Skip to content

UID2-4751 Add notes about --kubernetes-version #902

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

UID2-4751 Add notes about --kubernetes-version #902

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5c89ac4
Add notes about --kubernetes-version
cYKatherine Jul 1, 2025
926f590
Fix wrong commands
cYKatherine Jul 1, 2025
766a900
Provide separate sed commands for different systems
cYKatherine Jul 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 25 additions & 2 deletions docs/guides/operator-guide-aks-enclave.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -261,7 +261,7 @@ az aks create \
--resource-group ${RESOURCE_GROUP} \
--name ${AKS_CLUSTER_NAME} \
--location ${LOCATION} \
--kubernetes-version 1.29.13 \
--kubernetes-version 1.33 \
--network-plugin azure \
--network-policy calico \
--vnet-subnet-id ${AKS_SUBNET_ID} \
Expand All @@ -277,6 +277,9 @@ az aks create \
--nodepool-name oprnodepool \
--os-sku Ubuntu
```
:::note
Make sure to use the latest supported `--kubernetes-version`, otherwise Long Term Support(LTS) is required to be enabled (See https://learn.microsoft.com/en-us/azure/aks/long-term-support).
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"make sure to" is not grammatical. You could say be sure to... or make sure that you... (plus formatting for URL).

Suggest:

Be sure to use the latest supported Kubernetes version, using the --kubernetes-version flag. If you use an earlier version, you must enable Long Term Support (LTS). For details, see Long-term support for Azure Kubernetes Service (AKS) versions.

:::

#### Get the Principal ID of the Managed Identity

Expand Down Expand Up @@ -361,23 +364,43 @@ After completing the previous steps, follow these steps to update placeholder va
1. Get the managed identity ID by running the following:

```
MANAGED_IDENTITY_ID=$("az identity show --name "${MANAGED_IDENTITY}" --resource-group "${RESOURCE_GROUP}" --query id --output tsv")
MANAGED_IDENTITY_ID=$(az identity show --name "${MANAGED_IDENTITY}" --resource-group "${RESOURCE_GROUP}" --query id --output tsv)
```

2. In the `operator.yaml` file, update `microsoft.containerinstance.virtualnode.identity` with the managed identity ID that was returned:

- For Linux, run:

```
sed -i "s#IDENTITY_PLACEHOLDER#$MANAGED_IDENTITY_ID#g" "operator.yaml"
```

- For MacOS, run:

```
sed -i '' "s#IDENTITY_PLACEHOLDER#$MANAGED_IDENTITY_ID#g" "operator.yaml"
```

3. Update the Vault Key and Secret names with the environment variables:

- For Linux, run:


```
sed -i "s#VAULT_NAME_PLACEHOLDER#$KEYVAULT_NAME#g" "operator.yaml"
sed -i "s#OPERATOR_KEY_SECRET_NAME_PLACEHOLDER#$KEYVAULT_SECRET_NAME#g" "operator.yaml"
sed -i "s#DEPLOYMENT_ENVIRONMENT_PLACEHOLDER#$DEPLOYMENT_ENV#g" "operator.yaml"
```

- For MacOS, run:

```
sed -i '' "s#VAULT_NAME_PLACEHOLDER#$KEYVAULT_NAME#g" "operator.yaml"
sed -i '' "s#OPERATOR_KEY_SECRET_NAME_PLACEHOLDER#$KEYVAULT_SECRET_NAME#g" "operator.yaml"
sed -i '' "s#DEPLOYMENT_ENVIRONMENT_PLACEHOLDER#$DEPLOYMENT_ENV#g" "operator.yaml"
```


#### Deploy Operator

Follow these steps to deploy the Private Operator:
Expand Down