Skip to main content

Accessing from laptop

In this guide, you will learn how to access Gjensidige's Azure Kubernetes Service (AKS) clusters from your developer laptop. Some commands used in this guide contains placeholder values for cluster information. These values should be replaced with values from Clusters Overview.

Download and install required tools

The following tools are required to complete this guide and must be installed on your laptop:

  1. Azure CLI - az
  2. The Kubernetes command-line tool - kubectl
  3. Credential plugin for Azure authentication - kubelogin

You can use az aks install-cli command to install kubectl and kubelogin.

Azure login

Login to Azure from your command line by executing the following commands:

  1. az login
  2. az account set --subscription "<subscription name>"

Configure kubelogin

  1. kubelogin convert-kubeconfig -l azurecli

Access cluster resources

Download cluster credentials to your laptop and query cluster resources:

  1. az aks get-credentials --name <cluster name> --resource-group <cluster resource group name>
  2. kubectl get all --namespace <your team namespace>
HotTips :fire:

kubectl Cheat Sheet is a great resource for learning how to use and getting better at using kubectl

Edit cluster resources or getting a shell to a container

Manual edit of resources should be used strictly for debugging

Doing persistent changes on cluster resources manually are not allowed. The only reason for doing changes manually is for debugging purposes, otherwise CI/CD should always be used. If you do changes manually, they will most probably be lost when clusters are upgraded.

If you need to edit cluster resources for debugging purposes or use kubectl exec to get a shell to a running container you have to elevate your permissions. This is done by invoking Just In Time Access with Azure Privileged Identity Management:

  1. Go to the Azure Portal
  2. Navigate to "All Services" and find "Privileged Identity Management"
  3. Navigate to "My roles" and then "Privileged access groups"
  4. Click "Activate" and provide a valid justification for your need to edit cluster resources
  5. Delete your kube tokens with: kubelogin remove-tokens