This section guides you through the basic steps to prepare your environment and install Konvoy on Azure.
The azure command line utility
Docker version 18.09.2 or newer
kubectl v1.16.15 or newer (for interacting with the running cluster)
A valid Azure account with credentials configured. You need to be authorized as a
Contributorin your Azure account and need the be able to assign roles to a user.
az role assignment create --assignee YOUR_USER_LOGIN --role "User Access Administrator"
Make sure to set your subscription you want to use
az account set --subscription "Your Subscription Label"
After verifying your prerequisites, you can create an Azure Kubernetes cluster by running
This command creates your Azure Virtual Machines instances, installs Kubernetes and default add-ons to support your Kubernetes cluster.
konvoy up command does the following:
- Provisions three
Standard_D4S_v3virtual machines as Kubernetes master nodes
- Provisions six
Standard_D4S_v3virtual machines as Kubernetes worker nodes
- Deploys all of the following default add-ons:
- Azure Disk CSI driver
- Elasticsearch (including Elasticsearch Exporter)
- Fluent Bit
- Prometheus operator (including Grafana, AlertManager and Prometheus Adapter)
- Kubernetes dashboard
- Operations portal
- Dex identity service
- Dex Kubernetes client authenticator
- Traefik forward authorization proxy
- Default Storage Class Protection
- Konvoy Config
The default configuration options are recommended for a small cluster (about 10 worker nodes).
Modifying the cluster name
By default, the cluster name is the name of the folder where your run the
The cluster name will be used to tag the provisioned infrastructure and the context when applying the kubeconfig file.
To customize the cluster name, run the following command:
konvoy up --provisioner azure --cluster-name <YOUR_SPECIFIED_NAME>
NOTE: The cluster name may only contain the following characters:
a-z, 0-9, . - and _.
Show planned infrastructure changes
konvoy up or
konvoy provision it is also possible to show the calculated changes that would be performed on the infrastructure by Terraform.
Running the following command should result in a similar output:
$ konvoy provision --plan-only ... Plan: 41 to add, 0 to change, 0 to destroy.
NOTE: This command can be run before the initial provisionioning or at any point after modifications are made to the
Control plane and worker nodes
Control plane nodes are the nodes where the Kubernetes Control Plane components will be installed.
The Control Plane contains various components, including
kube-apiserver (that you will interact with through
kube-controller-manager. Please also refer to the Concepts section.
Having three control plane nodes makes the cluster “highly available” to protect against failures.
Worker nodes run your containers in Kubernetes pods.
The default addons help you manage your Kubernetes cluster by providing monitoring (Prometheus), logging (Elasticsearch), dashboards (Kubernetes Dashboard), storage (Azure Disk CSI Driver), ingress (Traefik) and other services.
Viewing installation operations
As noted above, you start the cluster installation by running the
konvoy up command.
konvoy up command runs, you will see output about the operations performed.
The first set of messages you see is the output generated by Terraform as it provisions your nodes.
After the nodes are provisioned, Ansible connects to the EC2 instances and installs Kubernetes in steps called tasks and playbooks. Near the end of the output, addons are installed.
Viewing cluster operations
You can access user interfaces to monitor your cluster through the Operations Portal.
After you run the
konvoy up command, if the installation is successful, the command output displays the information you need to access the Operations Portal.
For example, you should see information similar to this:
Kubernetes cluster and addons deployed successfully! Run `konvoy apply kubeconfig` to update kubectl credentials. Navigate to the URL below to access various services running in the cluster. https://126.96.36.199/ops/landing And login using the credentials below. Username: AUTO_GENERATED_USERNAME Password: SOME_AUTO_GENERATED_PASSWORD_12345 The dashboard and services may take a few minutes to be accessible.
Checking the files installed
konvoy up completes its setup operations, the following files are generated:
cluster.yaml- defines the Konvoy configuration for the cluster, where you customize your cluster configuration.
admin.conf- is a kubeconfig file, which contains credentials to connect to the
kube-apiserverof your cluster through
inventory.yaml- is an Ansible Inventory file.
statefolder - contains Terraform files, including a state file.
cluster-name-ssh.pub- stores the SSH keys used to connect to the EC2 instances.
runsfolder - which contains logging information.