Skip to main content
Skip table of contents

AKS Install

These pages refer to DKP Enterprise and DKP Gov Advanced products.

If not already done, refer to Get Started section of the documentation for:

DKP Prerequisites

Before starting the DKP installation, verify that you have:

  • A Management cluster with DKP and the Kommander component installed:

An AKS cluster cannot be a Management or Essential cluster. To install DKP on your AKS cluster, first ensure you have a Management cluster with DKP and the Kommander component installed, that handles the lifecycle of your AKS cluster.

AKS Prerequisites

Follow these steps:

  1. Log in to Azure:

    az login


        "cloudName": "AzureCloud",
        "homeTenantId": "a1234567-b132-1234-1a11-1234a5678b90",
        "id": "b1234567-abcd-11a1-a0a0-1234a5678b90",
        "isDefault": true,
        "managedByTenants": [],
        "name": "Mesosphere Developer Subscription",
        "state": "Enabled",
        "tenantId": "a1234567-b132-1234-1a11-1234a5678b90",
        "user": {
          "name": "",
          "type": "user"
  2. Create an Azure Service Principal (SP) by running the following command:

    (info) NOTE: If an SP with the name exists, this command will rotate the password.

    az ad sp create-for-rbac --role contributor --name "$(whoami)-konvoy" --scopes=/subscriptions/$(az account show --query id -o tsv)


      "appId": "7654321a-1a23-567b-b789-0987b6543a21",
      "displayName": "azure-cli-2021-03-09-23-17-06",
      "password": "Z79yVstq_E.R0R7RUUck718vEHSuyhAB0C",
      "tenant": "a1234567-b132-1234-1a11-1234a5678b90"
  3. Set the required environment variables:

    export AZURE_SUBSCRIPTION_ID="<id>"       # b1234567-abcd-11a1-a0a0-1234a5678b90
    export AZURE_TENANT_ID="<tenant>"         # a1234567-b132-1234-1a11-1234a5678b90
    export AZURE_CLIENT_ID="<appId>"          # 7654321a-1a23-567b-b789-0987b6543a21
    export AZURE_CLIENT_SECRET="<password>"   # Z79yVstq_E.R0R7RUUck718vEHSuyhAB0C
  4. Base64 encode the same environment variables:

    export AZURE_SUBSCRIPTION_ID_B64="$(echo -n "${AZURE_SUBSCRIPTION_ID}" | base64 | tr -d '\n')"
    export AZURE_TENANT_ID_B64="$(echo -n "${AZURE_TENANT_ID}" | base64 | tr -d '\n')"
    export AZURE_CLIENT_ID_B64="$(echo -n "${AZURE_CLIENT_ID}" | base64 | tr -d '\n')"
    export AZURE_CLIENT_SECRET_B64="$(echo -n "${AZURE_CLIENT_SECRET}" | base64 | tr -d '\n')"
  5. Check to see what version of Kubernetes is available in your region. When deploying with AKS, you must pick a version of Kubernetes that is available in AKS and use that version for subsequent steps. To find out the list of available Kubernetes versions in the Azure Region you are using, run the following command, substituting <your-location> for the Azure region you're deploying to:

    az aks get-versions -o table --location <your-location>

    The output from this command resembles the following:

    az aks get-versions -o table --location westus
    KubernetesVersion    Upgrades
    -------------------  ----------------------------------------
    1.27.3(preview)      None available
    1.27.1(preview)      1.27.3(preview)
    1.26.6               1.27.1(preview), 1.27.3(preview)
    1.26.3               1.26.6, 1.27.1(preview), 1.27.3(preview)
    1.25.11              1.26.3, 1.26.6
    1.25.6               1.25.11, 1.26.3, 1.26.6
    1.24.15              1.25.6, 1.25.11
    1.24.10              1.24.15, 1.25.6, 1.25.11
  6. Choose a version of Kubernetes to install from the list of KubernetesVersion , choosing a compatible version as documented in the Supported Kubernetes Versions for this version of DKP. The version listed in the command is an example:

    export KUBERNETES_VERSION=1.26.6

Next Step:

AKS: Create Image

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.