Create new AKS cluster using OCLI

The following document shows how to create a new Azure EKS cluster using OCLI

Prerequisites

  1. Install git if not already present.
  2. Install azure cli >= 2.50.
  3. Log in and set a subscription. Please ensure that the user has Contributor and RBAC admin roles in the Subscription
# login
az login

# setting the subscription
az account set --subscription $SUBSCRIPTION_ID

📘

Suggestion

We highly recommend you to please go through the Azure Infrastructure requirementscarefully.

Installing OCLI

  1. Download the binary using the below command.
    curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_darwin_arm64" -o ocli
    
    curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_darwin_amd64" -o ocli
    
    curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_linux_arm64" -o ocli
    
    curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_linux_amd64" -o ocli
    
  2. Make the binary executable and move it to $PATH
    sudo chmod +x ./ocli
    sudo mv ocli /usr/local/bin
    
  3. Confirm by running the command
    ocli --version
    

Configuring input config file

  1. To create a new cluster, you would require your Azure Subscription, Location, Resource Group.
  2. Run the following command to fill in the inputs interactively
    ocli infra-init
    
  3. For networking, there are the following possible configurations:
    1. New resource group & network (Recommended) - This will create a new resource group and a new Virtual network.
    2. Existing resource group with existing network - You can use an existing resource group and an existing Virtual network.
    3. Existing resource group with new network - You can use an existing resource group while creating a new Virtual network
  4. Once all the inputs are filled, an input config file with the nametfy-config.yaml would be generated in your current directory. We highly recommend you to once go through the generated config file and tally your inputs. You can also customize the inputs directly by editing the file. Below is the sample for the same:
aws: null
azure:
  cluster:
    name: CLUSTER_NAME
    node_pools:
      sku_ondemand: Standard_D4ds_v5
      sku_spot: Standard_D2ds_v5
  location: eastus
  network:
    existing: true
    subnet_cidr: ""
    subnet_id: "/subscriptions/xxxxx-xxxxx-xxxxx-xxxxxxxxx/resourceGroups/RESOURCE_GROUP/providers/Microsoft.Network/virtualNetworks/VNET/subnets/SUBNET"
    vnet_cidr: ""
    vnet_id: "/subscriptions/xxxxx-xxxxx-xxxxx-xxxxxxxxx/resourceGroups/RESOURCE_GROUP/providers/Microsoft.Network/virtualNetworks/VNET"
    vnet_name: ""
  platform_features:
    blob_storage:
      container_enable_override: false
      container_override_name: ""
      enabled: true
      storage_account_enable_override: false
      storage_account_override_name: ""
    cloud_integration:
      azuread_application_enable_override: false
      azuread_application_override_name: ""
      enabled: true
    container_registry:
      container_registry_enable_override: false
      container_registry_override_name: ""
      enabled: true
    enabled: true
  resource_group:
    existing: true
    name: RESOURCE_GROUP
  state:
    container_name: tfy-tfstate-CLUSTER_NAME-cn-1714629250
    resource_group: tfy-tfstate-CLUSTER_NAME-rg-1714629250
    storage_account_name: tfytfstateCLUSTER_NAMEsa
  subscription:
    id: SUBSCRIPTION_ID
    name: SUBSCRIPTION_NAME
  tags: {}
  tfy_control_plane:
    enabled: false
binaries:
  terraform:
    binary_path: null
  terragrunt:
    binary_path: null
gcp: null
provider: azure
aws: null
azure:
  cluster:
    name: CLUSTER_NAME
    node_pools:
      sku_ondemand: Standard_D4ds_v5
      sku_spot: Standard_D2ds_v5
  location: eastus
  network:
    existing: false
    subnet_cidr: 10.10.0.0/16
    subnet_id: ""
    vnet_cidr: 10.0.0.0/8
    vnet_id: ""
    vnet_name: ""
  platform_features:
    blob_storage:
      container_enable_override: false
      container_override_name: ""
      enabled: true
      storage_account_enable_override: false
      storage_account_override_name: ""
    cloud_integration:
      azuread_application_enable_override: false
      azuread_application_override_name: ""
      enabled: true
    container_registry:
      container_registry_enable_override: false
      container_registry_override_name: ""
      enabled: true
    enabled: true
  resource_group:
    existing: true
    name: RESOURCE_GROUP
  state:
    container_name: tfy-tfstate-CLUSTER_NAME-cn-1714629250
    resource_group: tfy-tfstate-CLUSTER_NAME-rg-1714629250
    storage_account_name: tfytfstateCLUSTER_NAMEsa
  subscription:
    id: SUBSCRIPTION_ID
    name: SUBSCRIPTION_NAME
  tags: {}
  tfy_control_plane:
    enabled: false
binaries:
  terraform:
    binary_path: null
  terragrunt:
    binary_path: null
gcp: null
provider: azure
aws: null
azure:
  cluster:
    name: CLUSTER_NAME
    node_pools:
      sku_ondemand: Standard_D4ds_v5
      sku_spot: Standard_D2ds_v5
  location: eastus
  network:
    existing: false
    subnet_cidr: 10.10.0.0/16
    subnet_id: ""
    vnet_cidr: 10.0.0.0/8
    vnet_id: ""
    vnet_name: ""
  platform_features:
    blob_storage:
      container_enable_override: false
      container_override_name: ""
      enabled: true
      storage_account_enable_override: false
      storage_account_override_name: ""
    cloud_integration:
      azuread_application_enable_override: false
      azuread_application_override_name: ""
      enabled: true
    container_registry:
      container_registry_enable_override: false
      container_registry_override_name: ""
      enabled: true
    enabled: true
  resource_group:
    existing: false
    name: RESOURCE_GROUP
  state:
    container_name: tfy-tfstate-CLUSTER_NAME-cn-1714629250
    resource_group: tfy-tfstate-CLUSTER_NAME-rg-1714629250
    storage_account_name: tfytfstateCLUSTER_NAMEsa
  subscription:
    id: SUBSCRIPTION_ID
    name: SUBSCRIPTION_NAME
  tags: {}
  tfy_control_plane:
    enabled: false
binaries:
  terraform:
    binary_path: null
  terragrunt:
    binary_path: null
gcp: null
provider: azure

Create the cluster

Run the following command to create the AKS cluster.

ocli infra-create --file tfy-config.yaml

This command may take around 30-45 minutes to complete.

Connecting the cluster

  • Head over to the TrueFoundry platform and log in. If you haven't logged in, then you can sign up here.
  • Once you have logged in, navigate to Settings tag from the left panel and create the new API key from the Personal Access token. Copy the API key as it will be used in the next set of commands.



Run the following commands to create the cluster in the portal. The control plane URL is the URL where you are logged in

ocli compute-plane-connect -f tfy-config.yaml --api-key API_KEY --control-plane-url CONTROL_PLANE_URL
  • This will generate a token and a values.yaml in which that token is passed

  • Content of the values.yaml will look like -

    ## @section Global Parameters
    ## @param tenantName Parameters for tenantName
    ## Tenant Name - This is same as the name of the organization used to sign up 
    ## on Truefoundry
    ##
    tenantName: "TENANT"
    
    ## @param controlPlaneURL Parameters for controlPlaneURL
    ## URL of the control plane - Same as the URL of the Truefoundry dashboard
    ##
    controlPlaneURL: "CONTROL_PLANE_URL"
    
    ## @param clusterName Name of the cluster
    ## Name of the cluster that you have created on AWS/GCP/Azure
    ##
    clusterName: "CLUSTER_NAME"
    
    ## @section Parameters for tfyAgent
    ## @param tfyAgent.enabled Flag to enable Tfy Agent
    ##
    tfyAgent:
      enabled: true
      ## @param tfyAgent.clusterToken Parameters for clusterToken
      ## Token for cluster authentication
      ##
      clusterToken: "CLUSTER_TOKEN"
    
  • Execute the command

    ocli compute-plane-install -f values.yaml --cluster-type azure-aks
    

Saving the output file (Optional)

Once the above command finishes, save the output using the command below:

ocli output --file tfy-config.yaml > output.txt

What’s Next

Go ahead and start deploying your models from the platform. You might have to go for a DNS/SSL setup to ensure that your domain is pointed to your workloads.