Last active
November 15, 2022 06:08
-
-
Save rgpower/46bbb5b3760a887d5b0d07f0fc74eb83 to your computer and use it in GitHub Desktop.
Setup cilium on Azure AKS using user-assigned managed identity
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| AZURE_RESOURCE_GROUP=$1 | |
| CLUSTER_NAME=$2 | |
| LOCATION=$3 | |
| AZURE_NODEGROUP=$(az aks show -n ${CLUSTER_NAME} -g ${AZURE_RESOURCE_GROUP} -o tsv --query nodeResourceGroup) | |
| AZURE_CLIENT_ID=$(az aks show -n ${CLUSTER_NAME} -g ${AZURE_RESOURCE_GROUP} -o tsv --query identityProfile.kubeletidentity.clientId) | |
| helm repo add cilium https://helm.cilium.io/ | |
| helm repo update cilium | |
| # v1.11.4 doest not work at the time of writing - https://github.com/cilium/cilium/issues/19495 | |
| helm upgrade --install cilium cilium/cilium --version v1.11.3 \ | |
| --namespace kube-system \ | |
| --set tunnel=disabled \ | |
| --set enableIPv4Masquerade=false \ | |
| --set nodeinit.enabled=true \ | |
| --set ipam.mode=azure \ | |
| --set operator.image.useDigest=true \ | |
| --set azure.enabled=true \ | |
| --set azure.resourceGroup=$AZURE_NODEGROUP \ | |
| --set azure.userAssignedIdentityID=$AZURE_CLIENT_ID |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment