34 C
Thursday, May 23, 2024

az terraform git kubectl cheat sheet

To log in to the az module

az login

To List Available Subscriptions –

az account list -o table --all

you can see az login is going to a default subscription

To Set a Specific Subscription, copy the subscription ID and set it.

az account set --subscription e08f63cf-xxxx-44e3-ba41-xxxxxxx

If you wish to get into a specific tenant

az login --tenant xxxTenantxIDxxxxxxxxx

Creating a test resource group using az command in UAE north for example –

az group create -n $RESOURCEGROUP -l uaenorth

Login to test aks cluster for example

az aks get-credentials --admin --name akscluster --resource-group testaks

To get nodes / pods / describe the pod / get services

kubectl get nodes
kubectl get pods
kubectl describe pods
kubectl get services

Test asp net app YAML file with the integrated application gateway

 kubectl apply -f https://raw.githubusercontent.com/Azure/application-gateway-kubernetes-ingress/master/docs/examples/aspnetapp.yaml 

Yaml file backup

apiVersion: v1
kind: Pod
name: aspnetapp
app: aspnetapp
- image: "mcr.microsoft.com/dotnet/core/samples:aspnetapp"
name: aspnetapp-image
- containerPort: 80
protocol: TCP


apiVersion: v1
kind: Service
name: aspnetapp
app: aspnetapp
- protocol: TCP
port: 80
targetPort: 80


apiVersion: extensions/v1beta1
kind: Ingress
name: aspnetapp
kubernetes.io/ingress.class: azure/application-gateway
- http:
- path: /
serviceName: aspnetapp
servicePort: 80

To get inside Pod

kubectl exec -it aspnetapp -- /bin/bash

To delete the pod

kubectl delete pods

az login via proxy


Git to work via proxy –

git config --global http.proxy
git config --global user.name "Sathesh Manoharan"
git config --global user.email info@localhost

Terraform Init

Init – Run from ACF Folder – PS C:\repo\ACF> when your main.tf file is

terraform init .\Workloads\subs-conn-prod\infrastructure\1.0\

Plan from workspace folder – C:\repo\workspaces>

terraform plan -out plan.tfplan -var-file ..\ACF\Workloads\subs-prod\infrastructure\1.0\input_variables.tfvar ..\ACF\Workloads\subs-prod\infrastructure\1.0\

Git Sample commands –

git pull
git add * or git add.
git commit
git push

To use a remote state from local computer

terraform {
backend "azurerm" {
resource_group_name = "az-azure365pro-iac-rg"
storage_account_name = "azazure365proiacsta"
container_name = "subs-prod"
key = "infrastructure-sub-prod.tfstate"
access_key = "9qyXAiYxxxxxxxxxxxeirLlKBXCZ3PAlKnuXYYxxxxxxxxxxxxxSphy+pj6fCMP2QSLaDfmuY1f2T0BjgQ=="

Key Vault Secret Config using AZ commands

az keyvault secret set --vault-name az-azure365pro-tf-kv --name sp-client-id --value xxxxx-19e2-4b37-bd22-48d364a7ab80
az keyvault secret set --vault-name az-azure365pro-tf-kv --name sp-client-secret --value xxxxxxxx~~hKZMB6Wa0j0xxx.1OCts65
az keyvault secret set --vault-name az-azure365pro-tf-kv --name sp-tenant-id --value xxxxxxx-9352-4fa4-xxxx-112da2837c29
az keyvault secret set --vault-name az-azure365pro-tf-kv --name sp-subscription-id --value xxxxxx-b524-46f9-aa1a-3c583ee00d65</pre>

az keyvault secret set --vault-name az-azure365pro-tf-kv --name sp-key-1 --value xxxxxx-b524-46f9-aa1a-xxxxxxxxx
az keyvault secret set --vault-name az-azure365pro-tf-kv --name sp-key-2 –value xxxxxxxxxxxxxxxxxxxxMirqY58sJAdB0bwFLPogQt/95cWWPnbwnpCbYtUnvxMYJ+c/Q==

Storage Accounts Recommended Configuration –

  • Turn ON No Delete locks
  • Turn ON Versioning
  • Turn on Soft delete for 60 days
  • Turn on Point in time restore for containers

To Get an Image list from azure to update terraform script with appropriate sku and offer.

az vm image list

To Get VM Size list from azure to update terraform script with appropriate sizing.

az vm list-sizes --location eastus -o table

To Get Windows 10/11 Image list

az vm image list --publisher "MicrosoftWindowsDesktop" -o table --all

Terraform check state list and remove something from the state for example.

terraform state list     
terraform state rm azurerm_virtual_machine.main

Installing Docker CLI

choco install docker-cli -y

Installing docker desktop

choco install docker-desktop


aws configure / Get access key from AWS Users

You can use AWS Provider.


Pushing docker image to aks from Azure Container Registry

az login
az acr login --name az365propreusacr
docker build -t sampledocx .
docker tag sampledocx az365propreusacr.azurecr.io/sampledocx:v2
docker push az365propreusacr.azurecr.io/sampledocx:v2
kubectl apply -f sampledocx.yaml
kubectl get pods -n document-processing
kubectl describe pods sampledocx-deployment-6b98886447-n4g2m
kubectl exec -n document-processing -it sampledocx-deployment-6b98886447-n4g2m -- sh
ps aux

Some more docker commands

az login
az acr login --name az365propreusacr
docker build -t azsaferpruksacr.azurecr.io/safer-ar-fe:latest .
docker push azsaferpruksacr.azurecr.io/safer-ar-fe

docker build .  
docker compose up

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles


Please enter your comment!
Please enter your name here

× How can I help you?