Thursday, May 15, 2025

 Summary of commands needed to setup airflow with SSO on AKS:

This is in continuation of previous article.

az aks update --resource-group <resource-group> --name <cluster-name> --enable-azure-rbac

az aks update --resource-group <resource-group> --name <cluster-name> --enable-aad

az aks update --resource-group <resource-group> --name <cluster-name> --enable-azure-rbac

az aks show --resource-group <resource-group> --name <cluster-name> --query "aadProfile.enableAzureRbac"

az role assignment create --assignee <user-id> --role "Azure Kubernetes Service RBAC Cluster Admin" --scope /subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.ContainerService/managedClusters/<cluster-name>

az role assignment list --assignee <user-id> --scope /subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.ContainerService/managedClusters/<cluster-name> --query "[].roleDefinitionName"

az login

az account set --subscription <subscription-id>

az aks get-credentials --resource-group <resource-group> --name <cluster-name>

kubelogin convert-kubeconfig -l azurecli

kubectl auth can-i list services --all-namespaces

kubectl get services --all-namespaces

az provider list --query "[?namespace=='Microsoft.ContainerService'].resourceTypes[].locations" --output table

az login

az role assignment create --assignee 50996fd9-da74-4f41-b262-490d074bc807 --role "Azure Kubernetes Service RBAC Cluster Admin" --scope /subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.ContainerService/managedClusters/<kubernetes-cluster>

az role assignment list --assignee 50996fd9-da74-4f41-b262-490d074bc807 --scope /subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.ContainerService/managedClusters/<kubernetes-cluster>

az aks get-credentials --resource-group <resource-group> --name <kubernetes-cluster>

kubelogin convert-kubeconfig -l azurecli

kubectl auth can-i list services --all-namespaces

choco install kubernetes-helm

helm repo add apache-airflow https://airflow.apache.org

helm upgrade --install airflow apache-airflow/airflow --namespace airflow --create-namespace

kubectl get secret --namespace airflow airflow-fernet-key -o jsonpath="{.data.fernet-key}" | base64 --decode

kubectl port-forward svc/airflow-webserver 8080:8080 --namespace airflow


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)