Bird
Raised Fist0
Azurecloud~5 mins

AKS cluster creation in Azure - Commands & Configuration

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Introduction
Creating an AKS cluster lets you run and manage containerized apps on Azure easily. It solves the problem of setting up and managing Kubernetes infrastructure by automating it for you.
When you want to deploy a scalable web app using containers on Azure.
When you need to run multiple microservices that communicate with each other.
When you want to test Kubernetes workloads without managing the underlying servers.
When you want to use Azure's managed Kubernetes service to reduce operational overhead.
When you want to integrate your container apps with Azure DevOps pipelines.
Commands
This command creates a resource group in Azure to hold your AKS cluster and related resources.
Terminal
az group create --name example-resource-group --location eastus
Expected OutputExpected
{ "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example-resource-group", "location": "eastus", "managedBy": null, "name": "example-resource-group", "properties": { "provisioningState": "Succeeded" }, "tags": {}, "type": "Microsoft.Resources/resourceGroups" }
--name - Specifies the name of the resource group.
--location - Specifies the Azure region where resources will be created.
This command creates the AKS cluster with 2 nodes, enables managed identity for security, and generates SSH keys for node access.
Terminal
az aks create --resource-group example-resource-group --name example-aks-cluster --node-count 2 --enable-managed-identity --generate-ssh-keys
Expected OutputExpected
{ "aadProfile": null, "agentPoolProfiles": [ { "count": 2, "maxPods": 110, "name": "nodepool1", "osType": "Linux", "type": "VirtualMachineScaleSets", "vmSize": "Standard_DS2_v2" } ], "fqdn": "example-aks-cluster-12345.hcp.eastus.azmk8s.io", "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example-resource-group/providers/Microsoft.ContainerService/managedClusters/example-aks-cluster", "location": "eastus", "name": "example-aks-cluster", "nodeResourceGroup": "MC_example-resource-group_example-aks-cluster_eastus", "provisioningState": "Succeeded", "resourceGroup": "example-resource-group", "sku": { "name": "Basic", "tier": "Free" }, "type": "Microsoft.ContainerService/ManagedClusters" }
--resource-group - Specifies the resource group where the cluster will be created.
--name - Names the AKS cluster.
--node-count - Sets the number of nodes in the cluster.
--enable-managed-identity - Enables Azure managed identity for the cluster.
--generate-ssh-keys - Automatically creates SSH keys for node access.
This command downloads the cluster credentials and configures kubectl to connect to your AKS cluster.
Terminal
az aks get-credentials --resource-group example-resource-group --name example-aks-cluster
Expected OutputExpected
Merged "example-aks-cluster" as current context in /home/user/.kube/config
--resource-group - Specifies the resource group of the AKS cluster.
--name - Specifies the name of the AKS cluster.
This command lists the nodes in your AKS cluster to verify it is running and ready.
Terminal
kubectl get nodes
Expected OutputExpected
NAME STATUS ROLES AGE VERSION aks-nodepool1-12345678-vmss000000 Ready agent 2m v1.26.1
Key Concept

If you remember nothing else from this pattern, remember: creating an AKS cluster involves making a resource group, creating the cluster with nodes, then connecting kubectl to manage it.

Common Mistakes
Not creating a resource group before creating the AKS cluster.
The AKS cluster needs a resource group to hold its resources; without it, creation fails.
Always run 'az group create' first to make the resource group.
Skipping the 'az aks get-credentials' step before using kubectl.
kubectl won't know how to connect to the cluster without the credentials configured.
Run 'az aks get-credentials' to download and set up access.
Using too few nodes for workload needs or skipping SSH key generation.
Too few nodes can cause performance issues; missing SSH keys make node access harder.
Specify a suitable node count and use '--generate-ssh-keys' for easy access.
Summary
Create a resource group to hold your AKS cluster resources.
Create the AKS cluster with a specified node count and managed identity.
Download cluster credentials to configure kubectl access.
Verify the cluster nodes are ready using kubectl.

Practice

(1/5)
1. What is the main purpose of creating an AKS cluster in Azure?
easy
A. To host traditional web applications without containers
B. To create virtual machines for general computing
C. To store large amounts of unstructured data
D. To run and manage containerized applications using Kubernetes

Solution

  1. Step 1: Understand AKS functionality

    AKS (Azure Kubernetes Service) is designed to run and manage containerized applications using Kubernetes orchestration.

  2. Step 2: Differentiate from other Azure services

    Virtual machines, storage, and web hosting are handled by other Azure services, not AKS.

  3. Final Answer:

    To run and manage containerized applications using Kubernetes -> Option D

  4. Quick Check:

    AKS = Kubernetes container management [OK]
Hint: AKS is for Kubernetes container orchestration [OK]
Common Mistakes:
  • Confusing AKS with VM creation
  • Thinking AKS is for storage
  • Assuming AKS hosts non-container apps
2. Which Azure CLI command correctly creates an AKS cluster named myCluster in resource group myGroup with 3 nodes?
easy
A. az create aks --rg myGroup --cluster-name myCluster --count 3
B. az aks create --resource-group myGroup --name myCluster --node-count 3
C. az aks new --group myGroup --cluster myCluster --nodes 3
D. az aks deploy --resource-group myGroup --name myCluster --nodes 3

Solution

  1. Step 1: Identify correct Azure CLI syntax

    The correct command to create an AKS cluster uses az aks create with parameters --resource-group, --name, and --node-count.

  2. Step 2: Compare options

    Only az aks create --resource-group myGroup --name myCluster --node-count 3 uses the correct command and parameter names as per Azure CLI documentation.

  3. Final Answer:

    az aks create --resource-group myGroup --name myCluster --node-count 3 -> Option B

  4. Quick Check:

    Correct CLI syntax = az aks create --resource-group myGroup --name myCluster --node-count 3 [OK]
Hint: Use 'az aks create' with --resource-group, --name, --node-count [OK]
Common Mistakes:
  • Using wrong command verbs like 'new' or 'deploy'
  • Incorrect parameter names like --group or --nodes
  • Mixing command order or missing required flags
3. What will be the result of this command?
az aks create --resource-group myGroup --name myCluster --node-count 2 --enable-managed-identity --ssh-key-value ~/.ssh/id_rsa.pub
medium
A. Creates an AKS cluster with 2 nodes, managed identity, and SSH access enabled
B. Creates an AKS cluster with 2 nodes but disables SSH access
C. Fails because --enable-managed-identity is not a valid flag
D. Creates an AKS cluster with 2 nodes but without managed identity

Solution

  1. Step 1: Analyze command flags

    The command uses --enable-managed-identity to enable managed identity and --ssh-key-value to set SSH public key for node access.

  2. Step 2: Understand expected behavior

    This command creates a cluster with 2 nodes, managed identity enabled, and SSH access configured using the provided key.

  3. Final Answer:

    Creates an AKS cluster with 2 nodes, managed identity, and SSH access enabled -> Option A

  4. Quick Check:

    Managed identity + SSH key = Creates an AKS cluster with 2 nodes, managed identity, and SSH access enabled [OK]
Hint: Managed identity and SSH flags enable secure access [OK]
Common Mistakes:
  • Assuming --enable-managed-identity is invalid
  • Thinking SSH is disabled without extra flags
  • Confusing managed identity with service principal
4. You run this command but get an error:
az aks create --resource-group myGroup --name myCluster --node-count two

What is the likely cause?
medium
A. The cluster name cannot be 'myCluster'
B. The resource group name is invalid
C. The node count must be a number, not a word
D. The command is missing the --enable-managed-identity flag

Solution

  1. Step 1: Check parameter types

    The --node-count parameter expects a numeric value, but 'two' is a word, causing a syntax error.

  2. Step 2: Validate other parameters

    Resource group and cluster name are valid strings; managed identity flag is optional.

  3. Final Answer:

    The node count must be a number, not a word -> Option C

  4. Quick Check:

    Numeric node count required = The node count must be a number, not a word [OK]
Hint: Node count must be numeric, not text [OK]
Common Mistakes:
  • Using words instead of numbers for counts
  • Assuming resource group or name causes error
  • Thinking managed identity flag is mandatory
5. You want to create an AKS cluster with 4 nodes, enable managed identity, and use a custom SSH key located at /keys/mykey.pub. Which command is correct?
hard
A. az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity --ssh-key-value /keys/mykey.pub
B. az aks create --resource-group myGroup --name myCluster --nodes 4 --enable-msi --ssh-key /keys/mykey.pub
C. az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity
D. az aks create --resource-group myGroup --name myCluster --node-count 4 --ssh-key-value /keys/mykey.pub

Solution

  1. Step 1: Verify required parameters

    The command must specify --node-count 4, --enable-managed-identity, and --ssh-key-value with the correct path.

  2. Step 2: Check option correctness

    az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity --ssh-key-value /keys/mykey.pub uses correct parameter names and includes all required flags. Other options have incorrect flags or missing parameters.

  3. Final Answer:

    az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity --ssh-key-value /keys/mykey.pub -> Option A

  4. Quick Check:

    Correct flags and values = az aks create --resource-group myGroup --name myCluster --node-count 4 --enable-managed-identity --ssh-key-value /keys/mykey.pub [OK]
Hint: Use full flag names and correct SSH key path [OK]
Common Mistakes:
  • Using shorthand or incorrect flags like --nodes or --ssh-key
  • Omitting managed identity flag
  • Forgetting to specify SSH key path