About Me

My photo
I am an MCSE in Data Management and Analytics, specializing in MS SQL Server, and an MCP in Azure. With over 19+ years of experience in the IT industry, I bring expertise in data management, Azure Cloud, Data Center Migration, Infrastructure Architecture planning, as well as Virtualization and automation. I have a deep passion for driving innovation through infrastructure automation, particularly using Terraform for efficient provisioning. If you're looking for guidance on automating your infrastructure or have questions about Azure, SQL Server, or cloud migration, feel free to reach out. I often write to capture my own experiences and insights for future reference, but I hope that sharing these experiences through my blog will help others on their journey as well. Thank you for reading!

AKS Cluster creation with with network-plugin azure and network-plugin kubenet --network-policy calico(difference)


AKS Cluster creation with network-plugin  azure and "network-plugin kubenet --network-policy calico"

with network-plugin  azure

What is --network-plugin azure

Ans: -

network-plugin azure is an option that can be used when creating an AKS cluster using the Azure CLI. It specifies that the Azure Container Networking Interface (CNI) network plugin should be used for the AKS cluster.

The Azure CNI is a network plugin that is designed to work with the Azure virtual network infrastructure.

 It provides pod-to-pod and pod-to-service communication within the Azure virtual network, and enables the use of Kubernetes services and Kubernetes LoadBalancer resources.

When you create an AKS cluster with the --network-plugin azure option, it automatically creates a virtual network and subnet for the cluster. 

It also makes sure that the nodes in the cluster can communicate with each other, as well as with other resources in the virtual network.

Please note that this option is not compatible with kubenet network plugin. If you have already have a VNET and subnet you could use --vnet-subnet-id and --service-cidr options instead of --network-plugin azure

~~~~~~~~~~~~~~~~~~~~~~~~~~~Its command ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

az group create --name rakResourceGroup --location eastus

az aks create --resource-group rakResourceGroup --name rakAKSCluster --node-count 1 --generate-ssh-keys --network-plugin azure --service-cidr 10.0.0.0/16 --dns-service-ip 10.0.0.10 --pod-cidr 10.244.0.0/16 --enable-managed-identity


In case if you want to delete Resource Group

az aks delete --name rakAKSCluster  --resource-group rakResourceGroup  --no-wait --yes

az group delete --name rakResourceGroup   --yes


network-plugin kubenet --network-policy calico

Ans: - network-plugin kubenet and network-policy calico are options that can be used when creating an AKS cluster using the Azure CLI.


network-plugin kubenet specifies that the kubenet network plugin should be used for the AKS cluster. kubenet is the default network plugin for AKS clusters on Azure. It provides the basic network connectivity for pods in the AKS cluster.


network-policy calico specifies that the Calico network policy provider should be used for the AKS cluster. Calico is an open-source network policy provider that enables fine-grained network segmentation within a Kubernetes cluster. It allows you to define and enforce network policies for pods and services in the AKS cluster.


When you create an AKS cluster with the network-plugin kubenet and network-policy calico options, the cluster will use kubenet as the network plugin to provide basic network connectivity and Calico as the network policy provider to define and enforce network policies.


Please note that, it is important to adjust the parameters like resource group name, location, cluster name, and IPs as per your requirement and also make sure that you have the necessary permissions to create resources in the specified resource group and location.


~~~~~~~~~~~~~~~~~~~Its command ~~~~~~~~~~~~~~~~~~~~~

az group create --name rakResourceGroup --location eastus

az network vnet create --resource-group rakResourceGroup --name rakVnet --address-prefix 10.20.0.0/16 --subnet-name rakSubnet --subnet-prefix 10.20.0.0/24

az aks create --resource-group rakResourceGroup --name myAKSCluster --node-count 1 --generate-ssh-keys --network-plugin kubenet --network-policy calico --vnet-subnet-id /subscriptions/69b34dfc-4b97-4259-93f3-037ed7eec25e/resourceGroups/rakResourceGroup/providers/Microsoft.Network/virtualNetworks/rakVnet/subnets/rakSubnet

In case if you want to delete Resource Group

az group delete --name rakResourceGroup --yes 

Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)