Skip to main content

Accessing from laptop

In this guide, you will learn how to access Gjensidige's Azure Kubernetes Service (AKS) clusters from your developer laptop. Some commands used in this guide contains placeholder values for cluster information. These values should be replaced with values from Clusters Overview.

Download and install required tools

The following tools are required to complete this guide and must be installed on your laptop:

  1. The Kubernetes command-line tool - kubectl
  2. Azure CLI - az

Azure login

Login to Azure from your command line by executing the following commands:

  1. az login
  2. az account set --subscription "<subscription name>"

Access cluster resources

Download cluster credentials to your laptop and query cluster resources:

  1. az aks get-credentials --name <cluster name> --resource-group <cluster resource group name>
  2. kubectl get all --namespace <your team namespace>
HotTips :fire:

kubectl Cheat Sheet is a great resource for learning how to use and getting better at using kubectl

Edit cluster resources

Manual edit of resources should be used strictly for debugging

Doing persistent changes on cluster resources manually are not allowed. The only reason for doing changes manually is for debugging purposes, otherwise CI/CD should always be used. If you do changes manually, they will most probably be lost when clusters are upgraded.

If you need to edit cluster resources for debugging purposes you have to elevate your permissions. This is done by invoking Just In Time Access with Azure Privileged Identity Management:

  1. Go to the Azure Portal
  2. Navigate to "All Services" and find "Privileged Identity Management"
  3. Navigate to "My roles" and then "Privileged access groups"
  4. Click "Activate" and provide a valid justification for your need to edit cluster resources
  5. When the activation has finished you need to rerun az aks get-credentials --name <cluster name> --resource-group <resource group name> to refresh your cluster credentials