Deploy an AKS cluster - PaloAltoNetworks/cn-series-deploy GitHub Wiki
The /aks
folder contains a Terraform plan that deploys a Kubernetes cluster in Microsoft's Azure Kubernetes Service (AKS). This cluster meets the minimum requirements to support a CN-Series Next-Generation Firewall and will span across multiple availability zones for maximum redundancy and scalability.
Usage
- Log into Azure using its CLI interface.
$ az login
- Create a
terraform.tfvars
file and add the following variables and their associated values.
location = "" # The Azure region
ssh_key = "" # The contents of your SSH public key
- Initialize the Terraform providers.
$ terraform init
- Validate the Terraform plan.
$ terraform plan
- Apply the Terraform plan.
$ terraform apply
- Update the kubeconfig file with the new cluster's information.
$ az aks get-credentials --name $(terraform output az_cluster_name) --resource-group $(terraform output az_resource_group)
- Verify the cluster nodes have been built and are in a Ready status.
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
aks-default-50806154-vmss000000 Ready agent 22m v1.14.8
aks-default-50806154-vmss000001 Ready agent 22m v1.14.8
- You are now ready to deploy the CN‐Series Firewall .