Important
To complete this module, you will need a Calico Cloud account. If you are participating in a live workshop, you will receive an invite with the information to login into an active Calico Cloud environment. Once logged in, join your AKS cluster there. If you are running this workshop in a self-paced mode, you can create a Calico Cloud environment following the steps here.
Issues with being unable to navigate menus in the UI are often due to browsers blocking scripts - please ensure that you disable all blocker scripts.
-
During the workshop, you will receive an invitation to connect to a Calico Cloud organization, similar to the picture below:
-
Click on the link ACCEPT INVITATION and create a password to access the Calico Cloud.
-
Once you have access to your Calico Cloud environment, go to step 2:
-
The welcome screen will guide you to the process of connecting your cluster to Calico Cloud. Let's proceed and connect our first cluster on the Managed Clusters section. Click on the "Connect Cluster" button to start the process.
The Connect Cluster window will allow you to choose a name to identify your cluster in Calico Cloud and select which platform you are running the cluster on. The next window presents a link for you to review the cluster requirements for Calico Cloud. Calico Cloud will generate a kubectl command to run the installation script, and you need to copy and apply this command in your cluster.
⚠️ Attention: During the live workshop, the Calico Cloud cluster will be shared. To avoid confusion, you can create a random prefix for your cluster name. This name can be achieved using the following command on the Cloud9 prompt:echo $RANDOM-tigera-workshop
-
Run the installation script in your cluster. Script should look similar to this:
kubectl apply -f https://installer.calicocloud.io/manifests/cc-operator/lat est/deploy.yaml && curl -H "Authorization: Bearer a7c2oex34:00llxrhcq:1ga2c z69d7ug81yjgakpyclv6o3eu8o97kp7t2483lmwajslu47xed94e4ic8ywn" "https://www.c alicocloud.io/api/managed-cluster/deploy.yaml" | kubectl apply -f -
Output should look similar to:
namespace/calico-cloud created customresourcedefinition.apiextensions.k8s.io/installers.operator.calicocloud.io created serviceaccount/calico-cloud-controller-manager created role.rbac.authorization.k8s.io/calico-cloud-leader-election-role created clusterrole.rbac.authorization.k8s.io/calico-cloud-metrics-reader created clusterrole.rbac.authorization.k8s.io/calico-cloud-proxy-role created rolebinding.rbac.authorization.k8s.io/calico-cloud-leader-election-rolebinding created clusterrolebinding.rbac.authorization.k8s.io/calico-cloud-installer-rbac created clusterrolebinding.rbac.authorization.k8s.io/calico-cloud-proxy-rolebinding created configmap/calico-cloud-manager-config created service/calico-cloud-controller-manager-metrics-service created deployment.apps/calico-cloud-controller-manager created % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 355 100 355 0 0 541 0 --:--:-- --:--:-- --:--:-- 541 secret/api-key created installer.operator.calicocloud.io/aks-cc-repo created
Joining the cluster to Calico Cloud can take a few minutes. Meanwhile the Calico resources can be monitored until they are all reporting
Available
asTrue
.kubectl get tigerastatus
Output should look similar to:
NAME AVAILABLE PROGRESSING DEGRADED SINCE apiserver True False False 96s calico True False False 16s compliance True False False 21s intrusion-detection True False False 41s log-collector True False False 21s management-cluster-connection True False False 51s monitor True False False 2m1s
You can also monitor your cluster installation on the Calico Cloud UI. Go to the "Managed Clusters" section, select your cluster and expand the timestamp dropdown to see the installation logs. In a few minutes, the status will change from Installing to Done. Congratulations! You successfully connected your cluster to Calico Cloud.
Once the installation is completed, you can start interacting with your cluster from the Calico Cloud interface. Calico Cloud provides a single pane of glass for managing multiple clusters. If you followed the previous steps, you would have two clusters connected to Calico Cloud at this point: Your cluster and a pre-configured lab cluster that allows you to explore some of the features in Calico Cloud.
You can switch between clusters by following the steps below:
-
Navigate to the Dashboard section - the first icon under the Calico Cat on the top-left of the UI.
-
Click on the Cluster dropdown button on the top-right of the UI.
-
Select your recently added cluster.
The "Cluster" dropdown button will always be visible across the Calico Cloud UI, no matter which section you are viewing. You can change the cluster you want to interact with at any moment.
When you change the cluster, the Calico Cloud context will change immediately to reflect the information regarding the currently selected cluster.
➡️ Module 2 - Zero-Trust Workload Access Control with Namespace Isolation Recommendation