Question posted in 
I am trying to create an Azure aks cluster using an centos image.
I have created an aks cluster with an ubuntu image.
Searched the internet and did not find anything to indicate that centos was an option.
resource "azurerm_kubernetes_cluster" "k8s" {
name = "${var.aks_name}"
location = "${data.azurerm_resource_group.rg.location}"
dns_prefix = "${var.aks_dns_prefix}"
resource_group_name = "${data.azurerm_resource_group.rg.name}"
linux_profile {
admin_username = "${var.vm_user_name}"
ssh_key {
key_data = "${file(var.public_ssh_key_path)}"
}
}
addon_profile {
http_application_routing {
enabled = false
}
}
agent_pool_profile {
name = "agentpool"
count = "${var.aks_agent_count}"
vm_size = "${var.aks_agent_vm_size}"
os_type = "Linux"
os_disk_size_gb = "${var.aks_agent_os_disk_size}"
vnet_subnet_id = "${data.azurerm_subnet.kubesubnet.id}"
}
3
Answers
No, you cannot control vm image used to create AKS. I think AKS-engine works with CoreOS. https://github.com/Azure/aks-engine/issues/541
As far as I know you can’t change that in Kubernetes managed services. Same applies for GKE and as I see it’s the same in EKS.
It’s AKS and you need to use custom images, in this case you would have to use cloud VM’s in one of the cloud providers (I do not have experience with Azure so I can’t say for sure but you can use custom images on AWS – kops and GCP).
Also it is worth noting that in GKE you can choose one of 3 node images:
containerd (cos_containerd)
You mentioned that your main focus is security, so you might look closer to Container-Optimized OS from Google:
You can read more here.
I have created a prototype terraform plan which adds Centos Kubernetes workers (as VMSS) to a existing AKS. The protoype is of course opiniated and only supports a specific AKS configuration but it might be a base for other to implement custom workers nodes for AKS