Deploy Azure resources with Meshery
Introduction
Meshery now supports managing Azure resources declaratively through Kubernetes by integrating with Azure Service Operator (ASO). With this capability, you can visually design, deploy, and manage a variety of Azure resources—such as Storage Accounts, Key Vaults, SQL Servers, and more—directly from Meshery’s UI. In this tutorial, you’ll install the ASO operator (without CRD pattern configurations, as Meshery will handle them), create a Service Principal and a Kubernetes secret with your Azure credentials, and use Meshery to provision Azure resources seamlessly into your subscription.
Prerequisites
Before you begin, ensure you have the following:
- Meshery Installed A self-hosted Meshery instance running on your Kubernetes cluster (in-cluster or out-of-cluster).
- Kubernetes Cluster
A running Kubernetes cluster (v1.16+) with
kubectlconfigured. - Azure Subscription An active Azure subscription where Storage Accounts will be provisioned.
- Azure CLI
Installed and authenticated (
az login) in your local shell. - cert-manager Installed in your Kubernetes cluster (required by Azure Service Operator).
Table of Contents
- Create Azure Service Principal
- Connect Meshery to Your Cluster
- Deploy ASO Operator using Kanvas
- Start deploying azure resources in Kanvas
- Conclusion
1. Create Azure Service Principal
If you do not already have a Service Principal (SP) for Meshery, create one using the Azure CLI:
az ad sp create-for-rbac -n azure-service-operator --role contributor --scopes /subscriptions/<AZURE_SUBSCRIPTION_ID>
This command outputs the following credentials:
appId: Application ID (Client ID)displayName: Service Principal Namename: Azure Service Principal URLpassword: Client Secrettenant: Tenant ID
To export them, manually enter:
export AZURE_CLIENT_ID=<appId> export AZURE_CLIENT_SECRET=<password> export AZURE_TENANT_ID=<tenant> export AZURE_SUBSCRIPTION_ID=<subscriptionId>
2. Connect Meshery to Your Cluster
If you haven’t already connected your cluster to Meshery, run:
mesheryctl system start
Then open the Meshery UI (default: http://localhost:9081) and ensure your cluster appears under Lifecycle → Connections.
3. Install Azure Service Operator (Operator Only)
Prerequisite
Create a cert-manager that is necessary for deployment of Azure Service operator
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.14.1/cert-manager.yaml
3.1 Deploy ASO Operator
Apply the official ASO operator manifest (Meshery will manage CRDs):
kubectl apply -f https://github.com/Azure/azure-service-operator/releases/download/v2.13.0/azureserviceoperator_v2.13.0.yaml
3.2 Create Azure Credentials Secret
Azure Service Operator requires a Kubernetes secret with your Azure identity:
kubectl create secret generic azure-credentials --namespace azureserviceoperator-system --from-literal=AZURE_CLIENT_ID=$AZURE_CLIENT_ID --from-literal=AZURE_CLIENT_SECRET=$AZURE_CLIENT_SECRET --from-literal=AZURE_TENANT_ID=$AZURE_TENANT_ID --from-literal=AZURE_SUBSCRIPTION_ID=$AZURE_SUBSCRIPTION_ID
4. Deploy Azure Service Operator using Kanvas
- In the Meshery UI, navigate to Kanvas.
- Click Catalog, filter by Azure, and select the Azure Operator design.
- Click Clone to add it to your canvas.
- Update the secret aso-controller-settings in the design template. The details are also mentioned in the catalog
- Click Actions → Deploy.
5. Start deployment of Azure resources using Kanvas
- Go to Kanvas and start by picking up Azure components and putting it to design area.
- Click Actions → Deploy.
- Azure Portal: Confirm the new Storage Account appears in your specified resource group.
6. Conclusion
You have successfully:
- Created an Azure Service Principal for Meshery
- Connected your Kubernetes cluster to Meshery
- Installed the Azure Service Operator (Meshery managed CRDs)
- Created a Kubernetes secret for Azure credentials
- Designed and deployed Azure resources using Meshery’s Kanvas
If you want to learn more about Azure Service Operator, visit the official ASO documentation.
Suggested Reading
- Deploy AWS EC2 Instances with Meshery - Learn how to deploy and manage AWS EC2 instances through Kubernetes with Meshery, utilizing AWS Controllers for Kubernetes (ACK) to enhance cloud resource management
- Deploy Azure Storage Account with Meshery - Learn how to deploy and manage Azure Storage account through Kubernetes with Meshery, utilizing ASO operator to enhance cloud resource management
- Deploying Apache Cassandra with a StatefulSet in Meshery Playground - Deploy Apache Cassandra with a StatefulSet using Meshery Playground in an interactive live cluster environment.
- Deploying PHP Guestbook application with Redis in Meshery - In this tutorial, we will deploy guest book built with PHP and Redis in Kubernetes. We will make use of Meshery Playground in an interactive live cluster environment.
- Embedding a Meshery Design in a WordPress Post - Learn how to Embed a Meshery Design in a WordPress Post
- Exploring Kubernetes CronJobs - In this tutorial, we will explore how to use Meshery Playground, an interactive live cluster environment, to perform hands-on labs for managing Kubernetes CronJobs.
- Understanding Kubernetes ConfigMaps and Secrets with Meshery - In this tutorial, we will explore how to effectively use Kubernetes ConfigMaps and Secrets for managing configuration data and sensitive information. Leveraging Meshery Playground, an interactive live cluster environment, we'll perform hands-on labs to understand the practical aspects of working with ConfigMaps and Secrets in Kubernetes.
- Exploring Kubernetes Deployments with Meshery - Explore a Kubernetes Deployment using Meshery Playground, an interactive live environment, through a series of hands-on exercises.
- Exploring Kubernetes Pods with Meshery - Explore Kubernetes Pods using Meshery in an interactive live cluster environment, through a series of hands-on exercises.
- Kubernetes Request Flow – A Visual Guide - A visual walkthrough of how user requests flow through Kubernetes components using Meshery Kanvas.
- Publishing Meshery Designs to ArtifactHub - Step by step example for how to export Meshery Designs and publish them to an ArtifactHub repository.
- Deploying WordPress and MySQL with Persistent Volumes with Meshery - Deploy a WordPress site and a MySQL database with Persistent Volumes using Meshery Playground in an interactive live cluster environment.