Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article gives you an overview of Azure Kubernetes Service (AKS) Arc for disconnected operations on Azure Local (preview). It closely mirrors AKS capabilities on Azure Local and includes many references to Azure Local AKS articles. You'll learn how to deploy and manage AKS clusters in disconnected environments, understand key differences, and review limitations to ensure successful implementation.
Important
This feature is currently in PREVIEW. See the Supplemental Terms of Use for Microsoft Azure Previews.
Overview
AKS Arc for disconnected operations allows you to manage Kubernetes clusters and deploy applications across various environments using disconnected operations. This capability ensures you can maintain consistent management and operational experience of AKS on Azure Local using a local control plane.
Prerequisites
- Azure Command-Line Interface (CLI) installed on your local machine.
- An Azure subscription associated with disconnected operations.
- Understanding of AKS and Azure Arc concepts.
- Complete Identity for Azure Local with disconnected operations (preview).
- Complete Networking for Azure Local with disconnected operations (preview).
- Complete Public key infrastructure (PKI) for Azure Local with disconnected operations (preview).
- Complete Hardware for Azure Local with disconnected operations (preview).
- Complete Set up for Azure Local with disconnected operations (preview).
Limitations
Limitations for disconnected operations with AKS Arc include:
- Support for disconnected operations begins with the 2408 release.
- Supported Kubernetes versions: 1.27.7, 1.27.9, 1.28.5, 1.28.9, 1.29.2, and 1.29.4.
- Microsoft Entra ID (formerly Azure Active Directory) isn't supported for disconnected operations.
- GPUs aren't supported.
- Arc Gateway isn't supported for configuring outbound URLs.
- Create logical networks using the CLI only. The portal isn't supported.
- Create SSH keys using the CLI only. The portal isn't supported.
Create an AKS cluster
To create an AKS cluster that supports disconnected operations, see Create an AKS cluster through CLI and Create a Kubernetes cluster using the Azure portal.
Use the following specifications for disconnected operations:
Install the Azure CLI extension
Before you install the Azure CLI extension, make sure you have the following:
- Azure CLI version 2.60.0
- Extension version:
- customlocation: 0.1.3
- aksarc: 1.2.23
- stack-hci-vm: 1.3.0
Install the CLI extension using the following commands:
az extension add -n aksarc --version 1.2.23
az extension add -n stack-hci-vm --version 1.3.0
az config set core.instance_discovery=false --only-show-errors
For more information, see Install the Azure CLI extension.
Sign in with Azure CLI
You can use the az login command to sign in to your Azure account. For more information, see Sign in with credentials on the command line.
Create logical networks
Use the az stack-hci-vm network lnet create cmdlet to create a logical network on the VM switch in Static IP configuration. For information on limitations, see Limitations.
az stack-hci-vm network lnet create --subscription $subscription --resource-group $resource_group --custom-___location $customLocationID --name $lnetName --vm-switch-name $vmSwitchName --ip-allocation-method "Static" --address-prefixes $addressPrefixes --gateway $gateway --dns-servers $dnsServers --ip-pool-start $ipPoolStart --ip-pool-end $ipPoolEnd
For more information, see Create logical networks.
Note
Creating logical networks can be created through CLI only ; the operations through the portal isn't supported. For more information, see Azure Local VM limitations.
Create the cluster
To create the AKS cluster, we recommend you use CLI. For more information, see Create an AKS cluster through CLI.
To use the Azure portal, see Create a Kubernetes cluster using the Azure portal. To create the SSH keys, see Generate and store SSH keys with the Azure CLI.
Use the az aksarc create cmdlet to create a Kubernetes cluster.
az aksarc create -n $aksclustername -g $resource_group --custom-___location $customlocationID --vnet-ids $logicnetId --generate-ssh-keys
Note
You should get JSON-formatted information about the cluster once the creation is complete.
Here's an example script to create logical networks and an AKS Arc cluster.
# Check and update variables according to your environment.
$subscriptionId = “ ” # Update the Starter Subscription Id of your environment
$___location = "autonomous"
$resourceGroupName = " " # Update the resource group name
$customLocationResourceName = " " # This name would be referenced in resource group
$customLocationResourceId = "/subscriptions/$SubscriptionId/resourceGroups/$resourceGroupName/providers/Microsoft.ExtendedLocation/customLocations/$customLocationResourceName"
# IP config detail.
$aszhost = <Host Machine> # update with host machine name
# YAML file would be information on the following:
$vmSwitchName= # The value of vswitchname
$addressPrefixes= # The value of ipaddressprefix
$gateway= # The value of gateway
$dnsservers= # The value of dnsservers
$ipPoolStart= # Set this according to $addressPrefixes, don’t overlap k8snodeippoolstart and k8snodeippoolend
$ipPoolEnd= # Set this according to $addressPrefixes, don't overlap k8snodeippoolstart and k8snodeippoolend
# Create Logical Network for AKS cluster.
$lNetName = "aksarc-lnet-static"
az stack-hci-vm network lnet create `
--resource-group $resourceGroupName `
--custom-___location $customLocationResourceId `
--___location $___location `
--name $lNetName `
--ip-allocation-method "Static" `
--address-prefixes $addressPrefixes `
--ip-pool-start $ipPoolStart `
--ip-pool-end $ipPoolEnd `
--gateway $gateway `
--dns-servers $dnsservers `
--vm-switch-name $vmSwitchName
# Create AKS cluster using az cli.
$logicNetId = (az stack-hci-vm network lnet show --resource-group $resourceGroupName --name $lNetName --query id -o tsv)
$aksClusterName = " " # please enter the clustername
$controlPlaneIp = # Set this according to $addressPrefixes, please don't overlap $ipPoolStart and $ipPoolEnd
az aksarc create -n $aksClusterName `
--resource-group $resourceGroupName `
--custom-___location $customLocationResourceId `
--node-count 2 `
--vnet-ids $logicNetId `
--generate-ssh-keys `
--control-plane-ip $controlPlaneIp `
--only-show-errors
# --node-vm-size 'Standard_D8s_v3' `
Retrieve kubeconfig
To retrieve the kubeconfig file for the AKS cluster, use the az aksarc get-credentials cmdlet. Make sure you use your admin credentials.
Here's an example:
az aksarc get-credentials --resource-group myResourceGroup --name myAKSCluster --admin
To retrieve the certificate-based admin kubeconfig for an AKS cluster enabled by Azure Arc.
Here's an example:
az aksarc get-credentials --name "sample-aksarccluster" --resource-group "sample-rg" --file C:\AksArc\config-admin --adminkubectl --kubeconfig C:\AksArc\config-admin get ns
For more information, see Retrieve kubeconfig.
Delete an AKS cluster
You can use the az aksarc delete cmdlet to delete the AKS cluster you created.
az aksarc delete --name $aksclustername --resource-group $resource_group
Related content
This feature is available only in Azure Local 2506.