network-plugin none --generate-ssh-keys

Note: It might take about 6-9 min

az aks get-credentials --resource-group Calico-AKS-Resourcegroup --name Calico-AKS-Workshop

kubectl create -f ./tigera-operator.yaml

The Tigera Operator manages the lifecycle of a Calico or Calico Enterprise installation on Kubernetes. Its goal is to make installation, upgrades, and ongoing lifecycle management of Calico and Calico Enterprise as simple and reliable as possible.

kubectl create -f ./tigera-operator-installation.yaml

kubectl apply -f ./yaobank-org.yaml

kubectl get deployments -A | egrep yao

kubectl apply -f ./yoabank-loadbalancer.yaml

kubectl get svc -n yaobank-customer yaobank-customer

Note: It might take 1-2 minutes for the loadbalancer service to acquire an external IP address. Once the external IP is vissable, you should be able to visit the demo app with your breowser.

az aks delete --name Calico-AKS-Workshop --resource-group Calico-AKS-Resourcegroup -y 

Note: It might take 3-6 minutes to delete the cluster

az group delete --resource-group Calico-AKS-Resourcegroup -y

kubectl config delete-cluster Calico-AKS-Workshop
kubectl config delete-context Calico-AKS-Workshop
kubectl config delete-user clusterUser_Calico-AKS-Resourcegroup_Calico-AKS-Workshop

clouddrive unmount

You will be prompted to confirm twice.

WARN: Removing a file share from Cloud Shell will terminate your current session. Do you want to continue(y/n): y

WARN: You will be prompted to create and mount a new file share on your next session. Do you want to continue(y/n): y