0

I am trying to create an Azure aks cluster using an centos image.

I have created an aks cluster with an ubuntu image.

Searched the internet and did not find anything to indicate that centos was an option.

 resource "azurerm_kubernetes_cluster" "k8s" { name = "${var.aks_name}" location = "${data.azurerm_resource_group.rg.location}" dns_prefix = "${var.aks_dns_prefix}" resource_group_name = "${data.azurerm_resource_group.rg.name}" linux_profile { admin_username = "${var.vm_user_name}" ssh_key { key_data = "${file(var.public_ssh_key_path)}" } } addon_profile { http_application_routing { enabled = false } } agent_pool_profile { name = "agentpool" count = "${var.aks_agent_count}" vm_size = "${var.aks_agent_vm_size}" os_type = "Linux" os_disk_size_gb = "${var.aks_agent_os_disk_size}" vnet_subnet_id = "${data.azurerm_subnet.kubesubnet.id}" }
Improve this question
3
  • Why you need centos? Kubernetes on ubuntu behaves absolutely the same. Commented May 8, 2019 at 17:14
  • We have hardened redhat images. Have you ever needed to change/update the worker node configurations? Commented May 8, 2019 at 20:28
  • for that you cannot use AKS or any other managed Kubernetes. You have to install it and manage yourselves. Commented May 9, 2019 at 2:07

3 Answers 3

Reset to default
2

No, you cannot control vm image used to create AKS. I think AKS-engine works with CoreOS. https://github.com/Azure/aks-engine/issues/541

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

As far as I know you can't change that in Kubernetes managed services. Same applies for GKE and as I see it's the same in EKS.

It's AKS and you need to use custom images, in this case you would have to use cloud VM's in one of the cloud providers (I do not have experience with Azure so I can't say for sure but you can use custom images on AWS - kops and GCP). Also it is worth noting that in GKE you can choose one of 3 node images:

  • Container-Optimized OS from Google
  • Container-Optimized OS with containerd (cos_containerd)
  • Ubuntu

You mentioned that your main focus is security, so you might look closer to Container-Optimized OS from Google:

The Container-Optimized OS node image is based on a recent version of the Linux kernel and is optimized to enhance node security. It is backed by a team at Google that can quickly patch it for security and iterate on features. The Container-Optimized OS image provides better support, security, and stability than other images.

You can read more here.

Improve this answer

Comments

0

I have created a prototype terraform plan which adds Centos Kubernetes workers (as VMSS) to a existing AKS. The protoype is of course opiniated and only supports a specific AKS configuration but it might be a base for other to implement custom workers nodes for AKS

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.