ZacaryFettig

Algorithmic Trading: Azure GUI Deployment

Summary

Guide walking set by step through configuring a new AKS Cluster and project resources through the Azure GUI. The public load balancer is auto created during the AKS config. The virtual network that Kubernetes connects into is configured during AKS Resource creation. The public load balancer for the cluster is auto created. These instructions go through creating all the Azure Infrastructure resources for this project.

Create the main resource group for project resources

  1. Search for resource group in Azure to create a new resource group and complete configuration wizard. Select subscription, region, and name the group.

 

Creation of the AKS Cluster Resource

  1. Select  the create button and select Kubernetes Cluster to start configuration.  
  2. Select subscription, resource group, and cluster preset configuration. The picture below provide more insight into the different options listed for selecting a cluster preset option. 
  3. Create a name for the cluster and select the region. Fleet manager is helpful for managing multiple clusters, but isn’t needed for this project. Select your availability zone preference. The picture below the configuration screenshot will give more information on the different pricing tiers to choose from.  
  4. Select cluster upgrade schedule or disable automatic updates. Below the upgrade scheduling options, Select an option for authentication. This section provides options for how other Azure resources are able to authenticate with the cluster.   
  5. Configure node pools. One default node pool is auto created and more can be configured. The size of the nodes can be configured. The max amount of pods per a node, OS, auto/manual scaling can be configured along with many of the other node settings by selecting the node pool. Creating a new node pool goes through the same configuration options.   
  6. On the networking tab, enable private cluster. Private cluster doesn’t change node access to the internet, but it does close of the control plane endpoint from internet, which, leaves the cluster vulnerable to potential exploits that can access the control plane and take control of the cluster.    
  7. Enable vnet integration by selecting bring your own Azure Virtual Network. It will make the connection to the vnet so that the cluster can communicate with other Azure Resources within the vnet.   
  8. On the Integrations page, keep everything default.  The wizard provides integration with Azure Container Registry for easy deployment of container images. Azure also provides a managed instance of Istio that can be auto deployed to the cluster when checked. Enabling Azure Policy can provide standardization across configuration settings and can audit/block settings compliance.   
  9. On the Monitoring tab, deselect Prometheus. Managed Prometheus and Grafana can be activated in the menu or deployed manually through Kubernetes. In this project Kibana will be used for cluster and application logging.

  10.  On the Security tab, check the box next to Azure Key Vault. It will allow Azure Key Vault to become accessible within the cluster.

  11. On the advanced tab, keep the settings as default and select next.

  12. Add tags for the resource, if desired and continue to review + create.

  13. review + Create

  14. Task completed for creating an AKS Cluster Resource.

Azure Managed Disk creation for Kubernetes persistent storage

  1. Select create to start the wizard. Select the subscription. The resource group will be a special resource group that was created by Azure automatically during the cluster creation. The resource group starts with the capital letters MC. This is an Azure managed resource group that in most cases the existing resources should not be modified directly and instead through the AKS Configuration Page. Although, it is safe to add the managed disk resource to this group of similar resources. Name the disk, select the region, availability zones, and size. Leave source type as none.

  2. On the encryption page, leave the default for key management.

  3. On the networking tab, change network access to disable public access and enable private access. Select create new next to disk access.
     
  4. Select the same resource group and use the same disk name under instance details. Select add under private endpoint.
     
  5. Creating the private endpoint, select the subscription, the same resource group, location, and give the private endpoint a name. Select the virtual network and subnet that the private endpoint will be deployed to. Select the vnet where Kubernetes connects to as specified previously during the cluster config. Leave the dns settings as default.

  6. Select next on the advanced page

  7. Select Next on the tag page to continue onto the final review page. Select create on that next page to kick off deployment.

  8. Completion of Managed Disk Resource creation. Later the disk will be attached to the cluster through Kubernetes yaml configuration.

End of creation for Azure Project Infrastructure

Previous
© 2023 All Rights Reserved.
Email: zacaryfettig@gmail.com
Write me a message
Write me a message

    * I promise the confidentiality of your personal information