Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Get started with Azure Kubernetes Fleet Manager by using the Azure CLI to create a Fleet Manager and join supported Kubernetes clusters as members.
Prerequisites
If you don't have an Azure account, create a free account before you begin.
Read the conceptual overview of Fleet Manager, which provides an explanation of fleets and member clusters referenced in this document.
Read the conceptual overview of fleet types, which provides a comparison of different fleet configuration options.
An Azure account with an active subscription. Create an account for free.
An identity (user or service principal) which can be used to log in to Azure CLI. This identity needs the following permissions for Fleet resources, and if applicable, member cluster resources:
Fleet permissions:
- Microsoft.ContainerService/fleets/read
- Microsoft.ContainerService/fleets/write
- Microsoft.ContainerService/fleets/members/read
- Microsoft.ContainerService/fleets/members/write
- Microsoft.ContainerService/fleetMemberships/read
- Microsoft.ContainerService/fleetMemberships/write
If joining AKS member clusters:
- Microsoft.ContainerService/managedClusters/read
- Microsoft.ContainerService/managedClusters/write
- Microsoft.ContainerService/managedClusters/listClusterUserCredential/action
If joining Arc-enabled Kubernetes member clusters:
- Microsoft.Kubernetes/connectedClusters/read,
- Microsoft.KubernetesConfiguration/extensions/read,
- Microsoft.KubernetesConfiguration/extensions/write,
- Microsoft.KubernetesConfiguration/extensions/delete,
Have the Azure CLI version 2.70.0 or later installed. To install or upgrade, see Install the Azure CLI.
You also need the
fleetAzure CLI extension version 1.6.2 or later, which you can install by running the following command:az extension add --name fleetRun the following command to update to the latest version of the extension released:
az extension update --name fleetSet the following environment variables:
export SUBSCRIPTION_ID=<subscription_id> export GROUP=<your_resource_group_name> export FLEET=<your_fleet_name> export LOCATION=<azure-region-name>Install
kubectlusing theaz aks install-clicommand.az aks install-cliKubernetes clusters to join as Fleet Manager member clusters must use supported versions of their respective platforms: see AKS cluster version support policy and Azure Arc-enabled Kubernetes validation.
Create a resource group
An Azure resource group is a logical group in which Azure resources are deployed and managed. When you create a resource group, you're prompted to specify a ___location. This ___location is the storage ___location of your resource group metadata and where your resources run in Azure if you don't specify another ___location during resource creation.
Set the Azure subscription and create a resource group using the az group create command.
az account set -s ${SUBSCRIPTION_ID}
az group create --name ${GROUP} --___location ${LOCATION}
The following output example resembles successful creation of the resource group:
{
"id": "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/fleet-demo",
"___location": "<LOCATION>",
"managedBy": null,
"name": "fleet-demo",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null,
"type": "Microsoft.Resources/resourceGroups"
}
Create a Fleet Manager resource
You can create a Fleet Manager at any time, selecting to later add supported Kubernetes clusters as members. When created via the Azure CLI, by default, Fleet Manager enables member cluster grouping and update orchestration. If the Fleet Manager is created with a hub cluster, intelligent Kubernetes object placement and load balancing across multiple member clusters is possible. For more information, see the conceptual overview of fleet types, which provides a comparison of different fleet configurations.
Important
You can change from a Fleet Manager without a hub cluster to one with a hub cluster, but not the reverse. For Fleet Managers with a hub cluster, once private or public access is selected it can't be changed.
If you want to use Fleet Manager only for Kubernetes or node image update orchestration, you can create a Fleet resource without the hub cluster using the az fleet create command.
az fleet create \
--resource-group ${GROUP} \
--name ${FLEET} \
--___location ${LOCATION} \
--enable-managed-identity
Your output should look similar to the following example output:
{
"etag": "...",
"hubProfile": null,
"id": "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/fleet-demo/providers/Microsoft.ContainerService/fleets/fleet-demo",
"identity": {
"principalId": <system-identity-id>,
"tenantId": <entra-tenant-id>,
"type": "SystemAssigned",
"userAssignedIdentities": null
},
"___location": "<LOCATION>",
"name": "fleet-demo",
"provisioningState": "Succeeded",
"resourceGroup": "fleet-demo",
"systemData": {
"createdAt": "2023-11-03T17:15:19.610149+00:00",
"createdBy": "<user>",
"createdByType": "User",
"lastModifiedAt": "2023-11-03T17:15:19.610149+00:00",
"lastModifiedBy": "<user>",
"lastModifiedByType": "User"
},
"tags": null,
"type": "Microsoft.ContainerService/fleets"
}
Join member clusters
Fleet currently supports joining existing AKS clusters or Arc-enabled Kubernetes clusters (Preview) as member clusters.
Set the following environment variables for member clusters:
export MEMBER_NAME_1=flt-member-cluster-1 # For an AKS cluster export MEMBER_CLUSTER_ID_1=/subscriptions/${SUBSCRIPTION_ID}/resourceGroups/${GROUP}/providers/Microsoft.ContainerService/managedClusters/${MEMBER_NAME_1} # For an Arc-enabled cluster export MEMBER_CLUSTER_ID_1=/subscriptions/${SUBSCRIPTION_ID}/resourceGroups/${GROUP}/providers/Microsoft.Kubernetes/connectedClusters/${MEMBER_NAME_1}Join the existing clusters to the Fleet Manager using the
az fleet member createcommand.az fleet member create \ --resource-group ${GROUP} \ --fleet-name ${FLEET} \ --name ${MEMBER_NAME_1} \ --member-cluster-id ${MEMBER_CLUSTER_ID_1}Your output should look similar to the following example output:
{ "clusterResourceId": "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<GROUP>/providers/Microsoft.ContainerService/managedClusters/aks-member-x", "etag": "...", "id": "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<GROUP>/providers/Microsoft.ContainerService/fleets/<FLEET>/members/aks-member-x", "name": "aks-member-1", "provisioningState": "Succeeded", "resourceGroup": "<GROUP>", "systemData": { "createdAt": "2022-10-04T19:04:56.455813+00:00", "createdBy": "<user>", "createdByType": "User", "lastModifiedAt": "2022-10-04T19:04:56.455813+00:00", "lastModifiedBy": "<user>", "lastModifiedByType": "User" }, "type": "Microsoft.ContainerService/fleets/members" }Verify that the member clusters successfully joined the Fleet Manager using the
az fleet member listcommand.az fleet member list \ --resource-group ${GROUP} \ --fleet-name ${FLEET} \ -o tableIf successful, your output should look similar to the following example output:
ClusterResourceId Name ProvisioningState ResourceGroup ----------------------------------------------------------------------------------------------------------------------------------------------- ------------ ------------------- --------------- /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<GROUP>/providers/Microsoft.ContainerService/managedClusters/aks-member-1 aks-member-1 Succeeded <GROUP> /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<GROUP>/providers/Microsoft.ContainerService/managedClusters/aks-member-2 aks-member-2 Succeeded <GROUP> /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<GROUP>/providers/Microsoft.ContainerService/managedClusters/aks-member-3 aks-member-3 Succeeded <GROUP>
Next steps
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
Azure Kubernetes Service