Skip to content

deploy-azure-resources-with-meshery.md

Latest commit

 

History

History
155 lines (108 loc) · 6.58 KB

deploy-azure-resources-with-meshery.md

File metadata and controls

155 lines (108 loc) · 6.58 KB
title Deploy Azure resources with Meshery
description Learn how to deploy and manage Azure resources through Kubernetes with Meshery, utilizing ASO operator to enhance cloud resource management
model azure
params
kind
resources
categories
tutorials
aliases
/kanvas/tutorials/deploy-azure-resources-with-meshery

Introduction

Meshery now supports managing Azure resources declaratively through Kubernetes by integrating with Azure Service Operator (ASO). With this capability, you can visually design, deploy, and manage a variety of Azure resources—such as Storage Accounts, Key Vaults, SQL Servers, and more—directly from Meshery’s UI. In this tutorial, you’ll install the ASO operator (without CRD pattern configurations, as Meshery will handle them), create a Service Principal and a Kubernetes secret with your Azure credentials, and use Meshery to provision Azure resources seamlessly into your subscription.

Prerequisites

Before you begin, ensure you have the following:

  1. Meshery Installed A self-hosted Meshery instance running on your Kubernetes cluster (in-cluster or out-of-cluster).
  2. Kubernetes Cluster A running Kubernetes cluster (v1.16+) with kubectl configured.
  3. Azure Subscription An active Azure subscription where Storage Accounts will be provisioned.
  4. Azure CLI Installed and authenticated (az login) in your local shell.
  5. cert-manager Installed in your Kubernetes cluster (required by Azure Service Operator).

Table of Contents

  1. Create Azure Service Principal

  2. Connect Meshery to Your Cluster

  3. Install Azure Service Operator (Operator Only)

  4. Deploy ASO Operator using Kanvas

  5. Start deploying azure resources in Kanvas

  6. Conclusion

1. Create Azure Service Principal

If you do not already have a Service Principal (SP) for Meshery, create one using the Azure CLI:


az ad sp create-for-rbac -n azure-service-operator --role contributor --scopes /subscriptions/<AZURE_SUBSCRIPTION_ID>

This command outputs the following credentials:

  • appId: Application ID (Client ID)
  • displayName: Service Principal Name
  • name: Azure Service Principal URL
  • password: Client Secret
  • tenant: Tenant ID

To export them, manually enter:


export AZURE_CLIENT_ID=<appId>
export AZURE_CLIENT_SECRET=<password>
export AZURE_TENANT_ID=<tenant>
export AZURE_SUBSCRIPTION_ID=<subscriptionId>

2. Connect Meshery to Your Cluster

If you haven’t already connected your cluster to Meshery, run:


mesheryctl system start

Then open the Meshery UI (default: http://localhost:9081) and ensure your cluster appears under Lifecycle → Connections.

3. Install Azure Service Operator (Operator Only)

Prerequisite

Create a cert-manager that is necessary for deployment of Azure Service operator


kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.14.1/cert-manager.yaml

3.1 Deploy ASO Operator

Apply the official ASO operator manifest (Meshery will manage CRDs):


kubectl apply -f https://github.com/Azure/azure-service-operator/releases/download/v2.13.0/azureserviceoperator_v2.13.0.yaml

3.2 Create Azure Credentials Secret

Azure Service Operator requires a Kubernetes secret with your Azure identity:


kubectl create secret generic azure-credentials --namespace azureserviceoperator-system --from-literal=AZURE_CLIENT_ID=$AZURE_CLIENT_ID --from-literal=AZURE_CLIENT_SECRET=$AZURE_CLIENT_SECRET --from-literal=AZURE_TENANT_ID=$AZURE_TENANT_ID --from-literal=AZURE_SUBSCRIPTION_ID=$AZURE_SUBSCRIPTION_ID

4. Deploy Azure Service Operator using Kanvas

  1. Click Start from template. Start From Template
  2. Search for the Azure Service Operator design. Search Azure Operator
  3. Once found, click on the Azure Service Operator design, after that, click on Clone to add it to your canvas. Clone Azure Operator
  4. Update the secret aso-controller-settings in the design template. The details are also mentioned in the catalog. Configure Secret Settings
  5. Click Actions → Deploy. Deploy Azure Operator

5. Start deployment of Azure resources using Kanvas

  1. Click on Components and start by searching Azure Storage and putting the Storage Account to design area. Select Components Search Storage Account
  2. Configure the Storage Account to fit your needs. Config Storage Account
  3. Click Actions → Deploy. Deploy Storage Account
  4. Azure Portal: Confirm the new Storage Account appears in your specified resource group.

6. Conclusion

You have successfully:

  • Created an Azure Service Principal for Meshery
  • Connected your Kubernetes cluster to Meshery
  • Installed the Azure Service Operator (Meshery managed CRDs)
  • Created a Kubernetes secret for Azure credentials
  • Designed and deployed Azure resources using Meshery’s Kanvas

If you want to learn more about Azure Service Operator, visit the official ASO documentation.