Closed NitroAMD closed 2 months ago
vrapolinario
commented
1 year ago Thanks for opening this. Can you please clarify: The purpose of the PS module is so the user doesn't have to configure some of the AKS aspects (such as DNS and domain name) manually. The PS module does that as part of the deployment. I'm not sure why this is being asked here, given this purpose.
vrapolinario
commented
2 months ago I'll go ahead and close this per lack of response. To clarify for future inquires: The DNS Server and root domain name are required when you create an AKS cluster and enable gMSA (as well as when you update an existing cluster to enable gMSA). To configure gMSA you can use the native AKS AzCLI or PowerShell. You can also use the purpose-built PS module referenced above. In both cases, you can use a managed vNET or existing one. However, that does not change the fact that you still need to indicate the DNS config parameter when configuring your AKS cluster.
Furthermore, if you do use a non-managed vNET, you might not want to set up the DNS setting directly into the vNET. This is because not necessarily all VMs into that vNET might have the same DNS requirements. When you configure the DNS setting into AKS, all Windows nodes will have the correct DNS config.
Please modify the documentation to include/reflect the below statement from a feedback given in a Microsoft Azure Support Request: "User can only enable gMSA after configuring dns servers in vnet. This does not need to set gmsa dns server and domain name in enabling gMSA in the cluster"
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.