Accessing from laptop
In this guide, you will learn how to access Gjensidige's Azure Kubernetes Service (AKS) clusters from your developer laptop. Some commands used in this guide contains placeholder values for cluster information. These values should be replaced with values from Clusters Overview.
Download and install required tools
The following tools are required to complete this guide and must be installed on your laptop:
- The Kubernetes command-line tool -
kubectl
- Azure CLI -
az
Azure login
Login to Azure from your command line by executing the following commands:
az login
az account set --subscription "<subscription name>"
Access cluster resources
Download cluster credentials to your laptop and query cluster resources:
az aks get-credentials --name <cluster name> --resource-group <cluster resource group name>
kubectl get all --namespace <your team namespace>
kubectl Cheat Sheet is a great resource for learning how to use and getting better at using kubectl
Edit cluster resources
Doing persistent changes on cluster resources manually are not allowed. The only reason for doing changes manually is for debugging purposes, otherwise CI/CD should always be used. If you do changes manually, they will most probably be lost when clusters are upgraded.
If you need to edit cluster resources for debugging purposes you have to elevate your permissions. This is done by invoking Just In Time Access with Azure Privileged Identity Management:
- Go to the Azure Portal
- Navigate to "All Services" and find "Privileged Identity Management"
- Navigate to "My roles" and then "Privileged access groups"
- Click "Activate" and provide a valid justification for your need to edit cluster resources
- When the activation has finished you need to rerun
az aks get-credentials --name <cluster name> --resource-group <resource group name>
to refresh your cluster credentials