https://qiita.com/dz_/items/508ce475cd267dbd950e
https://stackoverflow.com/questions/47516018/creating-a-kubernetes-cluster-in-azure-fails
上記のエラーが発生したとき、 ${HOME}/.azure/acsServicePrincipal.json がある場合は、すでに Service Principal ができてるようです。
cat ${HOME}/.azure/acsServicePrincipal.json | jq
{
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx": {
"client_secret": "xxxxxxxxxxxxxxxxxxxx",
"service_principal": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
}
Thanks for the feedback. I managed to resolve the issue by deleting my .azure folder and retrying.
According to your error message, please do the follow steps to re-create AKS:
1.Check ${HOME}/.azure/.azure/acsServicePrincipal.json, find the service principal:
[root@jasoncli@jasonye .azure]# pwd
/root/.azure
[root@jasoncli@jasonye .azure]# ls
accessTokens.json acsServicePrincipal.json az.json az.sess azureProfile.json clouds.config config
[root@jasoncli@jasonye .azure]# cat acsServicePrincipal.json
{"5384xxxx-xxx-xxxx-xxxx-xxxxe29axxxx": {"client_secret": "6fc7cdff5eaf0axxxx8f", "service_principal": "6b73deca-xxxx-4a6d-ab54-73963cb78059"}}
2.Use this command to check your Service Principal, make sure the service principal exist or not:
az ad sp show --id <service_principal>
If the service principal not exist, we can follow this article to create it.
If the service principal exist, we can follow specify the service principal and --client-secret to create AKS, like this:
az aks create -g <resource_group>-n <aks name> --node-count 1 --service-principal <service_principal> --client-secret <client_secret> ----generate-ssh-key
Hope this helps.
