Simplify your AKS IaC Deployments using the AKS Construction Helper tool

After designing and architecting AKS the next step is to deploy your cluster/s. It is ideal to build your AKS deployments out as code.

This means taking your Azure infrastructure & AKS cluster/s design and scripting them as IaC (Infrastructure as Code). Scripting the AKS deployment vs manually deploying gives you documentation as code, standardization, & a templatized deployment for repeatability. You can deploy this code as is, place it in a pipeline for ease of deployment, in inner-source, or in a service catalog for access by multiple teams.

Microsoft has built a tool named the AKS Construction helper to accelerate building out your IaC for AKS. This tool is not as well-known as it should be. I wanted to blog about this tool to share this great resource that will save you tons of time. The AKS Construction helper was originally launched by Keith Howling of Microsoft. The core contributors to this tool have been Gordon Byers and Keith Howling with contributions from others as well.

The AKS Construction helper unifies guidance provided by the AKS Secure BaselineWell Architected FrameworkCloud Adoption Framework, and Enterprise-Scale. It also is part of the official AKS Landing Zone Accelerator (Enterprise Scale). The AKS Construction helper lets you configure your AKS deployment using wizard/form style selections. After you complete your selections the tool gives you IaC code that you can copy to perform the AKS Deployment/s. You can get code for Az CLI, a Github Actions workflow, Terraform, or a Parameters file that can be used with an ARM Template.

Let’s go ahead and take a tour of the tool.

The tool lets you select Operations Principles or Enterprise-Scale path for configuring the options.

This helps narrow down the overall design requirements of your AKS deployment.

The next section of the AKS Construction helper is to fine-tune your AKS deployment. This gives you the chance to tweak things like the cluster name, K8s version, resource group, region, to be created, IP and Cider, initial RBAC, SLA, autoscaling, upgrade configuration, cluster networking, add ons such as an ingress controller (App Gateway, NGINX, etc), monitoring such as Azure Monitor, Azure policy, service mesh, secret storage, Keda, GitOps with Flux, and even has a few options to deploy some sample apps. This is done across 5 tabs in the Fine tine and Deploy section.

After you have set all of the configurations for your cluster there is code available for you to copy on the Deploy tab. Again you have options for Az CLI, a Github Actions workflow, Terraform scripts or an ARM Template Parameters file. Running the deployment code will deploy your AKS cluster exactly how you have it configured in the AKS Construction helper tool. 

What if you are not ready to deploy your AKS Clusters now but you do not want to lose your configuration? The tool has you covered. At the end of the Deploy Cluster code you can click the link as shown in the screenshot to get a URL for your configuration.

The URL will look similar to this:

https://azure.github.io/AKS-Construction/?deploy.deployItemKey=deployArmCli&ops=oss&preset=defaultOps&deploy.location=EastUS2&addons.ingress=nginx&addons.monitor=aci&addons.openServiceMeshAddon=true&addons.fluxGitOpsAddon=true

You can access this URL at any time to pick up where you left off with your AKS deployment configuration.

That brings us to the end of this blog post. Stop wasting time, head over to the tool, and start using this for all of your AKS Deployments. Here are the links for the tool:

The wizard-driven tool can be found here:

https://azure.github.io/AKS-Construction

The GitHub Repository for the tool can be found here:

https://github.com/Azure/AKS-Construction

Read more

Speaking at a Ghana based Azure User Group on Terraform and Azure

I am happy to announce my last speaking event for 2020. Speaking at a Azure User Group based out of Ghana.

I will be speaking on Terraform and Azure! I will be diving into how to get started with using Terraform as your Infrastructure as Code tool for Azure.

This is a full event with 3 sessions. I will be joined by Microsoft Sr Cloud Advocate Thomas Maurer speaking on Azure Arc and fellow Microsoft MVP Lawrence Reddy speaking on Azure Sentinel!

The event Saturday, 5th December 2020. I hope to see you there. You can register here:

meetu.ps/e/Jygdg/FlL9h/a

Read more

Featured on RunAsRadio Podcast – Terraform vs Bicep/ARM

Recently I was a guest on another podcast! This one is RunAsRadio.com.

Had a great time chatting with Richard Campbell about Infrastructure As Code and comparing Terraform with Azure ARM Templates & the new Bicep language. Check it out here:

http://runasradio.com/Shows/Show/740

Read more

HashiCorp – Terraform Certified Associate exam & Study Guide

Yesterday HashiCorp announced their Terraform and Vault certification exams have gone public! This is exciting news for those that want to get certified on these technologies. Here is the blog announcing this: https://www.hashicorp.com/blog/announcing-hashicorp-cloud-engineering-certifications/ .

I am proud to say that I helped contribute to the Terraform Certified Associate exam. Check out my badge here: https://www.youracclaim.com/badges/077f51e4-74cd-478a-af4b-ec338dae8559 . I plan to contribute more in the future.

I am also happy to announce that I was a tech reviewer on the first study guide for this cert titled “HashiCorp Terraform Certified Associate Preparation Guide“. You can find it here: https://leanpub.com/terraform-certified/. This guide was authored by fellow Microsoft MVP Ned Bellavance and Microsoft CSA Adin Ermie. Huge thanks guys for letting me be a part of this project!

If you work with Terraform I hope you get certified and be sure to use the study guide!

Read more

Speaking at MMS 2019

In a week I will be speaking at MMS 2019! I will be presenting 3 sessions and co-hosting 2 panels. If you are attending MMS check out my sessions and the panels. Here is the rundown:

Sessions:

Monday, May 6 • 1:00pm – 2:45pm
Deploying Infrastructure as Code with Azure and Terraform – With fellow Microsoft MVP Ned Bellavance
https://sched.co/N6cC

Tuesday, May 7 • 8:00am – 9:45am
Improving your on-prem and cloud security with Azure Security Center – With fellow Microsoft MVP Ned Bellavance
https://sched.co/N6c9

Thursday, May 9 • 1:00pm – 2:45pm
Mastering Azure with Visual Studio Code – With fellow Microsoft MVP Peter De Tender.
https://sched.co/N6d4

Panels:

Tuesday, May 7 • 3:00pm – 4:45pm
Azure Governance and Management Panel
https://sched.co/N6gD

This panel includes an all-star group from Microsoft including:

Tim Benjamin
Principal Group PM Manager, Microsoft

Michael Greene
Principal Program Manager, Microsoft

Jim Britt
Senior Program Manager, Microsoft

and

Eamon O’Reilly
Principal Program Manager, Microsoft

Thursday, May 9 • 3:00pm – 4:45pm
Azure Stack Panel Discussion – (400)
https://sched.co/N6hE

This panel consists of a bunch of Microsoft MVP rockstars and Microsoft staff including:

Ned Bellavance
Founder / Microsoft MVP, Ned in the Cloud LLC

Thomas Maurer
Senior Cloud Advocate, Microsoft

Kristopher Turner
Sr. Cloud Architect/Microsoft MVP, NTT Data Services

Bert Wolters
Principal Consultant, Class-IT

Here is the MMS website:
https://mmsmoa.com

Read more

Featured on Cloudskills.fm and New Azure course

FEATURED ON CLOUDSKILLS.FM ~

CloudSkills.fm is a podcast by fellow Microsoft MVP Mike Pfeiffer and veteran in the tech space with 5 books under his belt and numerous courses on Pluralsight. The podcast can be found here: cloudskills.fm. Mike is an all around good guy and I was honored to be a featured guest on one of his podcast episodes. The podcast is weekly with technical tips and career advice for people working in the cloud computing industry. The podcast is geared for developers, IT pros, those making move into cloud.

On this episode Mike and I talked about managing both the technical and non-technical aspects of your career in the cloud computing industry. We also discuss DevOps stuff around Docker, Azure Kubernetes Service, Terraform and cloud stuff around Azure management including my 5 points to success with cloud. You can listen to the podcast here:

https://cloudskills.fm/015

Also on you can listen here: iTunes: https://podcasts.apple.com/ca/podcast/cloudskills-fm/id1448194100 and PlayerFM: https://player.fm/series/cloudskillsfm/ep-015-managing-your-cloud-career .

NEW AZURE COURSE ~

I’m very excited Opsgility recently published a new Azure course by me titled: “Deploy and Configure Infrastructure”. This course is part of the AZ 300 certification learning path for Microsoft Azure Architect Technologies. More about the AZ 300 certification can be found here: https://www.microsoft.com/en-us/learning/exam-az-300.aspx. The course is over 4 hours of Azure content!

Description of the course:

In the course learn how to analyze resource utilization and consumption, create and configure storage accounts, create and configure a VM for Windows and Linux, create connectivity between virtual networks, implement and manage virtual networking, manage Azure Active Directory, and implement and manage hybrid identities.

Objectives of the course:

  • Configure diagnostic settings on resources
  • Create baseline for resources
  • Utilize Log Search query functions
  • Configure network access to the storage account
  • Implement Azure storage replication
  • Configure high availability
  • Deploy and configure scale sets
  • Modify ARM Templates
  • Configure Azure Disk Encryption for VMs
  • Create and configure VNET peering
  • Install and configure Azure AD Connect

It can be watched here:

https://skillmeup.com/courses/player/deploy-and-configure-infrastructure

Read more