Deploy kubernetes cluster on Azure Container Service from Ubuntu based build server

Azure Container Service is an offering from Microsoft which makes it simple to create, configure, and manage a cluster of virtual machines that are preconfigured to run containerized applications.  The following guide is based on steps mentioned in https://docs.microsoft.com/en-us/azure/container-service/kubernetes/container-service-kubernetes-walkthrough but deviates a little. First, the guide is based on using Azure Cloud Shell which creates two issues. In my experience, this cloud shell is not ready for prime time usage as you will keep getting issues like authentication failure, for some reason the shell will expire after every 20 mins, etc. Also CI/CD cannot be build on top of the cloud shell.

Most likely scenario would be using a CI/CD tool like Jenkins, VSTS etc. using a custom agent and then you would need to run shell commands for deploying containers. In this blog post, we’ll examine how to prepare a ubuntu based workstation for this and deploy a kubernetes cluster on Azure Container Service.

I would be mentioning steps with respect to a ubuntu workstation but you can easily transcript the same to operating system of your choice. Again, it can be a local machine or a virtual machine located in the cloud.

Prepare Workstation/Build Server

The first step is to install Azure CLI v2.0 on the machine. For this we need to modify the sources list using below commands:

On a 32-bit System:

echo "deb https://packages.microsoft.com/repos/azure-cli/ wheezy main" | \
     sudo tee /etc/apt/sources.list.d/azure-cli.list

On a 64-bit System:

echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ wheezy main" | \
     sudo tee /etc/apt/sources.list.d/azure-cli.list

Then run the following sudo commands:

sudo apt-key adv --keyserver packages.microsoft.com --recv-keys 417A0893
sudo apt-get install apt-transport-https
sudo apt-get update && sudo apt-get install azure-cli

Once its installed properly, you can run az --version and it should show available module versions.

Now, we need to install kubectl. For this, we need to run below commands:

# Download the latest release
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl

# Make the kubectl binary executable
chmod +x ./kubectl

# Move the binary in to your PATH
sudo mv ./kubectl /usr/local/bin/kubectl

More details for same can be found on Install kubectl binary via curl.

Once its installed properly, run kubectl and it should list available commands.

Create Linux ACS kubernetes cluster

First, we need to authentication to Azure. For this, run below command:

az login

It will ask you to open a browser and enter a unique code generated and then you can enter your azure credentials. Once completed, it should look like below:

login for azure using azure cli
login for azure using azure cli

We’ll also need to create a SSH keypair using ssh-keygen command:

ssh-keygen -t rsa -b 2048

We’ll accept defaults and let it create the same. Now we need to create resource group and specify a location. For that, we can use below command:

az group create --name acstest-rg --location westeurope

This creates a resource group named acstest-rg in westeurope location. Once command is completed, you’ll output like below:

Create a new resource group
Create a new resource group

Now, we can create a kubernetes cluster using below command:

RESOURCE_GROUP=acstest-rg
CLUSTER_NAME=acstest-k8

az acs create \
--orchestrator-type=kubernetes \
--resource-group $RESOURCE_GROUP \
--name=$CLUSTER_NAME \
--ssh-key-value ~/.ssh/id_rsa.pub \
--admin-username=azureuser \
--master-count=1 \
--agent-count=2 \
--agent-vm-size=Standard_D1_v2

This will take a few good minutes to complete as it needs to create a lot of things in the background.

Once its completed successfully, you will get below like output:

Output after new cluster creation
Output after new cluster creation

Gotchas: You may occasionally run into one of below errors:

  1. Credentials failed.
Deployment failed. {
 “error”: {
 “code”: “BadRequest”,
 “message”: “The credentials in ServicePrincipalProfile were invalid. Please see https://aka.ms/acs-sp-help for more details. (Details: AADSTS70001: Application with identifier

To resolve this, see if the service principal in AD exists or not and if it exists, delete it. Run the command again.

  1. ServicePrincipal not valid
Deployment failed. {
 “error”: {
 “code”: “BadRequest”,
 “message”: “The ServicePrinical in ServicePrincipalProfile could not be validated. Please see https://aka.ms/acs-sp-help for more details.

To resolve this, delete the serviceprincipaljson file located in .azure directory.

Now we need to save cluster connection details locally by using below command:

az acs kubernetes get-credentials --resource-group=$RESOURCE_GROUP --name=$CLUSTER_NAME

Let’s run our first kubectl command to check nodes of our cluster:

kubectl get nodes

You should see below output:

Connect to kubernetes cluster
Connect to kubernetes cluster

Spend some time with Kubernetes cluster

For this, we’ll create a sample deployment on the cluster using one of the images created by Microsoft. First, create a file azure-vote.yaml and enter below information:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: azure-vote-back
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: azure-vote-back
    spec:
      containers:
      - name: azure-vote-back
        image: redis
        ports:
        - containerPort: 6379
          name: redis
---
apiVersion: v1
kind: Service
metadata:
  name: azure-vote-back
spec:
  ports:
  - port: 6379
  selector:
    app: azure-vote-back
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: azure-vote-front
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: azure-vote-front
    spec:
      containers:
      - name: azure-vote-front
        image: microsoft/azure-vote-front:redis-v1
        ports:
        - containerPort: 80
        env:
        - name: REDIS
          value: "azure-vote-back"
---
apiVersion: v1
kind: Service
metadata:
  name: azure-vote-front
spec:
  type: LoadBalancer
  ports:
  - port: 80
  selector:
    app: azure-vote-front

It defines 2 deployments:
– azure-vote-backend that is based on a Redis service
– azure-vote-front that is a web application

We can now deploy above manifest file using below command:

kubectl create -f azure-vote.yaml

You will get following output:

deployment "azure-vote-back" created
service "azure-vote-back" created
deployment "azure-vote-front" created
service "azure-vote-front" created

As the application is run, a Kubernetes service is created that exposes the application front end to the internet. This process can take a few minutes to complete. To monitor progress of same, we can use the below command:

kubectl get service azure-vote-front --watch

Initially the EXTERNAL-IP for the azure-vote-front service will appear as pending. Once the EXTERNAL-IP address has changed from pending to an IP address, use CTRL-C to stop the kubectl watch process. Now copy the EXTERNAL-IP address and put it into a browser. You should see an output like below:

azure voting app
azure voting app

We can now run some of the kubernetes commands like below:

kubectl get services output
kubectl get services output
kubectl get deployments
kubectl get deployments
kubectl descibe deployments
kubectl descibe deployments

Access kubernetes dashboard

Command kubectl proxy will let you view kubernetes dashboard using a browser on the machine in reference. Once you ran it, it should show output like below:

Starting to serve on 127.0.0.1:8001

 

Now, you can reach the dashboard using: Starting to serve on http://127.0.0.1:8001/ui

One thought on “Deploy kubernetes cluster on Azure Container Service from Ubuntu based build server

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s