Which three commands should you recommend be run in sequence?

Drag and Drop

You plan to use Azure Kubernetes Service (AKS) to host containers deployed from images hosted in a Docker Trusted Registry.

You need to recommend a solution for provisioning and connecting to AKS. The solution must ensure that AKS is RBAC-enaWed and uses a custom service principal.

Which three commands should you recommend be run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the coned order.

View Answer

Answer:

Explanation:

Step 1: az acr create

An Azure Container Registry (ACR) can also be created using the new Azure CLI.

az acr create

–name <REGISTRY_NAME>

–resource-group <RESOURCE_GROUP_NAME>

–sku Basic

Step 2: az ad sp create-for-rbac

Once the ACR has been provisioned, you can either enable administrative access (which is okay for testing) or you create a Service Principal (sp) which will provide a client_id and a client_secret.

az ad sp create-for-rbac

–scopes /subscriptions/<SUBSCRIPTION_ID>/resourcegroups/<RG_NAME>/providers/Microsoft.ContainerRegistry/registries/<REGISTRY_NAME>

–role Contributor

–name <SERVICE_PRINCIPAL_NAME>

Step 3: kubectl create

Create a new Kubernetes Secret.

kubectl create secret docker-registry <SECRET_NAME>

–docker-server <REGISTRY_NAME>.azurecr.io

–docker-email <YOUR_MAIL>

–docker-username=<SERVICE_PRINCIPAL_ID>

–docker-password <YOUR_PASSWORD>

References: https://thorsten-hans.com/how-to-use-private-azure-container-registry-with-kubernetes