⚠️ We strongly recommend new users consider ASO v2 instead of ASO v1Azure Service Operator v1 is no longer under active development.
The project was built using Kubebuilder.
Curious to see how it all works? Check out our control flow diagrams.
- Resource Group
- Event Hubs
- Azure SQL
- Azure Database for PostgreSQL
- Azure Database for MySQL
- Azure Key Vault
- Azure Cache for Redis
- Storage Account
- Blob Storage
- Virtual Network
- Application Insights
- API Management
- Cosmos DB
- Virtual Machine
- Virtual Machine Scale Set
Deprecation notice: Azure Database for MySQL - Single Server is on the retirement path and is scheduled for retirement by September 16, 2024.
Existing instances can be migrated to Azure Database for MySQL - Flexible Server using the Azure Database migration Service.
Azure Database for MySQL - Flexible Server is fully supported in ASO v2.
Ready to quickly deploy the latest version of Azure Service Operator on your Kubernetes cluster and start exploring? Follow these steps.
-
Before starting, you must have a Kubernetes cluster (at least version 1.16) created and running. Check your connection and version with:
$ kubectl version Client Version: version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.2", GitCommit:"f5743093fd1c663cb0cbc89748f730662345d44d", GitTreeState:"clean", BuildDate:"2020-09-16T13:41:02Z", GoVersion:"go1.15", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.2", GitCommit:"52c56ce7a8272c798dbc29846288d7cd9fbae032", GitTreeState:"clean", BuildDate:"2020-04-30T20:19:45Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
You'll also need to have the Azure CLI installed (>= 2.13.0).
-
Install cert-manager on the cluster using the following command.
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v0.12.0/cert-manager.yaml
Note: if you are using a more recent version of cert-manager you will have to add
--set certManagerResourcesAPIVersion=cert-manager.io/v1to the Helm command specified below. -
Install Helm, and add the Helm repo for Azure Service Operator. Please note that the instructions here use Helm 3.
helm repo add aso https://raw.githubusercontent.com/Azure/azure-service-operator/main/charts
-
Create an Azure Service Principal. You'll need this to grant Azure Service Operator permissions to create resources in your subscription. For more information about other forms of authentication supported by ASO, see the authentication section of the deployment documentation.
First, set the following environment variables to your Azure Tenant ID and Subscription ID with your values:
AZURE_TENANT_ID=<your-tenant-id-goes-here> AZURE_SUBSCRIPTION_ID=<your-subscription-id-goes-here>
You can find these values by using the Azure CLI:
az account show
Next, we'll create a service principal with Contributor permissions for your subscription, so ASO can create resources in your subscription on your behalf. Note that the ServicePrincipal you pass to the command below needs to have access to create resources in your subscription. If you'd like to use Managed Identity for authorization instead, check out instructions here.
az ad sp create-for-rbac -n "azure-service-operator" --role contributor \ --scopes /subscriptions/$AZURE_SUBSCRIPTION_ID
This should give you output like the following:
"appId": "xxxxxxxxxx", "displayName": "azure-service-operator", "name": "http://azure-service-operator", "password": "xxxxxxxxxxx", "tenant": "xxxxxxxxxxxxx"
Once you have created a service principal, set the following variables to your app ID and password values:
AZURE_CLIENT_ID=<your-client-id> # This is the appID from the service principal we created. AZURE_CLIENT_SECRET=<your-client-secret> # This is the password from the service principal we created.
-
Install the Azure Service Operator on your cluster using Helm.
helm upgrade --install aso aso/azure-service-operator \ --create-namespace \ --namespace=azureoperator-system \ --set azureSubscriptionID=$AZURE_SUBSCRIPTION_ID \ --set azureTenantID=$AZURE_TENANT_ID \ --set azureClientID=$AZURE_CLIENT_ID \ --set azureClientSecret=$AZURE_CLIENT_SECRETIf you would like to install an older version you can list the available versions:
helm search repo aso --versions
You should now see the Azure service operator pods running in your cluster, like the below.
$ kubectl get pods -n azureoperator-system NAME READY STATUS RESTARTS AGE azureoperator-controller-manager-7dd75bbd97-mk4s9 2/2 Running 0 35s
To deploy an Azure service through the operator, check out the set of supported Azure services and the sample YAML files in the config/samples folder to create the resources using the following command.
kubectl apply -f <YAML file>This project maintains releases of the Azure Service Operator that you can deploy via a configurable Helm chart.
Please see the FAQ for answers to commonly asked questions about the Azure Service Operator.
Have more questions? Feel free to consult our documentation here.