diff --git a/docs/docs-content/clusters/public-cloud/azure/aks.md b/docs/docs-content/clusters/public-cloud/azure/aks.md index c5e7cf6a72..9505baa92d 100644 --- a/docs/docs-content/clusters/public-cloud/azure/aks.md +++ b/docs/docs-content/clusters/public-cloud/azure/aks.md @@ -72,10 +72,71 @@ explains how you can create an Azure AKS cluster managed by Palette. | **Tags** | Assign any desired cluster tags. Tags on a cluster are propagated to the Virtual Machines (VMs) deployed to the target environments. Example: `region:us-west`. | | **Cloud Account** | If you have already added your Azure account in Palette, select it from the **drop-down Menu**. Otherwise, click **Add New Account** and add your Azure account information. | -6. Under **Managed Kubernetes**, select **Azure AKS** and select your Azure AKS cluster profile. Click **Next** to - continue. - -7. Palette displays the cluster profile layers. Review the profile layers and customize parameters as desired in the +6. Under **Managed Kubernetes**, select **Azure AKS** and select your Azure AKS cluster profile. + +7. If you want to configure Pod and Service CIDR, populate the following configuration template and add the + configuration to your Kubernetes cluster profile layer. + + ```yaml + pack: + podCIDR: "" + serviceClusterIpRange: "" + ``` + +8. If you want to [use a managed identity](https://learn.microsoft.com/en-us/azure/aks/use-managed-identity), populate + the following configuration template and add the configuration to your Kubernetes cluster profile layer. + + - `providerID` – User-assigned identity ID in the format + `azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}` + + ```yaml + managedControlPlane: + userAssignedIdentities: + - providerID: "" + - providerID: "" + ``` + +9. If you want to integrate with Microsoft Entra ID (formerly Azure Active Directory), populate the following + configuration template and add the configuration to your Kubernetes cluster profile layer. + + ```yaml + managedControlPlane: + aadProfile: + managed: true + adminGroupObjectIDs: + - + - + ``` + +10. If you want to add a custom AKS add-on profile, populate the following configuration template and add the + configuration to your Kubernetes cluster profile layer. + + ```yaml + managedControlPlane: + addonProfiles: + - name: add-on + enabled: true + config: + mapString: string + ``` + + Consider the following example configuration for `omsagent` for reference, where: + + - `logAnalyticsWorkspaceResourceID` is the Log Analytics workspace resource ID, in the format + `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}` + + ```yaml + managedControlPlane: + addonProfiles: + - name: omsagent + enabled: true + config: + logAnalyticsWorkspaceResourceID: "" + ``` + +11. Click **Next** to continue. + +12. Palette displays the cluster profile layers. Review the profile layers and customize parameters as desired in the YAML files that display when you select a layer. You can configure custom OpenID Connect (OIDC) for Azure clusters at the Kubernetes layer. Check out @@ -90,9 +151,9 @@ explains how you can create an Azure AKS cluster managed by Palette. ::: -8. Click **Next** to continue. +13. Click **Next** to continue. -9. Configure your Azure AKS cluster using the following table for reference. +14. Configure your Azure AKS cluster using the following table for reference. :::warning @@ -127,9 +188,9 @@ explains how you can create an Azure AKS cluster managed by Palette. | **Control Plane Subnet** | Select the control plane subnet. | | **Worker Subnet** | Select the worker network. | -10. Click **Next** to continue. +15. Click **Next** to continue. -11. Provide the following node pool and cloud configuration information. To learn more about node pools, review the +16. Provide the following node pool and cloud configuration information. To learn more about node pools, review the [Node Pool](../../cluster-management/node-pool.md) guide. #### System Node Pool @@ -189,24 +250,24 @@ explains how you can create an Azure AKS cluster managed by Palette. | **Managed disk** | Choose a storage option. For more information, refer to Microsoft's [Storage Account Overview](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-overview) reference. For information about Solid State Drive (SSD) disks, refer to [Standard SSD Disks for Azure Virtual Machine Workloads](https://azure.microsoft.com/en-us/blog/preview-standard-ssd-disks-for-azure-virtual-machine-workloads/) reference. | | **Disk size** | You can choose disk size based on your requirements. The default size is **60**. | -12. Click **Next** to continue. +17. Click **Next** to continue. -13. Specify your preferred **OS Patching Schedule**. +18. Specify your preferred **OS Patching Schedule**. -14. Enable any scan options you want Palette to perform, and select a scan schedule. Palette provides support for +19. Enable any scan options you want Palette to perform, and select a scan schedule. Palette provides support for Kubernetes configuration security, penetration testing, and conformance testing. -15. Schedule any backups you want Palette to perform. Review +20. Schedule any backups you want Palette to perform. Review [Backup and Restore](../../cluster-management/backup-restore/backup-restore.md) for more information. -16. If you're using custom OIDC, configure the Role-Based Access Control (RBAC). You must map a set of users or groups +21. If you're using custom OIDC, configure the Role-Based Access Control (RBAC). You must map a set of users or groups to a Kubernetes RBAC role. To learn how to map a Kubernetes role to users and groups, refer to [Create Role Bindings](../../cluster-management/cluster-rbac.md#create-role-bindings). Refer to [Use RBAC with OIDC](../../../integrations/kubernetes.md#use-rbac-with-oidc) for an example. -17. Click **Validate** and review the cluster configuration and settings summary. +22. Click **Validate** and review the cluster configuration and settings summary. -18. Click **Finish Configuration** to deploy the cluster. Provisioning Azure AKS clusters can take several minutes. +23. Click **Finish Configuration** to deploy the cluster. Provisioning Azure AKS clusters can take several minutes. The cluster details page contains the status and details of the deployment. Use this page to track the deployment progress. diff --git a/docs/docs-content/clusters/public-cloud/azure/architecture.md b/docs/docs-content/clusters/public-cloud/azure/architecture.md index 53d57a3af1..e2604c76a3 100644 --- a/docs/docs-content/clusters/public-cloud/azure/architecture.md +++ b/docs/docs-content/clusters/public-cloud/azure/architecture.md @@ -33,7 +33,7 @@ The integration between Palette and Azure AKS unlocks the following capabilities - Palette platform enables effortless deployment and management of containerized applications with fully managed AKS. -- Palette provides you with a with serverless Kubernetes experience, an integrated continuous integration and continuous +- Palette provides you with a serverless Kubernetes experience, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. - Palette helps you unite the development and operations to a single platform. This unification helps you achieve faster