Azure Container Service is an offering from Microsoft which makes it simple to create, configure, and manage a cluster of virtual machines that are preconfigured to run containerized applications. The following guide is based on steps mentioned in https://docs.microsoft.com/en-us/azure/container-service/kubernetes/container-service-kubernetes-walkthrough but deviates a little. First, the guide is based on using Azure Cloud Shell which creates two issues. In my experience, this cloud shell is not ready for prime time usage as you will keep getting issues like authentication failure, for some reason the shell will expire after every 20 mins, etc. Also CI/CD cannot be build on top of the cloud shell.
Most likely scenario would be using a CI/CD tool like Jenkins, VSTS etc. using a custom agent and then you would need to run shell commands for deploying containers. In this blog post, we’ll examine how to prepare a ubuntu based workstation for this and deploy a kubernetes cluster on Azure Container Service.
I would be mentioning steps with respect to a ubuntu workstation but you can easily transcript the same to operating system of your choice. Again, it can be a local machine or a virtual machine located in the cloud.
Prepare Workstation/Build Server
The first step is to install Azure CLI v2.0 on the machine. For this we need to modify the sources list using below commands:
On a 32-bit System:
echo "deb https://packages.microsoft.com/repos/azure-cli/ wheezy main" | \
sudo tee /etc/apt/sources.list.d/azure-cli.list
On a 64-bit System:
echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ wheezy main" | \
sudo tee /etc/apt/sources.list.d/azure-cli.list
Then run the following sudo commands:
sudo apt-key adv --keyserver packages.microsoft.com --recv-keys 417A0893 sudo apt-get install apt-transport-https sudo apt-get update && sudo apt-get install azure-cli
Once its installed properly, you can run az --version and it should show available module versions.
Now, we need to install kubectl. For this, we need to run below commands:
# Download the latest release curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl # Make the kubectl binary executable chmod +x ./kubectl # Move the binary in to your PATH sudo mv ./kubectl /usr/local/bin/kubectl
More details for same can be found on Install kubectl binary via curl.
Once its installed properly, run kubectl and it should list available commands.
Create Linux ACS kubernetes cluster
First, we need to authentication to Azure. For this, run below command:
az login
It will ask you to open a browser and enter a unique code generated and then you can enter your azure credentials. Once completed, it should look like below:
We’ll also need to create a SSH keypair using ssh-keygen command:
ssh-keygen -t rsa -b 2048
We’ll accept defaults and let it create the same. Now we need to create resource group and specify a location. For that, we can use below command:
az group create --name acstest-rg --location westeurope
This creates a resource group named acstest-rg in westeurope location. Once command is completed, you’ll output like below:
Now, we can create a kubernetes cluster using below command:
RESOURCE_GROUP=acstest-rg CLUSTER_NAME=acstest-k8 az acs create \ --orchestrator-type=kubernetes \ --resource-group $RESOURCE_GROUP \ --name=$CLUSTER_NAME \ --ssh-key-value ~/.ssh/id_rsa.pub \ --admin-username=azureuser \ --master-count=1 \ --agent-count=2 \ --agent-vm-size=Standard_D1_v2
This will take a few good minutes to complete as it needs to create a lot of things in the background.
Once its completed successfully, you will get below like output:
Gotchas: You may occasionally run into one of below errors:
- Credentials failed.
Deployment failed. {
“error”: {
“code”: “BadRequest”,
“message”: “The credentials in ServicePrincipalProfile were invalid. Please see https://aka.ms/acs-sp-help for more details. (Details: AADSTS70001: Application with identifier
To resolve this, see if the service principal in AD exists or not and if it exists, delete it. Run the command again.
- ServicePrincipal not valid
Deployment failed. {
“error”: {
“code”: “BadRequest”,
“message”: “The ServicePrinical in ServicePrincipalProfile could not be validated. Please see https://aka.ms/acs-sp-help for more details.
To resolve this, delete the serviceprincipaljson file located in .azure directory.
Now we need to save cluster connection details locally by using below command:
az acs kubernetes get-credentials --resource-group=$RESOURCE_GROUP --name=$CLUSTER_NAME
Let’s run our first kubectl command to check nodes of our cluster:
kubectl get nodes
You should see below output:
Spend some time with Kubernetes cluster
For this, we’ll create a sample deployment on the cluster using one of the images created by Microsoft. First, create a file azure-vote.yaml and enter below information:
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: azure-vote-back
spec:
replicas: 1
template:
metadata:
labels:
app: azure-vote-back
spec:
containers:
- name: azure-vote-back
image: redis
ports:
- containerPort: 6379
name: redis
---
apiVersion: v1
kind: Service
metadata:
name: azure-vote-back
spec:
ports:
- port: 6379
selector:
app: azure-vote-back
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: azure-vote-front
spec:
replicas: 1
template:
metadata:
labels:
app: azure-vote-front
spec:
containers:
- name: azure-vote-front
image: microsoft/azure-vote-front:redis-v1
ports:
- containerPort: 80
env:
- name: REDIS
value: "azure-vote-back"
---
apiVersion: v1
kind: Service
metadata:
name: azure-vote-front
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: azure-vote-front
It defines 2 deployments:
– azure-vote-backend that is based on a Redis service
– azure-vote-front that is a web application
We can now deploy above manifest file using below command:
kubectl create -f azure-vote.yaml
You will get following output:
deployment "azure-vote-back" created service "azure-vote-back" created deployment "azure-vote-front" created service "azure-vote-front" created
As the application is run, a Kubernetes service is created that exposes the application front end to the internet. This process can take a few minutes to complete. To monitor progress of same, we can use the below command:
kubectl get service azure-vote-front --watch
Initially the EXTERNAL-IP for the azure-vote-front service will appear as pending. Once the EXTERNAL-IP address has changed from pending to an IP address, use CTRL-C to stop the kubectl watch process. Now copy the EXTERNAL-IP address and put it into a browser. You should see an output like below:
We can now run some of the kubernetes commands like below:
Access kubernetes dashboard
Command kubectl proxy will let you view kubernetes dashboard using a browser on the machine in reference. Once you ran it, it should show output like below:
Starting to serve on 127.0.0.1:8001
Now, you can reach the dashboard using: Starting to serve on http://127.0.0.1:8001/ui
mohitgoyal.co 
[…] For this, please refer to this blog post here. […]
LikeLike