Connect Existing Azure AKS Cluster
Truefoundry can help connect an existing AWS cluster to the control-plane. To do this, you can install the tfy-k8s-azure-aks-inframold helm chart to the cluster to install all the components.
This chart will install all the components needed for Truefoundry compute-plane. You can find the default values of this chart here.
Please make sure to provide all the required parts in the values file before installing the helm chart. Also make sure that you are not overriding any already installed components in the cluster.
If some component like argocd is already installed on the cluster, you can make the value as false in the values file and then apply the helm chart. We will recommend you to download the values file from the Github repository, modify the values as required and then apply the helm chart using the command below.
Add the compute plane
- Add the cluster as the compute-plane from the UI and get the cluster token
- Copy the
token
,tenantName
and thecontrolPlaneURL
Installing TrueFoundry
Pre-requisites
- Installing helm
- Add the following chart repository
helm repo add argocd https://argoproj.github.io/argo-helm helm repo add truefoundry https://truefoundry.github.io/infra-charts/
- Updating helm repo to download the latest local repository index
helm repo update argocd truefoundry
Installing truefoundry helm chart
- Installing
argocd
helm charthelm upgrade --install argocd argocd/argo-cd -n argocd \ --create-namespace \ --version 6.7.10 \ --set applicationSet.enabled=false \ --set notifications.enabled=false \ --set dex.enabled=false
- Create
values.yaml
for the truefoundry helm chart. You can refer to the values for more details. - Fill the following values
tenantName
- name of the tenant. If you haven't created one. please do it herecontrolPlaneURL
- URL at which to host the platform (for e.g.https://truefoundry.example.com
)clusterName
- name of the clustertfyAgent.token
- token of the cluster
- Run the following command to install the chart
helm upgrade --install tfy-k8s-azure-aks-inframold \ truefoundry/tfy-k8s-azure-aks-inframold \ -f values.yaml -n argocd
- Once the helm chart is installed point the workload URL to the load balancer's IP address. To get the IP address of the load balancer
kubectl get svc tfy-istio-ingress -n istio-system
- We will also need the TLS certificates to be passed to the load balancer (in our case istio) to terminate the TLS traffic. The example is using cert-manager and Azure DNS.
Adding domain to Load balancer
- We need to add one more domain to the load balancer so that a separate domain can be used to host the workloads only. This domain can be a wildcard (recommended) as well.
- To add the domain
- Point the domain to the load balancer IP address.
- Pass the TLS certificate to istio so that it can terminate the TLS traffic.
- Add the domain in the platform.
Adding integrations
If you have used ocli to bootstrap your infrastructure then it creates the following additional resources alongwith AKS cluster in your selected resource group. Check the below documents to understand how to create the integrations manually, if not done through OCLI and how to add them to the platform.
- Container registry - How to add container registry to the platform
- Storage account - how to add storage account to the platform
- Container
- Service Principal having read only access to AKS cluster - how to add azure application to TF platform
Updated 2 months ago