Encrypt an Azure storage account
Secure your Azure cloud data by enabling Azure storage encryption for data at rest, using Encryption Key Management. Configuring this feature for your DuploCloud Infrastructure enables you to specify customer-managed keys or customer-provided keys for your existing Blob storage.
In the DuploCloud Portal, navigate to Administrator -> System Settings.
Click the System Config tab.
In the System Configs area, click Add. The Add Config pane displays.
From the Config Type list box, select Flags.
From the Key list box, select Enable Storage Account Infra Encryption.
From the Value list box, select true.
Click Submit.
The Key/Value pair configuration is displayed in the System Configs area.
Enable Azure Kubernetes Service (AKS) to connect with Azure
Once your Infrastructure and Plan have been created, the final step before creating a Tenant is to enable Azure Kubernetes Service (AKS) to connect with Azure cloud management.
In the DuploCloud Portal, navigate to Administrator -> Infrastructure.
Select the Infrastructure that you created, in the NAME column of the Infrastructure page.
Click the Kubernetes tab. The following message displays: Kubernetes cluster is not yet enabled. Click Here to enable the Kubernetes Cluster.
Click on the Click Here hyperlink. The Configure AKS Cluster pane displays.
Accept the default values and click Create to enable the AKS service for your Infrastructure.
DuploCloud begins creating and configuring an AKS cluster using Kubernetes. You receive an alert message when the Infrastructure has been updated.
It may take some time for enablement to complete. Use the Kubernetes card in the Infrastructure screen to monitor the status, which should display as Enabled when completed. You can also monitor progress by using the Kubernetes tab, as DuploCloud generates your Cluster Name, Default VM Size, Server Endpoint, and Token.
How Infrastructures and Plans work together to create a VPC
Infrastructures are abstractions that allow you to create a Virtual Private Cloud (VPC) instance in the DuploCloud Portal. When you create an Infrastructure, a Plan is automatically generated to supply the network configuration necessary for your Infrastructure to run.
DuploCloud creates a VNET with a default subnet and a default Network Security Group (NSG). The creation of an Infrastructure takes about ten (10) minutes.
When you create a DuploCloud Infrastructure, you create an isolated environment that maps to a Kubernetes cluster.
In DuploCloud, an Infrastructure maps one-to-one to a VPC in a specified region. It also maps to an Azure Managed Kubernetes Service cluster that you use for container orchestration.
When creating an Infrastructure, you specify the number of availability zones, the region, VPC Classless Inter-Domain Routing (CIDR), and a subnet mask. DuploCloud creates two subnets in each availability zone, one private and one public, and sets up routes and a NAT gateway.
Create a DuploCloud Infrastructure in the DuploCloud Portal:
Select Administrator -> Infrastructure from the navigation menu.
Click Add.
Define the Infrastructure by completing the fields on the Add Infrastructure form.
Click Create. The Infrastructure is created and is listed on the Infrastructure page.
To enable an AKS cluster for Azure, follow these steps.
Up to one instance (0 or 1) of an AKS is supported for each DuploCloud Infrastructure.
When you create the Infrastructure, DuploCloud creates the following components:
VPC with 2 subnets (private, public) in each availability zone
Required security groups
NAT Gateway
Internet Gateway
Route tables
VPC peering with the master VPC, which is initially configured in DuploCloud
Cloud providers limit the number of Infrastructures that can run in each region. If you have completed the steps to create an Infrastructure and it doesn't show a Status of Complete, try selecting a different region.
You can choose to encrypt your Azure storage account by configuring a Key/Value pair in the Infrastructure.
Once the Infrastructure is created, a Plan (with the same Infrastructure name) is automatically created and populated with the Infrastructure configuration. The Plan is used to create Tenants.
Connect to the Cluster namespace using the kubectl token.
DuploCloud provides a way to connect directly to the Cluster namespace using the kubectl
token.
See for available options.
Upgrade the Azure Kubernetes Service (AKS) version
Microsoft frequently updates the version of AKS based on new features that are available in the Kubernetes platform.
DuploCloud pushes AKS upgrades to the DuploCloud Portal code, but we request that you contact the DuploCloud Support staff on your Slack channel or by email when upgrading, for the moment.
In future releases, this upgrade will be available for customers to install.