Cloud Integrations
MOD_04 / PROJECT // HANDS-ON · COURSE PROJECT
PROJECT READY

Creating an Azure K8s Cluster · DevOps Junction

Provision an Azure Kubernetes Service cluster with Terraform and deploy a sample application into it. The lab that proves Module 04 — environments on demand, version-controlled infra, immutable infrastructure — works in your hands.

// objective

By the end of the project you will know how to create an AKS cluster using Terraform and deploy a sample application into it.

Scenario: your company asks you to migrate an application from a local server to the cloud, integrating it with the rest of the Azure services already in use. You configure the environment, grant permissions, create a resource group (and optionally a storage account), create SSH keys, write and run a Terraform script, and finally deploy an application to AKS.

// the solution · technical approach

Configure your environment, provision an AKS cluster using Terraform, then deploy a sample application onto it.

Kubernetes is the container-orchestration tool Google gave the world. It changed how applications are deployed, managed, and scaled — and because of the responsibility it adds to designing, managing, and administering systems, most organizations choose a managed Kubernetes for production:

AKS

Azure Kubernetes Service · what this project uses.

EKS

Elastic Kubernetes Service · AWS analogue.

GKE

Google Kubernetes Engine · GCP analogue.

// resources

Use the $200 in Azure credit you get when signing up for the first time, or the Azure for Students offer ($100, no credit card required) from Module 02's capstone. Either is enough to complete the project end-to-end.

// tip: tear the cluster down with `terraform destroy` at the end of every working session — AKS nodes burn credit while running.

// deliverables · 10 points total
~/aks-project/checklist.md 8 ITEMS · 10 PTS
  1. 01

    Configure the environment

    1 pts

    Install Azure CLI + Terraform; az login; pick a region; az account show.

  2. 02

    Granting permissions

    1 pts

    Service principal (or managed identity) with Contributor on the resource group. Save the credentials Terraform will use.

  3. 03

    Create Azure resource group

    1 pts

    One RG that will hold everything. Pick a region close to you.

  4. 04

    Create an Azure storage account

    optional · 0 pts

    Optional. Useful for remote Terraform state once you outgrow the local state file.

  5. 05

    Create SSH keys

    1.5 pts

    ssh-keygen -t rsa -b 4096. The public key goes into the AKS node pool config.

  6. 06

    Terraform script

    1.5 pts

    provider "azurerm", azurerm_resource_group, azurerm_kubernetes_cluster, kube_admin_config output.

  7. 07

    Running the Terraform script

    2 pts

    terraform init / plan / apply. Demonstrate the cluster came up — kubectl get nodes against the kubeconfig output.

  8. 08

    Deploying an application to AKS

    2 pts

    kubectl apply -f for a simple Deployment + Service (LoadBalancer). Show the external IP responding.

// suggested execution flow
  1. Install prereqs — az, terraform, kubectl — and run az login.
  2. Create the service principal Terraform will authenticate with, scoped to your Resource Group only (least privilege).
  3. Generate your SSH keypair; the public key goes into the AKS node-pool configuration so you can SSH into nodes if something breaks.
  4. Write your Terraform — start small (RG + AKS), apply, then iterate. Keep everything in a Git repo (Module 04 § version-control).
  5. terraform apply → wait for the cluster to come up → export the kubeconfig.
  6. Deploy a simple Deployment + Service (LoadBalancer) — even a stock nginx is fine for the grade. Show the external IP serving traffic.
  7. Record your walkthrough video — run the commands live, on camera, explaining what you built and why (see "Video walkthrough" below — this is the centerpiece of the submission).
  8. Push your Terraform code (and any supporting scripts / README) to a public GitHub repo — that becomes the second half of the submission.
  9. terraform destroy before you stop working for the day so you don't burn through credit overnight.
// video walkthrough · the centerpiece of the submission

I want to hear you speak like a master in cloud infrastructure. The video is where you show me you understand what you built — not just that you copied a tutorial. Talk through the architecture, the trade-offs, and what would change if this were going to production. This is the single most important piece of the submission.

Record yourself running the commands live while you narrate. Screen-share + your voice over it. Roughly 15–25 minutes is the right length — long enough to be substantive, short enough to be focused.

// what to cover in the video
  • Architecture you built — open the Terraform code and walk me through the resources: Resource Group, AKS, node pool, networking. Explain why you chose each parameter (node count, VM size, region).
  • Identity and least privilege — show the service principal, the role assignment, why it's scoped to the RG. If you used something else (managed identity, federated credential), defend the choice.
  • Live demoterraform planterraform applykubectl get nodes → deploy the app → hit the external IP from a browser. Talk while it runs.
  • Trade-offs and "what would I change for production?" — secrets management, remote Terraform state, multi-AZ node pool, RBAC, network policies, observability. You don't have to implement them; you have to understand them.
  • What broke and how you fixed it — the part students skip. Talking about the errors you hit shows real understanding, not a polished script.
  • Cost awareness — what does this cluster burn per hour? Why are you running terraform destroy between sessions?
// quality bar
  • — Audible voice. If I can't hear you clearly, I can't grade the most important part.
  • — Screen visible (terminal + editor at readable font size).
  • Unscripted, but prepared. Don't read a script word-for-word; don't wing it without thinking. Think senior engineer presenting an architecture review.
  • — Upload to YouTube as Unlisted (not Private — I need to be able to open it). Share the link.

// the video is how I tell the difference between a student who built it and one who copy-pasted a tutorial.

// submission · two urls, nothing else
code
// url 01 · github

Public GitHub repo

Your Terraform code, plus a README explaining how to run it and what each file does. Repo must be public (or grant access to @Markuspg1). Include the Kubernetes manifests for the sample app you deployed.

play_circle
// url 02 · youtube

YouTube walkthrough video

15–25 minutes of you speaking through the architecture and running the commands live (see "Video walkthrough" above). Upload as Unlisted. This is what gets weighted the most.

  • — Email both URLs to pereira.giron@gmail.com with subject [CLOUDINTEGRATIONS]Project · AKS.
  • — No PDFs. No screenshot albums. No zip files. Two URLs is the whole submission.
  • — Late submissions accepted with a partial deduction — talk to Marco first.
  • — Check before sending: GitHub repo opens in incognito, YouTube link plays in incognito. If either is locked, the submission does not count.
arrow_back mod-04 / immutable mod-05 / automated testing arrow_forward