Kubernetes cluster creation

ForgeRock provides shell scripts based on the Azure CLI to use for AKS cluster creation. Use them when you deploy the CDM. After you’ve finished deploying the CDM, you can use the CDM as a sandbox to explore a different infrastructure-as-code solution, if you like.

When you create a project plan, you’ll need to identify your organization’s preferred infrastructure-as-code solution, and create your own cluster creation automation scripts, if necessary.

Here are the steps the Cloud Deployment Team followed to create a Kubernetes cluster on AKS:

Set the value of the ACR_NAME environment variable to the name of your Azure Container Registry. For example, my-container-registry, not my-container-registry.azurecr.io:
```
$ export ACR_NAME=my-container-registry
```
Create the cluster:
1. Change to the directory that contains the cluster creation script:
  $ cd /path/to/forgeops/cluster/aks
2. Source the script that contains the configuration for your cluster size. For example:
  $ source ./small.sh
3. Run the cluster creation script^[1]:
  $ ./cluster-up.sh . . .
  The script creates:
  - The cluster
  - The DS node pool (for large clusters only)
  - The fast storage class
  - The prod namespace
  - A public static IP address
4. To verify that the script created the cluster, log in to the Azure portal. Select the Kubernetes Engine option. You should see the new cluster in the list of Kubernetes clusters.
5. Run the kubectx command.
  
  The output should contain your newly created cluster and any existing clusters.
  
  The current context should be set to the context for your new cluster.
6. Set the active namespace in your local Kubernetes context to any namespace in your new cluster.
  
  The cluster-up.sh script creates the prod namespace. You can deploy the CDM in the prod namespace, or, if you prefer, create another namespace for CDM deployment.

Check the status of the pods in your cluster until all the pods are ready:

List all the pods in the cluster:

$ kubectl get pods --all-namespaces
NAMESPACE     NAME                                  READY   STATUS    RESTARTS   AGE
kube-system   azure-ip-masq-agent-b89dg             1/1     Running   0          9m25s
kube-system   azure-ip-masq-agent-d2mvv             1/1     Running   0          9m26s
kube-system   azure-ip-masq-agent-gfjwv             1/1     Running   0          9m24s
kube-system   azure-ip-masq-agent-jq62f             1/1     Running   0          9m25s
kube-system   azure-ip-masq-agent-njcl9             1/1     Running   0          9m26s
kube-system   azure-ip-masq-agent-nmdh9             1/1     Running   0          9m22s
kube-system   coredns-autoscaler-5f85dc856b-nd5zf   1/1     Running   0          11m
kube-system   coredns-dc97c5f55-4xdn2               1/1     Running   0          9m13s
kube-system   coredns-dc97c5f55-jxsxp               1/1     Running   0          11m
kube-system   csi-azuredisk-node-mhfz5              3/3     Running   0          9m26s
kube-system   csi-azuredisk-node-mtbt9              3/3     Running   0          9m22s
kube-system   csi-azuredisk-node-q6kx2              3/3     Running   0          9m26s
kube-system   csi-azuredisk-node-qfn7z              3/3     Running   0          9m25s
kube-system   csi-azuredisk-node-szpms              3/3     Running   0          9m24s
kube-system   csi-azuredisk-node-vnlqf              3/3     Running   0          9m26s
kube-system   csi-azurefile-node-4k7m5              3/3     Running   0          9m25s
kube-system   csi-azurefile-node-68xxr              3/3     Running   0          9m26s
kube-system   csi-azurefile-node-9pv8q              3/3     Running   0          9m26s
kube-system   csi-azurefile-node-kknwx              3/3     Running   0          9m22s
kube-system   csi-azurefile-node-r66c6              3/3     Running   0          9m26s
kube-system   csi-azurefile-node-rzff5              3/3     Running   0          9m24s
kube-system   konnectivity-agent-578cbddf44-5jrv5   1/1     Running   0          8m16s
kube-system   konnectivity-agent-578cbddf44-d2z5j   1/1     Running   0          8m26s
kube-system   kube-proxy-9hl8w                      1/1     Running   0          9m26s
kube-system   kube-proxy-b2xn6                      1/1     Running   0          9m26s
kube-system   kube-proxy-cj6xv                      1/1     Running   0          9m26s
kube-system   kube-proxy-d6s96                      1/1     Running   0          9m26s
kube-system   kube-proxy-kwn9f                      1/1     Running   0          9m22s
kube-system   kube-proxy-qpb52                      1/1     Running   0          9m24s
kube-system   metrics-server-79f9556b5b-t5hgv       1/1     Running   0          11m
kube-system   omsagent-np6qs                        2/2     Running   0          9m26s
kube-system   omsagent-qvvlw                        2/2     Running   0          9m25s
kube-system   omsagent-rgrwl                        2/2     Running   0          9m26s
kube-system   omsagent-rs-5bfd8795d9-hkhrr          1/1     Running   0          11m
kube-system   omsagent-xhnkb                        2/2     Running   0          9m22s
kube-system   omsagent-xvmc4                        2/2     Running   0          9m24s
kube-system   omsagent-zv7q8                        2/2     Running   0          9m26s

Review the output. Deployment is complete when:
- The READY column indicates all running containers are available. The entry in the READY column represents [total number of containers/number of available containers].
- All entries in the STATUS column indicate Running or Completed.
If necessary, continue to query your cluster’s status until all the pods are ready.

Next step

1. The cluster creation script adds a set of required labels to clusters created by ForgeRock employees. The first time you run the script, it prompts you to specify whether you’re a ForgeRock employee or not, so that it can add these labels if appropriate. You should not receive this prompt during subsequent executions of the script.

ForgeOps

Kubernetes cluster creation

Next step