f317fde28f
|
||
|---|---|---|
| .devbots | ||
| .devcontainer | ||
| .github | ||
| api | ||
| charts | ||
| config | ||
| controllers | ||
| devops | ||
| docs | ||
| examples/demo | ||
| hack | ||
| pkg | ||
| reports | ||
| scripts | ||
| .dockerignore | ||
| .envrc | ||
| .gitattributes | ||
| .gitignore | ||
| .gitmodules | ||
| .golangci.yml | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| Dockerfile | ||
| LICENSE | ||
| Makefile | ||
| PROJECT | ||
| README.md | ||
| SECURITY.md | ||
| SUPPORT.md | ||
| Taskfile.yml | ||
| azure-pipelines.yml | ||
| dev.sh | ||
| go.mod | ||
| go.sum | ||
| main.go | ||
| workspace.code-workspace | ||
README.md
Azure Service Operator (for Kubernetes)
Note: The API is expected to change (while adhering to semantic versioning). Alpha and Beta resources are generally not recommended for production environments.
The Azure Service Operator helps you provision Azure resources and connect your applications to them from within Kubernetes.
Overview
The Azure Service Operator comprises of:
- The Custom Resource Definitions (CRDs) for each of the Azure services a Kubernetes user can provision.
- The Kubernetes controller that watches for requests to create Custom Resources for each of these CRDs and creates them.
The project was built using Kubebuilder.
Curious to see how it all works? Check out our control flow diagrams.
Supported Azure Services
- Resource Group
- Event Hubs
- Azure SQL
- Azure Database for PostgreSQL
- Azure Database for MySQL
- Azure Key Vault
- Azure Cache for Redis
- Storage Account
- Blob Storage
- Virtual Network
- Application Insights
- API Management
- Cosmos DB
- Virtual Machine
- Virtual Machine Scale Set
Quickstart
Ready to quickly deploy the latest version of Azure Service Operator on your Kubernetes cluster and start exploring? Follow these steps.
-
Before starting, you must have a Kubernetes cluster (at least version 1.16) created and running. Check your connection and version with:
$ kubectl version Client Version: version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.2", GitCommit:"f5743093fd1c663cb0cbc89748f730662345d44d", GitTreeState:"clean", BuildDate:"2020-09-16T13:41:02Z", GoVersion:"go1.15", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.2", GitCommit:"52c56ce7a8272c798dbc29846288d7cd9fbae032", GitTreeState:"clean", BuildDate:"2020-04-30T20:19:45Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}You'll also need to have the Azure CLI installed (>= 2.13.0).
-
Install cert-manager on the cluster using the following command.
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v0.12.0/cert-manager.yaml -
Install Helm, and add the Helm repo for Azure Service Operator. Please note that the instructions here use Helm 3.
helm repo add aso https://raw.githubusercontent.com/Azure/azure-service-operator/master/charts -
Create an Azure Service Principal. You'll need this to grant Azure Service Operator permissions to create resources in your subscription. For more information about other forms of authentication supported by ASO, see the authentication section of the deployment documentation.
First, set the following environment variables to your Azure Tenant ID and Subscription ID with your values:
AZURE_TENANT_ID=<your-tenant-id-goes-here> AZURE_SUBSCRIPTION_ID=<your-subscription-id-goes-here>You can find these values by using the Azure CLI:
az account showNext, we'll create a service principal with Contributor permissions for your subscription, so ASO can create resources in your subscription on your behalf. Note that the ServicePrincipal you pass to the command below needs to have access to create resources in your subscription. If you'd like to use Managed Identity for authorization instead, check out instructions here.
az ad sp create-for-rbac -n "azure-service-operator" --role contributor \ --scopes /subscriptions/$AZURE_SUBSCRIPTION_IDThis should give you output like the following:
"appId": "xxxxxxxxxx", "displayName": "azure-service-operator", "name": "http://azure-service-operator", "password": "xxxxxxxxxxx", "tenant": "xxxxxxxxxxxxx"Once you have created a service principal, set the following variables to your app ID and password values:
AZURE_CLIENT_ID=<your-client-id> # This is the appID from the service principal we created. AZURE_CLIENT_SECRET=<your-client-secret> # This is the password from the service principal we created. -
Install the Azure Service Operator on your cluster using Helm.
helm upgrade --install aso aso/azure-service-operator \ --create-namespace \ --namespace=azureoperator-system \ --set azureSubscriptionID=$AZURE_SUBSCRIPTION_ID \ --set azureTenantID=$AZURE_TENANT_ID \ --set azureClientID=$AZURE_CLIENT_ID \ --set azureClientSecret=$AZURE_CLIENT_SECRETIf you would like to install an older version you can list the available versions:
helm search repo aso --versionsYou should now see the Azure service operator pods running in your cluster, like the below.
$ kubectl get pods -n azureoperator-system NAME READY STATUS RESTARTS AGE azureoperator-controller-manager-7dd75bbd97-mk4s9 2/2 Running 0 35s
To deploy an Azure service through the operator, check out the set of supported Azure services and the sample YAML files in the config/samples folder to create the resources using the following command.
kubectl apply -f <YAML file>
About the project
This project maintains releases of the Azure Service Operator that you can deploy via a configurable Helm chart.
Please see the FAQ for answers to commonly asked questions about the Azure Service Operator.
Have more questions? Feel free to consult our documentation here.
Azure Service Operator community calls are held monthly on the first Wednesday of the month at 4 PM PST. Recordings are available on our Azure Upstream YouTube channel.
Contributing
The contribution guide covers everything you need to know about how you can contribute to Azure Service Operators. The developer guide will help you onboard as a developer.
Support
Please search open issues here. If your issue isn't already represented, please open a new one. The Azure Service Operator project maintainers will respond to the best of their abilities.
For more information, see SUPPORT.md.
Code of conduct
This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.