, the Secure Agent authenticates with the managed identity to store cluster details in the staging location and to create the cluster. The master and worker nodes use the service principal to access cloud resources.
The following image shows the process that the Secure Agent uses to create a cluster:
The following steps describe the process that the Secure Agent uses to create a cluster:
You run a job.
The Secure Agent authenticates with the managed identity to store cluster details in the staging location.
The Secure Agent authenticates with the managed identity to create prerequisite resources that the cluster needs, such as a network security group and load balancer.
The Secure Agent authenticates with the managed identity to get the access keys to the storage accounts and uses a secure channel to make the keys available to cluster nodes.
The Secure Agent makes the service principal credentials available to the cluster.
The Secure Agent authenticates with the managed identity to create cluster resources for the master node and a Virtual Machine Scale Set for the master node.
The master node uses the service principal to access cloud resources.
The master node accesses the initialization script using the storage account key that the Secure Agent fetched through the managed identity.
The Secure Agent authenticates with the managed identity to create cluster resources for the worker nodes and creates a Virtual Machine Scale Set with the minimum number of worker nodes.
The worker nodes use the service principal to access cloud resources.
The worker nodes access the initialization script using the storage account key that the Secure Agent fetched through the managed identity.
ASK INFAPreview
