Problem #1:
I'm trying out 3-exercise-create-resources and I use this command:
az aks create --resource-group $RESOURCE_GROUP \
--name $AKS_CLUSTER_NAME \
--node-count 3 \
--generate-ssh-keys \
--node-vm-size Standard_B2s \
--enable-managed-identity \
--location eastus \
--enable-addons http_application_routing
I get this error after having carefully followed the instructions in the learn module prior to the az aks create command...
(RequestDisallowedByPolicy) Provisioning of resource(s) for container service ship-manager-cluster in resource group learn-8ab97542-bdf0-444f-a376-c8e6102b5d83 failed. Message: Resource 'aks-nodepool1-36819531-vmss' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"containers-assignment","id":"/providers/Microsoft.Management/managementGroups/eab64c3d-95b6-9f1f-755f-9f8578c31e45/providers/Microsoft.Authorization/policyAssignments/containers-assignment"},"policyDefinition":{"name":"Allowed resource types","id":"/providers/Microsoft.Authorization/policyDefinitions/a08ec900-254a-4555-9bf5-e42af04b5c5c"},"policySetDefinition":{"name":"containers-initiative","id":"/providers/Microsoft.Management/managementGroups/learn-sandbox-prod/providers/Microsoft.Authorization/policySetDefinitions/containers-initiative"},"policyDefinitionReferenceId":"allowed-resource-types_1"}]'.. Details:
Code: RequestDisallowedByPolicy
Message: Provisioning of resource(s) for container service ship-manager-cluster in resource group learn-8ab97542-bdf0-444f-a376-c8e6102b5d83 failed. Message: Resource 'aks-nodepool1-36819531-vmss' was disallowed by policy. Policy identifiers: '[{"policyAssignment":{"name":"containers-assignment","id":"/providers/Microsoft.Management/managementGroups/eab64c3d-95b6-9f1f-755f-9f8578c31e45/providers/Microsoft.Authorization/policyAssignments/containers-assignment"},"policyDefinition":{"name":"Allowed resource types","id":"/providers/Microsoft.Authorization/policyDefinitions/a08ec900-254a-4555-9bf5-e42af04b5c5c"},"policySetDefinition":{"name":"containers-initiative","id":"/providers/Microsoft.Management/managementGroups/learn-sandbox-prod/providers/Microsoft.Authorization/policySetDefinitions/containers-initiative"},"policyDefinitionReferenceId":"allowed-resource-types_1"}]'.. Details:
Problem #2 (Added Sat May 28 2022):
When I proceed using my own personal account I can create the cluster and then proceed to creating the Ingress network for the back end with this command:
kubectl apply -f backend-network.yaml
I get this error:
Error: resource mapping not found for name: "ship-manager-backend" namespace: "" from "backend-network.yaml": no matches for kind "Ingress" in version "networking.k8s.io/v1beta1"
Aw shucks... the tutorial is broken again...
After some bing/google searching I see that v1beta1 is old. I tried using /v1 instead of /v1beta but this did not help.
I would love to see this tutorial work again because it is much simpler than the Ingress I use now where I explicitly create a public IP address and explicitly apply a letsencrypt certificate (much more code!).