b4eb38283d
This reverts commit
|
||
|---|---|---|
| .github/workflows | ||
| azure | ||
| config | ||
| controller | ||
| docs | ||
| hack | ||
| labelsync | ||
| tests | ||
| .gitignore | ||
| .goreleaser.yml | ||
| CODE_OF_CONDUCT.md | ||
| Dockerfile | ||
| LICENSE | ||
| Makefile | ||
| PROJECT | ||
| README.md | ||
| SECURITY.md | ||
| go.mod | ||
| go.sum | ||
| main.go | ||
README.md
Node Label Operator
Overview
The purpose of this Kubernetes controller is to sync ARM VM/VMSS tags and node labels in an AKS cluster.
Installation
Prerequisites
- Go >= 1.13
- Azure CLI
- access to an Azure account
Getting Started
- Create a cluster.
Create a cluster using either AKS or aks-engine, if you don't already have one ready to go.
- Create a managed service identity if you don't have one. If you have an AKS cluster, then you will use the MC_ resource group.
export AZURE_RESOURCE_GROUP=<resource-group>
export AZURE_IDENTITY_LOCATION=~/identity.json
export AZURE_IDENTITY=<identity-name>
az identity create -g $AZURE_RESOURCE_GROUP -n ${AZURE_IDENTITY} -o json > $AZURE_IDENTITY_LOCATION
export AZURE_IDENTITY_RESOURCE_ID=$(cat ${AZURE_IDENTITY_LOCATION} | jq -r .id)
export AZURE_IDENTITY_CLIENT_ID=$(cat ${AZURE_IDENTITY_LOCATION} | jq -r .clientId)
export AZURE_IDENTITY_PRINCIPAL_ID=$(cat ${AZURE_IDENTITY_LOCATION} | jq -r .principalId)
- Create roles for identity.
az role assignment create --role "Managed Identity Operator" --assignee $AZURE_IDENTITY_PRINCIPAL_ID --scope $AZURE_IDENTITY_RESOURCE_ID
az role assignment create --role "Contributor" --assignee $AZURE_IDENTITY_PRINCIPAL_ID --scope /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${AZURE_RESOURCE_GROUP}
- Create k8s resources, including controller deployment.
Clone this repository. From the root directory of the repository, run:
cat config/quickstart/quickstart.yaml | envsubst | kubectl apply -f -
To see the tags on your VM or VMSS synced as labels on nodes: kubectl get nodes --show-labels.
Other Pages
- Full Tutorial
- Setting up aad-pod-identity with user-assigned MSI
- Debugging tips
- Developer instructions
Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.