I am trying to create an Azure aks cluster using an centos image.
I have created an aks cluster with an ubuntu image.
Searched the internet and did not find anything to indicate that centos was an option.
resource "azurerm_kubernetes_cluster" "k8s" {
name = "${var.aks_name}"
location = "${data.azurerm_resource_group.rg.location}"
dns_prefix = "${var.aks_dns_prefix}"
resource_group_name = "${data.azurerm_resource_group.rg.name}"
linux_profile {
admin_username = "${var.vm_user_name}"
ssh_key {
key_data = "${file(var.public_ssh_key_path)}"
}
}
addon_profile {
http_application_routing {
enabled = false
}
}
agent_pool_profile {
name = "agentpool"
count = "${var.aks_agent_count}"
vm_size = "${var.aks_agent_vm_size}"
os_type = "Linux"
os_disk_size_gb = "${var.aks_agent_os_disk_size}"
vnet_subnet_id = "${data.azurerm_subnet.kubesubnet.id}"
}
No, you cannot control vm image used to create AKS. I think AKS-engine works with CoreOS. https://github.com/Azure/aks-engine/issues/541
As far as I know you can't change that in Kubernetes managed services. Same applies for GKE and as I see it's the same in EKS.
It's AKS and you need to use custom images, in this case you would have to use cloud VM's in one of the cloud providers (I do not have experience with Azure so I can't say for sure but you can use custom images on AWS - kops and GCP). Also it is worth noting that in GKE you can choose one of 3 node images:
You mentioned that your main focus is security, so you might look closer to Container-Optimized OS from Google:
The Container-Optimized OS node image is based on a recent version of the Linux kernel and is optimized to enhance node security. It is backed by a team at Google that can quickly patch it for security and iterate on features. The Container-Optimized OS image provides better support, security, and stability than other images.
You can read more here.