Azure Citadel
  • Blogs
  • ARM
  • Azure Arc
    • Overview
    • Azure Arc-enabled Servers
      • Prereqs
      • Scenario
      • Hack Overview
      • Azure Landing Zone
      • Arc Pilot resource group
      • Azure Monitoring Agent
      • Additional policy assignments
      • Access your on prem VMs
      • Create onboarding scripts
      • Onboarding using scripts
      • Inventory
      • Monitoring
      • SSH
      • Windows Admin Center
      • Governance
      • Custom Script Extension
      • Key Vault Extension
      • Managed Identity
    • Azure Arc-enabled Kubernetes
      • Prereqs
      • Background
      • Deploy Cluster
      • Connect to Arc
      • Enable GitOps
      • Deploy Application
      • Enable Azure AD
      • Enforce Policy
      • Enable Monitoring
      • Enable Azure Defender
      • Enable Data Services
      • Enable Application Delivery
    • Useful Links
  • Azure CLI
    • Install
    • Get started
    • JMESPATH queries
    • Integrate with Bash
  • Azure Landing Zones
    • Prereqs
    • Day 1
      • Azure Baristas
      • Day 1 Challenge
    • Day 2
      • Example
      • Day 2 Challenge
    • Day 3
      • Day 3 Challenge
    • Useful Links
  • Azure Policy
    • Azure Policy Basics
      • Policy Basics in the Azure Portal
      • Creating Policy via the CLI
      • Deploy If Not Exists
      • Management Groups and Initiatives
    • Creating Custom Policies
      • Customer scenario
      • Policy Aliases
      • Determine the logic
      • Create the custom policy
      • Define, assign and test
  • Azure Stack HCI
    • Overview
    • Useful Links
    • Updates from Microsoft Ignite 2022
  • Marketplace
    • Introduction
      • Terminology
      • Offer Types
    • Partner Center
    • Offer Type
    • Publish a VM Offer HOL
      • Getting Started
      • Create VM Image
      • Test VM Image
      • VM Offer with SIG
      • VM Offer with SAS
      • Publish Offer
    • Other VM Resources
    • Publish a Solution Template HOL
      • Getting Started
      • Create ARM Template
      • Validate ARM Template
      • Create UI Definition
      • Package Assets
      • Publish Offer
    • Publish a Managed App HOL
      • Getting Started
      • Create ARM Template
      • Validate ARM Template
      • Create UI Definition
      • Package Assets
      • Publish Offer
    • Managed Apps with AKS HOL
    • Other Managed App Resources
    • SaaS Offer HOLs
    • SaaS Offer Video Series
      • Video 1 - SaaS Offer Overview
      • Video 2 - Purchasing a SaaS Offer
      • Video 3 - Purchasing a Private SaaS Plan
      • Video 4 - Publishing a SaaS Offer
      • Video 5 - Publishing a Private SaaS Plan
      • Video 6 - SaaS Offer Technical Overview
      • Video 7 - Azure AD Application Registrations
      • Video 8 - Using the SaaS Offer REST Fulfillment API
      • Video 9 - The SaaS Client Library for .NET
      • Video 10 - Building a Simple SaaS Landing Page in .NET
      • Video 11 - Building a Simple SaaS Publisher Portal in .NET
      • Video 12 - SaaS Webhook Overview
      • Video 13 - Implementing a Simple SaaS Webhook in .NET
      • Video 14 - Securing a Simple SaaS Webhook in .NET
      • Video 15 - SaaS Metered Billing Overview
      • Video 16 - The SaaS Metered Billing API with REST
  • Microsoft Fabric
    • Theory
    • Prereqs
    • Fabric Capacity
    • Set up a Remote State
    • Create a repo from a GitHub template
    • Configure an app reg for development
    • Initial Terraform workflow
    • Expanding your config
    • Configure a workload identity
    • GitHub Actions for Microsoft Fabric
    • GitLab pipeline for Microsoft Fabric
  • Packer & Ansible
    • Packer
    • Ansible
    • Dynamic Inventories
    • Playbooks & Roles
    • Custom Roles
    • Shared Image Gallery
  • Partner
    • Lighthouse and Partner Admin Link
      • Microsoft Cloud Partner Program
      • Combining Lighthouse and PAL
      • Minimal Lighthouse definition
      • Using service principals
      • Privileged Identity Management
    • Useful Links
  • REST API
    • REST API theory
    • Using az rest
  • Setup
  • Terraform
    • Fundamentals
      • Initialise
      • Format
      • Validate
      • Plan
      • Apply
      • Adding resources
      • Locals and outputs
      • Managing state
      • Importing resources
      • Destroy
    • Working Environments for Terraform
      • Cloud Shell
      • macOS
      • Windows with PowerShell
      • Windows with Ubuntu in WSL2
    • Using AzAPI
      • Using the REST API
      • azapi_resource
      • Removing azapi_resource
      • azapi_update_resource
      • Data sources and outputs
      • Removing azapi_update_resource
  • Virtual Machines
    • Azure Bastion with native tools & AAD
    • Managed Identities
  • About
  • Archive
  1. Home
  2. Azure Arc
  3. Azure Arc-enabled Kubernetes
  4. Prereqs

Table of Contents

  • Overview
  • Background
  • Core Pre-reqs
  • Pre-Challenge
  • Success Criteria
  • References

Prereqs

Attending the Azure Arc for Kubernetes hack? Get these completed before it starts.

Overview

There are multiple ways to complete the challenges laid out on this hack. As such there are many different tools that can be utilized to solve the challenges. However, having access to the core prerequisites outlined below will be sufficient to complete the hack.

Essentially you need an Azure Subscription that allows you to create public-facing virtual machines and service principals with role assignments.

Meet the core prereqs and complete the pre-challenge to achieve the success criteria. Don’t forget to check the references at the bottom of the page.

Background

You will be working as part of a team, and should complete these prereqs as a team.

For the hack you will be working in a proctored channel, and you will all be working on a single subscription.

The hack is designed so that you will all have an opportunity to share your screen and drive.

The hack is based around three personas:

Name Responsibility
Cluster Administrator Platform level infrastructure and cluster baseline
Application Developer Deploying and running custom applications
Operations Monitoring and ensuring cluster health

Agree within your team which persona you will adopt. This will make it more natural to take control during different hack challenges and see the hand off points and interaction between roles.

Core Pre-reqs

The prerequisites for completing this hack are as follows:

  • Each user requires a GitHub account
  • The team requires a single Azure Subscription with:
    • Access to Cloud Shell
    • Sufficient cores available
      • At least 8 Standard DAS v4 Family vCPU cores available in UK South
      • Same for both North Europe and West Europe
      • Note that multiple subscriptions may be used for the deployed clusters and may be in different tenants
    • Owner or Contributor access
    • Ability to create service principals

Windows Terminal is recommended for Cloud Shell access on Windows 10/11.

Pre-Challenge

  1. Query the core quota limit for your current subscription
  2. Register the following providers in your Azure Subscription
    • Microsoft.Web
    • Microsoft.Kubernetes
    • Microsoft.KubernetesConfiguration
    • Microsoft.ExtendedLocation
  3. Add the Azure CLI extensions for this hack
    • az extension add --name connectedk8s
    • az extension add --name k8s-configuration
    • az extension add --name k8s-extension
    • az extension add --name customlocation
  4. Create a service principal called http://prereq-test with Contributor role on the subscription

Success Criteria

  1. Access to GitHub
  2. Access to Cloud Shell
  3. Access to the Azure platform to be able to
    • deploy Azure Arc-enabled Kubernetes resources
    • create service principals

References

  1. VM Quota Check
  2. Register Providers
  3. Create service principals
Azure Arc-enabled Kubernetes Prereqs Background