Azure Kubernetes setup
I'm putting this here to help others and also have something to reference later in case I have to re do the work!
So I've been through the process of setting up the SCIM bridge recently and found that by default Azure will not let you select the B2s at cluster creation and the lowest you can select is B4ms.
The cost of the B4ms is £87.60 for a single VM without storage costs which is above what we wanted to pay for a user sync solution.
We found that once the cluster was created we could edit the VM size down to a B2s, change the cluster size to 2, let the VM initialize and then turn off the B4 VM and reduce the nodes back to 1. This reduced the VM cost down to £21.83.
What we then found was the OS disk was using a premium SSD (as donated by the s in B2s) and was 128GB. This was then going to cost us £17.69 a month. As I hadn't deleted the previous VM it was actually going to cost us £35 as we had two disks. Removing the first B4 VM removed the extra cost. The £17.69 was, again, more than we wanted to pay for a user sync service. I could find a way of changing the OS disk type from premium disks to standard which would drop the cost to £7.84 nor could I find a way of shrinking the OS disk once it had been created. Shrinking the disk to the minimum 30GB size would result in a monthly cost of £4.74 even on the premium SSDs!
Then the load balancer that sits in front of the cluster was going to cost another £13~ a month. This defaults to 'standard' and I couldn't find a way of changing this but, to be fair, I didn't waste a lot of time looking. The 'Basic' SKU is free to use and as far as I can see works fine.
This brought the total cost of the SCIM bridge to around £50 a month.
I went searching around to see if the price of this could be reduced and from what I did find the cluster HAS to be created with the correct settings from the start. I found this site VERY useful in creating the best priced cluster and once the cluster was created the rest of the instructions from 1Password worked as expected.
I highly suggest reading though the link above but I will summarize here:
- The B2s VM can be selected when creating the cluster using the CLI but not in the GUI
- The load balancer can be set to 'Basic' which is free!
- The disk defaults to 128GB, the minimum is 30GB so selecting 32GB seems to work just fine.
- The B2s defaults to premium SSD, I still don't know how to change this.
So with the above, when you get to step 3 on this page don't follow the instructions and use the GUI, use the CLI with the following commands:
az login az aks create -n CLUSTERNAMEHERE \ --node-count 1 \ --node-vm-size Standard_B2s \ --load-balancer-sku basic \ --node-osdisk-size 32
I actually had to specify my subscription and resource group I wanted to use as we have multiple subscriptions and resource groups. I also had to specify the command --generate-ssh-keys as I didn't have a private key already set.
So my command looked like this:
az login az aks create -n CLUSERNAMEHERE --subscription SUBNAMEHERE --resource-group RESOURCEGROUPHERE --node-count 1 --node-vm-size Standard_B2s --load-balancer-sku basic --node-osdisk-size 32 --generate-ssh-keys
This has resulted in a SCIM bridge costing around 90p a day, much more manageable! This could probably be reduced if the VM was only turned on when the Azure provisioning is due to run OR if the bridge was only turned on for an hour or 2 in the morning and evening but I haven't gone that far into it yet. I'm not sure that the Azure Enterprise App provisioning will recover on it's own if the bridge isn't available for hours on end.
TL;DR - the default Azure pricing will set you back around £100/m if you create the cluster via the GUI. You can edit the GUI created cluster but you will still be stuck with a load balancer costing £13 and 128GB Premium SSD for the OS disk costing £17. Creating the cluster via the GUI with the above commands will result in the cheap VM being used from the start, no Load Balancer cost and a 32GB Premium SSD costing £4 instead.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided