How to assign Azure Pod Identity on local kubernetes(k8s) cluster (while developing)

2
votes

I am developing an application which uses Pod Identity to connect to Azure Sql Database.

After deploying it on Azure Kubernetes Service (AKS), POD(application) connects to Azure Sql using PodIdentity (Managed Identity).

How can I assign the same identity to POD while running on my local k8s cluster?

My deployment yaml looks like

kind: Deployment
metadata:
  name: xxx
  labels:
    app: xxx
spec:
  selector:
    matchLabels:
     appName: xxx
  replicas: 1
  template:
    metadata:
      labels:
        appName: xxx
        aadpodidbinding: samplepodidentity
    spec:
      containers:
      - name: xxx
        image: xxx
        env:
        - name: xxx
          value: "xxx"
        - name: UpdateDbTraceEndpoint
          value: "xxx"
        ports:
        - containerPort: 80
1
azurekubernetesazure-akskubernetes-pod
Hi, is it that you want to assign the same managed identity(user or system) that you assigned to a pod in AKS cluster to a pod in local k8s cluster???? Or is it that you want to create a similar type of managed identity in local environment and assign it to a pod in k8s cluster??? Wanted some more clarification on it.KartikBhiwapurkar-MT
@KartikBhiwapurkar-MT doesn't matter if it is same identity or a sepearate Managed identity. whatever the choice is, requirment is to assign Identity to POD running on local K8s cluster so that It can use the identity to autheticate against other Azure resources.Rupesh

1 Answers

0
votes

You can deploy aad-pod-identity on your local cluster using helm or the YAML Deployment files.

The main difference is that you can't use some of the az aks commands and instead perform the steps manually like creating the AzureIdentity resource.

The standard walkthrough doc covers the details.