Skip to main content

Tutorial: How to set up Paralus on Azure Kubernetes Service (AKS)

· 6 min read
Atulpriya Sharma

The previous blog post, was about deploying Paralus to Amazon's Elastic Kubernetes Service (EKS).

In this blog post, we'll take you through the steps to setup an Azure Kubernetes Services (AKS) cluster on a custom domain and deploy Paralus on it.

Table Of Content:

Pre Requisites

To setup Paralus on Azure Kubernetes Service (AKS) there are a few prerequisites:

The logical steps would start with setting up a Kubernetes cluster on AKS. Deploying Paralus via helm charts followed by configuring DNS for your domain to work with Paralus. Lastly, logging into Paralus and importing a Kubernetes cluster.

Creating AKS Cluster

One of the good things when it comes to creating an AKS cluster is the various options it gives you to create a cluster:

You are free to choose any option that you want, we used the Azure Portal to create one.

Note: Choose a virtual machine with atleast 4 vCPUs and 16 GB of RAM. Refer to the list of Azure VMs.

After the cluster is created, start the cluster and connect to it. If you've created a cluster using the Azure portal, you can use the Azure Cloud Shell to connect to the cluster.

Installing Paralus

  1. Add helm repo

    helm repo add paralus

  2. Install Paralus

     helm install myrelease paralus/ztka \
    -f \
    --set fqdn.domain="" \
    -n paralus \

    Note: If you're installing this in a production environment, please use values.yaml and configure the values mentioned here as required.

    Note: Since v0.1.9, elasticsearch is an optional component. By default, Paralus will use database (Postgres) as the auditlog storage component. If you're doing a fresh install, below are the values.yaml file that you must pass during installation:

     NAME: myrelease
    LAST DEPLOYED: Wed Jun 29 10:13:48 2022
    NAMESPACE: paralus
    STATUS: deployed
    1. Access the application URL by running these commands:
    Get load balancer address via:
    kubectl get service envoy --namespace paralus -o jsonpath='{.status.loadBalancer.ingress[0].hostname}'

    Add DNS records of following domains such that it resolves to above address:
    - *
    - *
    Open in browser.

    You can view the default password for admin@paralus.local by running the following command once all the pods are running:

    kubectl logs -f --namespace paralus $(kubectl get pods --namespace paralus -l'paralus' -o jsonpath='{ .items[0] }') initialize | grep 'Org Admin default password:'

Note: It can take upto a few minutes before all the pods are running and you can access the dashboard. You can check the status using watch kubectl get pods

Configuring DNS Settings

Once the installation is complete, you need to first get the external IP address provided by Azure loadbalancer. You can do so by executing the following command:

kubectl get svc myrelease-contour-envoy -n paralus

myrelease-contour-envoy LoadBalancer 80:30193/TCP,443:30873/TCP 3m13s

Note down the EXTERNAL-IP address for the <releasename>-contour-envoy service.

Navigate to your domain's DNS setting page. The steps for changing DNS settings will vary based on your domain name provider.

While you are on your DNS Setting page, for the selected domain name, you need to add three A records. These will be based on the subdomains provided in the notes section post installation.

TypeAddressResolves ToTTL
Aconsole.chartexample.com13.71.51.1051 Hour
A*.core-connector.chartexample.com13.71.51.1051 Hour
A*.user.chartexample.com13.71.51.1051 Hour

Resetting Default Password

Paralus comes configured with default credentials that allow you to access the dashboard.

In order to get the default password, copy the command displayed after helm install and execute it

kubectl logs -f --namespace paralus $(kubectl get pods --namespace paralus -l'paralus' -o jsonpath='{ .items[0] }') initialize | grep 'Org Admin default password:'

Org Admin default password: 8[&C2(74^

In a new browser window/tab navigate to and log in with the following credentials:

  • username: admin@paralus.local - or the one you specified in values.yaml
  • password: <generated above>

It will ask you to change the default password. Please provide new set of passwords to proceed. If successful, you'll be redirected to the projects page where you'll see a default project.

Paralus default project screen

Importing Existing Cluster

Everything in Paralus is grouped into Projects. Each project will have clusters, users and groups associated with it. Hence the first step it to create a new project.

Click on New Project to create a new project and then import a cluster in that project. The cluster we are importing is a minikube cluster hosted on my laptop.

Create New Cluster

Click Continue and download the bootstrap yaml file by clicking Import Bootstrap YAML. This will download the YAML file that is required to connect your cluster with Paralus.

Download Bootstrap YAML file

Apply the bootstrap configuration yaml file

kubectl apply -f mylocalcluster.yaml

Wait for the changes to take place. On the dashboard you will see that the cluster is imported successfully. It usually takes 3-5 minutes for the status to update.

Import Cluster Success

Select your newly imported cluster and click on kubectl to access the prompt and interact with your cluster from the dashboard.

A kubectl console will open in the bottom half of the screen, enter your kubectl commands to interact with your cluster.

Accessing imported cluster via kubectl

Congratulations! You've successfully deployed Paralus on Azure Kubernetes Service (AKS) and imported a local cluster.

Refer to our documentation to learn about various features of Paralus.


We are a Cloud Native Computing Foundation sandbox project.