Exercise 1: Create An AKS Cluster

Task 1 - Login into your subscription

  1. Login to Azure.

    az login
    az login

  2. Set the current subscription.

    az account set --subscription "<your subscription name or ID>"
    az account set --subscription "<your subscription name or ID>"

Task 2 - Define variables and create resource group

  1. Select the region closest to your location. Use ‘eastus’ for United States workshops, ‘westeurope’ for European workshops. Ask your instructor for other options in your region.

  2. Set your initials.

    $YOUR_INITIALS="abc"
    YOUR_INITIALS="abc"

  3. Define global variables

    $INITIALS="$($YOUR_INITIALS)".ToLower()
$RESOURCE_GROUP="azure-$($INITIALS)-rg"
$LOCATION="swedencentral"
    INITIALS=$(echo $YOUR_INITIALS | tr '[:upper:]' '[:lower:]')
RESOURCE_GROUP="azure-${INITIALS}-rg"
LOCATION="swedencentral"

  4. Set the VM SKU

    $VM_SKU="Standard_D4s_v5"
    VM_SKU="Standard_D4s_v5"

Task 3 - Create resource group and a basic cluster using Azure CLI

  1. Create Resource Group.

    az group create --location $LOCATION `
                --resource-group $RESOURCE_GROUP
    az group create --location $LOCATION \
                --resource-group $RESOURCE_GROUP

  2. Define variables for AKS cluster.

    $AKS_NAME="aks-$($INITIALS)"
Write-Host "AKS Cluster Name: $AKS_NAME"
    AKS_NAME="aks-${INITIALS}"
echo "AKS Cluster Name: $AKS_NAME"

  3. Create a simple AKS cluster.

    az aks create --node-count 2 `
                --generate-ssh-keys `
                --node-vm-size $VM_SKU `
                --name $AKS_NAME  `
                --enable-addons monitoring,azure-keyvault-secrets-provider `
                --enable-gateway-api `
                --enable-app-routing-istio `
                --network-plugin azure `
                --network-plugin-mode overlay `
                --pod-cidr 192.168.0.0/16 `
                --network-dataplane cilium `
                --resource-group $RESOURCE_GROUP `
                --location $LOCATION
    az aks create --node-count 2 \
                --generate-ssh-keys \
                --node-vm-size $VM_SKU \
                --name $AKS_NAME \
                --enable-addons monitoring,azure-keyvault-secrets-provider \
                --enable-gateway-api \
                --enable-app-routing-istio \
                --network-plugin azure \
                --network-plugin-mode overlay \
                --pod-cidr 192.168.0.0/16 \
                --network-dataplane cilium \
                --resource-group $RESOURCE_GROUP \
                --location $LOCATION

    The creation process will take able 5-10 minutes.

    Info

    This command enables the Application Routing Add-on with the Gateway API (--enable-app-routing-istio) along with the Managed Gateway API CRDs (--enable-gateway-api). This is the recommended managed ingress option and the successor to the older managed Nginx add-on, which loses Azure support after November 2026. You will use it in Exercise 7 . This requires azure-cli version 2.86.0 or higher — run az version to check and az upgrade if needed.

  4. Once complete, connect the cluster to your local client machine.

    az aks get-credentials --name $AKS_NAME `
                        --resource-group $RESOURCE_GROUP
    az aks get-credentials --name $AKS_NAME \
                        --resource-group $RESOURCE_GROUP

  5. Confirm the connection to the cluster.

    kubectl get nodes
    kubectl get nodes

This should return a list of nodes similar to the one below:

Node List Node List