Terraform will create the roles.
az ad sp creates the accounts and assign the roles.
Do not forget to save account credits.
cd init
terraform init
terraform apply
az ad sp create-for-rbac --name "kubernetes-csi" --role kubernetes-csi --scopes="/subscriptions/<subscription-id>" --output json
az ad sp create-for-rbac --name "kubernetes-node-autoscaler" --role kubernetes-node-autoscaler --scopes="/subscriptions/<subscription-id>" --output json
# add aadClientId,aadClientSecret to the file _cfgs/azure.json, andd apply it
kubectl -n kube-system create secret generic azure-cluster-autoscaler --from-file=azure.json=_cfgs/azure.json
kubectl -n kube-system create secret generic azure-csi --from-file=azure.json=_cfgs/azure.json- terraform
- talosctl
- kubectl
- yq
- Azure CCM
- Azure CSI
- Azure Node AutoScaler
- cilium 1.12.5
- metrics-server 0.5.0
- rancher.io/local-path 0.0.19
- ingress-nginx 4.4.2
- CSI controller needs a region name. And I think this can affect multi region setup. The half solution is using the node identity method, and receiving the region name from the meta server.