Example of creating an AKS stretch cluster using a vanilla Azure VMSS to provide additional backing nodes.
The AKS managed cluster and Azure VMSS are located in different subnets of the same virtual network, but in principle virtual network peering or VPN could also be used.
export LOCATION=canadacentral # or whatever you choose
export RESOURCE_GROUP_NAME=$USER # or whatever you choose
# Create resource group, virtual network, subnets and network security group.
go run ./cmd/stretch dev deploy
# Create AKS managed cluster (no CNI). Also adds configmaps needed to run
# `kubeadm join` later.
go run ./cmd/stretch aks deploy
# Create VMSS (Ubuntu 24.04 LTS) with one instance and join to AKS managed
# cluster. Note: at the moment, a long-lived bootstrap token is passed via the
# cloud-init script.
go run ./cmd/stretch nodes deploy
# Optional: install Cilium (see
# https://docs.cilium.io/en/stable/gettingstarted/k8s-install-default/).
az aks get-credentials -g "$RESOURCE_GROUP_NAME" -n aks
cilium install --set azure.resourceGroup="$RESOURCE_GROUP_NAME"
cilium status --waitAnother way to deploy nodes is to provide an input JSON file with the required parameters.
cat input.json | go run ./cmd/stretch nodes deploy-from-input
{
"managedCluster": {
"location": "eastus2",
"subscriptionID": "<sub-id>",
"resourceGroup": "<resource-group>",
"nodeResourceGroup": "<node-resource-group>",
"name": "<cluster-name>"
},
"vmssNode": {
"location": "eastus2",
"subscriptionID": "<sub-id>",
"resourceGroup": "<resource-group>",
"name": "<vmss-name>"
},
"nodeBootstrap": {
"clusterFQDN": "<cluster-fqdn>",
"clusterCA": "<cluster-ca>",
"bootstrapToken": "<bootstrap-token>",
"sshKey": "<ssh-key>"
}
}# Access the AKS managed cluster using kubectl
az aks get-credentials -g "$RESOURCE_GROUP_NAME" -n aks
# Create debug pod on node
kubectl debug node/node000000 -it --image busybox --profile sysadmin -- chroot /host /bin/bash