You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-arc/kubernetes/faq.md
+33-3Lines changed: 33 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -61,9 +61,9 @@ If the value of `managedIdentityCertificateExpirationTime` indicates a timestamp
61
61
> [!NOTE]
62
62
> `az connectedk8s delete` will also delete configurations and cluster extensions on top of the cluster. After running `az connectedk8s connect`, recreate the configurations and cluster extensions on the cluster, either manually or using Azure Policy.
63
63
64
-
## If I am already using CI/CD pipelines, can I still use Azure Arc-enabled Kubernetes and configurations?
64
+
## If I am already using CI/CD pipelines, can I still use Azure Arc-enabled Kubernetes or AKS and GitOps configurations?
65
65
66
-
Yes, you can still use configurations on a cluster receiving deployments via a CI/CD pipeline. Compared to traditional CI/CD pipelines, configurations feature two extra benefits:
66
+
Yes, you can still use configurations on a cluster receiving deployments via a CI/CD pipeline. Compared to traditional CI/CD pipelines, GitOps configurations feature some extra benefits:
67
67
68
68
**Drift reconciliation**
69
69
@@ -73,10 +73,40 @@ The CI/CD pipeline applies changes only once during pipeline run. However, the G
73
73
74
74
CI/CD pipelines are useful for event-driven deployments to your Kubernetes cluster (for example, a push to a Git repository). However, if you want to deploy the same configuration to all of your Kubernetes clusters, you would need to manually configure each Kubernetes cluster's credentials to the CI/CD pipeline.
75
75
76
-
For Azure Arc-enabled Kubernetes, since Azure Resource Manager manages your configurations, you can automate creating the same configuration across all Azure Arc-enabled Kubernetes resources using Azure Policy, within scope of a subscription or a resource group. This capability is even applicable to Azure Arc-enabled Kubernetes resources created after the policy assignment.
76
+
For Azure Arc-enabled Kubernetes, since Azure Resource Manager manages your configurations, you can automate creating the same configuration across all Azure Arc-enabled Kubernetes and AKS resources using Azure Policy, within scope of a subscription or a resource group. This capability is even applicable to Azure Arc-enabled Kubernetes and AKS resources created after the policy assignment.
77
77
78
78
This feature applies baseline configurations (like network policies, role bindings, and pod security policies) across the entire Kubernetes cluster inventory to meet compliance and governance requirements.
79
79
80
+
**Cluster compliance**
81
+
82
+
The compliance state of each GitOps configuration is reported back to Azure. This lets you keep track of any failed deployments.
83
+
84
+
## Error installing the microsoft.flux extension (Flux v2)
85
+
86
+
The `microsoft.flux` extension installs the Flux controllers and Azure GitOps agents into your Azure Arc-enabled Kubernetes or AKS clusters. If you experience an error during installation below are some troubleshooting actions.
87
+
88
+
* Error message
89
+
90
+
```console
91
+
{'code':'DeploymentFailed','message':'At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.','details':[{'code':'ExtensionCreationFailed','message':' Request failed to https://management.azure.com/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP>/providers/Microsoft.ContainerService/managedclusters/<CLUSTER_NAME>/extensionaddons/flux?api-version=2021-03-01. Error code: BadRequest. Reason: Bad Request'}]}
92
+
```
93
+
94
+
* For AKS cluster, assure that the subscription has the following feature flag enabled: `Microsoft.ContainerService/AKS-ExtensionManager`.
95
+
96
+
```console
97
+
az feature register --namespace Microsoft.ContainerService --name AKS-ExtensionManager
98
+
```
99
+
100
+
* Force delete the extension.
101
+
102
+
```console
103
+
az k8s-extension delete --force -g <RESOURCE_GROUP> -c <CLUSTER_NAME> -n flux -t <managedClusters OR connectedClusters>
104
+
```
105
+
106
+
* Assure that the cluster does not have any policies that restrict creation of the `flux-system` namespace or resources in that namespace.
107
+
108
+
After you have verified the above, you can re-install the extension.
109
+
80
110
## Does Azure Arc-enabled Kubernetes store any customer data outside of the cluster's region?
81
111
82
112
The feature to enable storing customer data in a single region is currently only available in the Southeast Asia Region (Singapore) of the Asia Pacific Geo and Brazil South (Sao Paulo State) Region of Brazil Geo. For all other regions, customer data is stored in Geo. For more information, see [Trust Center](https://azure.microsoft.com/global-infrastructure/data-residency/).
0 commit comments