Prerequisites

Konvoy prerequisites

Before you begin using Konvoy, you must have:

• An x86_64-based Linux or macOS machine.
• The dkp binary for Linux, or macOS.
• Docker version 18.09.2 or later installed.
• kubectl for interacting with the running cluster.
• Azure CLI.
• A valid Azure account with credentials configured.

NOTE: On macOS, Docker runs in a virtual machine. Configure this virtual machine with at least 8GB of memory.

Control plane nodes

You should have at least three control plane nodes. Each control plane node should have at least:

• 4 cores
• 16 GiB memory
• Approximately 80 GiB of free space for the volume used for /var/lib/kubelet and /var/lib/containerd.
• Disk usage must be below 85% on the root volume.

DKP on Azure defaults to deploying a Standard_D4s_v3 virtual machine with an 128 GiB volume for the OS and an 80GiB volume for etcd storage, which meets the above requirements.

Worker nodes

You should have at least four worker nodes. The specific number of worker nodes required for your environment can vary depending on the cluster workload and size of the nodes. Each worker node should have at least:

• 8 cores
• 32 GiB memory
• Around 80 GiB of free space for the volume used for /var/lib/kubelet and /var/lib/containerd.
• Disk usage must be below 85% on the root volume.

DKP on Azure defaults to deploying a Standard_D8s_v3 virtual machine with an 80 GiB volume for the OS, which meets the above requirements.

If you use these instructions to create a cluster on Azure using the DKP default settings without any edits to configuration files or additional flags, your cluster is deployed on an Ubuntu 20.04 operating system image with 3 control plane nodes, and 4 worker nodes which match the requirements above.

Azure prerequisites

Before you begin using Konvoy with Azure, you must:

1. Log in to Azure:

   az login
   

   [
     {
       "cloudName": "AzureCloud",
       "homeTenantId": "a1234567-b132-1234-1a11-1234a5678b90",
       "id": "b1234567-abcd-11a1-a0a0-1234a5678b90",
       "isDefault": true,
       "managedByTenants": [],
       "name": "Mesosphere Developer Subscription",
       "state": "Enabled",
       "tenantId": "a1234567-b132-1234-1a11-1234a5678b90",
       "user": {
         "name": "user@azuremesosphere.onmicrosoft.com",
         "type": "user"
       }
     }
   ]
   

2. Create an Azure Service Principal (SP) by running the following command:

   NOTE: If an SP with the name exists, this command will rotate the password.

   az ad sp create-for-rbac --role contributor --name "$(whoami)-konvoy" --scopes=/subscriptions/$(az account show --query id -o tsv)
   

   {
     "appId": "7654321a-1a23-567b-b789-0987b6543a21",
     "displayName": "azure-cli-2021-03-09-23-17-06",
     "password": "Z79yVstq_E.R0R7RUUck718vEHSuyhAB0C",
     "tenant": "a1234567-b132-1234-1a11-1234a5678b90"
   }
   

3. Set the required environment variables:

   export AZURE_SUBSCRIPTION_ID="<id>"       # b1234567-abcd-11a1-a0a0-1234a5678b90
   export AZURE_TENANT_ID="<tenant>"         # a1234567-b132-1234-1a11-1234a5678b90
   export AZURE_CLIENT_ID="<appId>"          # 7654321a-1a23-567b-b789-0987b6543a21
   export AZURE_CLIENT_SECRET="<password>"   # Z79yVstq_E.R0R7RUUck718vEHSuyhAB0C
   

4. Base64 encode the same environment variables:

   export AZURE_SUBSCRIPTION_ID_B64="$(echo -n "${AZURE_SUBSCRIPTION_ID}" | base64 | tr -d '\n')"
   export AZURE_TENANT_ID_B64="$(echo -n "${AZURE_TENANT_ID}" | base64 | tr -d '\n')"
   export AZURE_CLIENT_ID_B64="$(echo -n "${AZURE_CLIENT_ID}" | base64 | tr -d '\n')"
   export AZURE_CLIENT_SECRET_B64="$(echo -n "${AZURE_CLIENT_SECRET}" | base64 | tr -d '\n')"
   

When you completed, move on to the Bootstrap section.