Using vRA to deploy Azure AKS Clusters and register with Tanzu Mission Control

This post was originally published on this site

This walk-through will detail the technical configurations for using vRA Code Stream to deploy AWS EKS Clusters, register them as Kubernetes endpoints in vRA Cloud Assembly and Code Stream, and finally register the newly created cluster in Tanzu Mission Control.

This post mirrors my original blog post on using vRA to deploy AWS EKS clusters.


Tanzu Mission Control has some fantastic capabilities, including the ability to deploy Tanzu Kubernetes Clusters to various platforms (vSphere, AWS, Azure). However today there is no support to provision native Azure AKS clusters, it can however manage most Kubernetes distributions.

Therefore, when I was asked about where VMware could provide such capabilities, my mind turned to the ability to deploy the clusters using vRA Code Stream and provide additional functions on making these AKS clusters usable.

High Level Steps
  • Create a Code Stream Pipeline
    • Create an Azure AKS Cluster
    • Create AKS cluster as endpoint in both Code Stream and Cloud Assembly
    • Register AKS cluster in Tanzu Mission Control
    • Export the SSH keys for the AKS cluster to the docker host.
Creating a Code Stream Pipeline to deploy a Azure AKS Cluster and register the endpoints with vRA and Tanzu Mission Control
Create the variables to be used

First, we will create several variables in Code Stream, you could change the pipeline tasks to use inputs instead if you wanted.

  • Create as regular variable
    • aks-tmc-url
      • This is your Tanzu Mission Control URL
  • Create as secret
    • aks-tmc-token
      • VMware Cloud Console token for access to use Tanzu Mission Control
    • aks-vra-token
      • VMware Cloud Console token for access to use vRealize Automation Cloud
    • aks_app_id
      • This is from your service principal creation
    • aks_app_password
      • This is from your service principal creation
    • aks_tennant_id
      • This is your Azure tenant ID where you have registered the service principal

vRA AKS TMC - Create Variables

Import the “Deploy AKS Cluster” pipeline

Create (import) the pipeline in Code Stream. (File here). Set line two to your project name then click import.

vRA AKS TMC - Code Stream - Import pipelineOpen the pipeline, so that we can now configure the necessary items for your infrastructure.

On the Input tab, change the defaults as necessary. I’ve aimed to make the descriptions as useful as possible.

vRA AKS TMC - Code Stream - Input - Set defaults

On the Workspace tab, select your Docker Host to use.

vRA AKS TMC - Code Stream - Workspace - Set Docker Host

On the Model tab, select each task and click the validate button, ensure you get a green tick. If there are any errors displayed, resolve them. Usually, it’s the referenced variable names do not match.

To be able to access the SSH keys created for the AKS please follow this blog post to alter the pipeline.

You can also explore each of the tasks and make any changes you feel necessary. I wrote a blog post here on extracting files created by a CI Task and email notifications.

vRA AKS TMC - Code Stream - Model - Validate Tasks

When you are happy, click save on the bottom left and enable the pipeline.

vRA AKS TMC - Code Stream - Enable Pipeline

Running the pipeline

Now the pipeline is enabled, you will be able to run the pipeline.

vRA AKS TMC - Code Stream - Run Pipeline

Provide the details for the inputs.

vRA AKS TMC - Code Stream - Run Pipeline - Provide Inputs

Click to view the running execution of the pipeline either on the Executions page, or from the little green dialog box that appears if you ran the pipeline from within the pipeline editing view.

Below you can see the output of the first stage and task running. You can click each stage and task to see the progress and outputs from running the commands. Once the pipeline has completed, you’ll see an output all green and the completed message.

vRA AKS TMC - Code Stream - Run Pipeline - Execution

And finally, you’ll have the following items created and configured.

  • Azure AKS Cluster
  • Cloud Assembly – External Kubernetes Endpoint
  • Code Stream – Kubernetes Endpoint
  • Tanzu Mission Control – Kubernetes cluster attached
  • Optional: the SSH keys generated for the nodes available on the docker host.


vRA AKS TMC - Cloud Assembly - Kubernetes Endpoint

vRA AKS TMC - Code Stream - Kubernetes Endpoint

vRA AKS TMC - TMC - cluster attached

Wrap up

So this blog post is very similar to my previous on for deploying AWS EKS resources using vRA. There are a few changes under the hood to make this method work for AKS, and in a separate blog post I’ve also looked at how you access the files created from your CI tasks as well.

Hopefully this was helpful.



The post Using vRA to deploy Azure AKS Clusters and register with Tanzu Mission Control appeared first on