Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added UI & BiCep update for issue 551. #681

Closed
wants to merge 1 commit into from
Closed

Added UI & BiCep update for issue 551. #681

wants to merge 1 commit into from

Conversation

deepdolphin
Copy link
Contributor

PR Summary

Added UI & Bicep updates to address issue #551. Currently no UI web tests.

PR Checklist

  • PR has a meaningful title
  • Summarized changes
  • This PR is ready to merge and is not Work in Progress
  • Link to a filed issue
  • Screenshot of UI changes (if PR includes UI changes)

@deepdolphin deepdolphin marked this pull request as ready for review February 6, 2024 13:34
@deepdolphin deepdolphin requested a review from mosabami February 6, 2024 13:35
@deepdolphin
Copy link
Contributor Author

deepdolphin commented Feb 6, 2024
edited
Loading

TODO: Discuss how/when we run/fix this.

You will probably receive an error when you try to deploy using this new option because the User Identity that gets created during the running of the main Bicep needs access over the pre-existing User Identity that you want to run the Kublet under. As you don't know the GUID of the new identity, you can't assign it rights over your existing User Identity.

  1. You will need to deploy the template as normal then wait for an error which states that the "Managed Identity Operator" role is missing
  2. Grant the newly created managed identity used by AKS for control plane access (to change the MC_* resource group) the role of "Managed Identity Operator" over the Kublet managed identity.
az role assignment create --assignee '<controlplaneGUID>' --role "Managed Identity Operator" --scope '/subscriptions/<someguid>/resourcegroups/<rgname>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<kubeletidentityname>'
  1. Rerun the deployment template again.

Reference: https://learn.microsoft.com/en-us/azure/aks/use-managed-identity#add-role-assignment

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 8, 2024

PR smells stale, no activity for 30 days. Stale Label will be removed if the PR is updated, otherwise closed in a month.

@github-actions github-actions bot added the stale An issue that hasn't had a lot of love recently label Mar 8, 2024
@github-actions github-actions bot closed this Apr 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mosabami mosabami Awaiting requested review from mosabami

Assignees

@mosabami mosabami

Labels
helper-ui stale An issue that hasn't had a lot of love recently
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@deepdolphin @mosabami