Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Self-Studying: Cluster Management on Azure

Self-Studying: Cluster Management on Azure

Kyohei Mizumoto

July 23, 2019

More Decks by Kyohei Mizumoto

Other Decks in Technology


  1. Motivation I don't use kubernetes for work... So, I tried

    to create the self-study project by myself!
  2. Configuration Kubernetes Cluster(AKS) App(Mattermost) Prometheus Grafana Cert Manager Fluent Bit

    Azure Load Balancer Azure Database for PostgreSQL server Azure Key Vault Azure Log Analytics
  3. Features Monitoring Prometheus + Grafana Logging Fluent Bit + Azure

    Log Analytics TLS support Cert Manager Secret management Azure Key Vault
  4. IaC All Azure services (but DB) are managed with terraform

    azurerm_resource_group azurerm_kubernetes_cluster azurerm_key_vault azurerm_key_vault_secret azurerm_log_analytics_workspace $ terraform apply Otheres are manifests
  5. Problems Azure Key Vault doesn't support env variables https://github.com/Azure/kubernetes-keyvault-flexvol/issues/28 (How

    can I deploy legacy apps using env variables?) Secrets on Azure Key Vault (which were created with terraform) are now inaccessible from outside the cluster (Something wrong with access policies) I've not set metrics of prometheus and fluent bit properly yet I have to deploy some kubernetes resources in turn (CD will solve it?)