Skip to content

Commit 69253aa

Browse files
NickomangNickomang
committed
added note on mitigating already generated SSH keys
1 parent 4fbc0c9 commit 69253aa

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

articles/aks/tutorial-kubernetes-deploy-cluster.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ AKS clusters can use [Kubernetes role-based access control (Kubernetes RBAC)][k8
3636

3737
To learn more about AKS and Kubernetes RBAC, see [Control access to cluster resources using Kubernetes RBAC and Azure Active Directory identities in AKS][aks-k8s-rbac].
3838

39+
3940
### [Azure CLI](#tab/azure-cli)
4041

4142
Create an AKS cluster using [`az aks create`][az aks create]. The following example creates a cluster named *myAKSCluster* in the resource group named *myResourceGroup*. This resource group was created in the [previous tutorial][aks-tutorial-prepare-acr] in the *eastus* region. The AKS cluster will also be created in the *eastus* region.
@@ -53,6 +54,9 @@ az aks create \
5354
--attach-acr <acrName>
5455
```
5556

57+
> [!NOTE]
58+
> If you've already generated SSH keys, you may encounter an error similar to `linuxProfile.ssh.publicKeys.keyData is invalid`. To proceed, retry the command without the `--generate-ssh-keys` parameter.
59+
5660
### [Azure PowerShell](#tab/azure-powershell)
5761

5862
Create an AKS cluster using [`New-AzAksCluster`][new-azakscluster]. The following example creates a cluster named *myAKSCluster* in the resource group named *myResourceGroup*. This resource group was created in the [previous tutorial][aks-tutorial-prepare-acr] in the *eastus* region. The AKS cluster will also be created in the *eastus* region.
@@ -65,6 +69,9 @@ To allow an AKS cluster to interact with other Azure resources, a cluster identi
6569
New-AzAksCluster -ResourceGroupName myResourceGroup -Name myAKSCluster -NodeCount 2 -GenerateSshKey -AcrNameToAttach <acrName>
6670
```
6771

72+
> [!NOTE]
73+
> If you've already generated SSH keys, you may encounter an error similar to `linuxProfile.ssh.publicKeys.keyData is invalid`. To proceed, retry the command without the `-GenerateSshKey` parameter.
74+
6875
---
6976

7077
To avoid needing an **Owner** or **Azure account administrator** role, you can also manually configure a service principal to pull images from ACR. For more information, see [ACR authentication with service principals](../container-registry/container-registry-auth-service-principal.md) or [Authenticate from Kubernetes with a pull secret](../container-registry/container-registry-auth-kubernetes.md). Alternatively, you can use a [managed identity](use-managed-identity.md) instead of a service principal for easier management.

0 commit comments

Comments
 (0)