diff --git a/10.-Setting-the-solution-up-in-AKS-(Azure-Kubernetes-Service).md b/10.-Setting-the-solution-up-in-AKS-(Azure-Kubernetes-Service).md index 45e4e55..da96844 100644 --- a/10.-Setting-the-solution-up-in-AKS-(Azure-Kubernetes-Service).md +++ b/10.-Setting-the-solution-up-in-AKS-(Azure-Kubernetes-Service).md @@ -88,39 +88,6 @@ After a successful execution you can check the AKS Kubernetes cluster in Azure p ![image](https://user-images.githubusercontent.com/1712635/40206473-10327e02-59e5-11e8-90d6-d1fcfaa9b4a4.png) -## Important: Store your credentials/secrets for Kubernetes and ACR in a safe place! - -The script and Azure CLI create all the infrastructure very easily. However, if you want to re-use the same Kubernetes credentials or re-use the same Azure ACR registry, it is important that you store your credentials in a safe place. - -## Kubernetes credentials (SSH RSA keys and service principal) - -**Make sure you store the SSH RSA keys and service principal to connect in a safe place** -If you use a new client PC/machine, you will need these keys in order to be able to connect to the same cluster. - -**IMPORTANT**: When you created the Kubernetes cluster with the script provided by eShopOnContainers or by using the command `az aks create --resource-group myResourceGroup --name myAKSCluster --node-count 1 --generate-ssh-keys`, it generated the SSH RSA keys and service principal for the Kubernetes cluster. - -Those keys were stored in the client PC used when you created the cluster and you definitely need those in order to connect to the cluster. If you are going to connect to the cluster from the same machine, it'll work directly because the keys are already there. But if you try to connect to the cluster from a different client machine, you'll need to copy the SSH RSA keys and the service principal to that new client machine. - -The SSH RSA private key file and the corresponding public key files generated when you created the cluster are stored in the folder at the client machine you used. - -![image](https://user-images.githubusercontent.com/1712635/40208137-edd265ae-59ec-11e8-8f3c-17d8db752afb.png) - -The service principal credentials are written to the file ~/.azure/aksServicePrincipal.json on the client machine you used, as shown in the image below. - -![image](https://user-images.githubusercontent.com/1712635/40208069-a47ef962-59ec-11e8-9b55-c1edb71674a8.png) - -It is critical that you copy and store those files above in a secure place so you can re-used them in the future in other additional client machines. -If you are trying to connect from a new client machine, then, copy those files into the same folder paths before trying to connect to the Kubernetes cluster. - -For further info about SSH RSA keys, see these links: - -https://docs.microsoft.com/en-us/azure/virtual-machines/linux/ssh-from-windows - -https://docs.microsoft.com/en-us/azure/virtual-machines/linux/troubleshoot-ssh-connection - -## ACR credentials - -TBD # Check your Kubernetes Cluster Dashboard @@ -156,6 +123,45 @@ You should see the Kubernetes dashboard, similar to the following screenshot if ![image](https://user-images.githubusercontent.com/1712635/40207519-c6c2e4e6-59e9-11e8-8f9e-60f6a15ef3ab.png) +## Important: Store your credentials/secrets for Kubernetes and ACR in a safe place! + +The script and Azure CLI create all the infrastructure very easily. However, if you want to re-use the same Kubernetes credentials or re-use the same Azure ACR registry, it is important that you store your credentials in a safe place. + +### Kubernetes credentials (SSH RSA keys and service principal) + +**Make sure you store the SSH RSA keys and service principal to connect in a safe place** +If you use a new client PC/machine, you will need these keys in order to be able to connect to the same cluster. + +**IMPORTANT**: When you created the Kubernetes cluster with the script provided by eShopOnContainers or by using the command `az aks create --resource-group myResourceGroup --name myAKSCluster --node-count 1 --generate-ssh-keys`, it generated the SSH RSA keys and service principal for the Kubernetes cluster. + +Those keys were stored in the client PC used when you created the cluster and you definitely need those in order to connect to the cluster. If you are going to connect to the cluster from the same machine, it'll work directly because the keys are already there. But if you try to connect to the cluster from a different client machine, you'll need to copy the SSH RSA keys and the service principal to that new client machine. + +The SSH RSA private key file and the corresponding public key files generated when you created the cluster are stored in the folder at the client machine you used. + +![image](https://user-images.githubusercontent.com/1712635/40208137-edd265ae-59ec-11e8-8f3c-17d8db752afb.png) + +The service principal credentials are written to the file ~/.azure/aksServicePrincipal.json on the client machine you used, as shown in the image below. + +![image](https://user-images.githubusercontent.com/1712635/40208069-a47ef962-59ec-11e8-9b55-c1edb71674a8.png) + +It is critical that you copy and store those files above in a secure place so you can re-used them in the future in other additional client machines. +If you are trying to connect from a new client machine, then, copy those files into the same folder paths before trying to connect to the Kubernetes cluster. + +For further info about SSH RSA keys, see these links: + +https://docs.microsoft.com/en-us/azure/virtual-machines/linux/ssh-from-windows + +https://docs.microsoft.com/en-us/azure/virtual-machines/linux/troubleshoot-ssh-connection + +### ACR credentials + +In order to see your ACR credentials type: + +`az acr credential show -n YoureShopAcrRegistry` + +![image](https://user-images.githubusercontent.com/1712635/40208468-ca5ce9d0-59ee-11e8-9281-29d232a18cf2.png) + +Keep those credentials in a safe place. # Deploy the eShopOnContainers application into the Kuberentes cluster with the deployment script