In this blog, I will guide you through the process of building and deploying Docker images to the Kubernetes platform hosted on Azure Kubernetes Services (AKS). In addition, I will also show you how to work with service scale-out and high-availability.

Docker defines a container as “A standard unit of software that packages up code and all its dependencies, so the application runs quickly and reliably from one computing environment to another”

A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings.”

I will not go further into the concepts of docker and containers and urge you to do your own reading.

To build out our solution, we will need to do the following

  1. Create an Azure container Registry (ACR)
  2. Create an Azure Service principal
  3. Create an Azure Kubernetes cluster (AKS)
  4. Import image into Azure Container Registry
  5. Publish the application
  6. Upgrade AKS cluster
  7. Scale the AKS cluster nodes
  8. Pods and scaling them
  9. Access the Kubernetes dashboard

Prerequisites:

Please have the following pre-requisites ready on your workstation:

Docker CLI – You must also have Docker installed locally. Docker Desktop for Windows is Docker designed to run on Windows 10. It is a native Windows application that provides an easy-to-use development environment for building, shipping, and running dockerized apps. Download the software and install on your system. – https://hub.docker.com/editions/community/docker-ce-desktop-windows

NOTE:

  • Docker will require you to create a login to download the installer.
  • When installing docker, choose the “Use Windows Containers instead of Linux containers”
  • Also ensure virtualization is enabled in the BIOS on your workstation
  • Azure CLI – This command line gives access to the CLI through the Windows Command Prompt (CMD) or PowerShell. Download the MSI installer from the link below: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest

 

  1. Create an Azure Container Registry (ACR)

A container registry allows you to store and manage container images across all types of Azure deployments. You deploy Docker images from a registry. Firstly, we need access to a registry that is accessible to the Azure Kubernetes Service (AKS) cluster we are creating. For this purpose, we will create an Azure Container Registry (ACR), where we will push images for deployment.

  • In the Azure Portal, select + Create a resource, Containers, then click Container Registry.
  • On the Create container registry blade, enter the following:
    • Registry name: “Kloudaks01” (choose a suitable name)
    • Subscription: Choose your subscription
    • Resource group: Use your existing resource group
    • Location: Choose the region
    • Admin user: Enable
    • SKU: Standard
  • Click Create.
  • Navigate to Container registries to view your newly created ACR account in the Azure Portal. As this is a new account, you will not see any repositories yet. We will create these later in this post.
  1. Create an Azure Service Principal

Azure Kubernetes Service (AKS) requires an Azure Active Directory service principal to interact with Azure APIs. The service principal is needed to dynamically manage resources such as user-defined routes and the Layer 4 Azure Load Balancer. We will set up the service principal using the Azure Cli from PowerShell:

  • Open a PowerShell console and run az login to log into your Azure subscription. This will open a web browser to complete the Azure login process.
  • Before completing the steps to create the service principal, you should make sure to set your default subscription correctly.
  • To view your current subscription, in the Cloud Shell window, type: az account show 
  • To list all of your subscriptions, type: az account list 
  • To set your default subscription to something other than the current selection, type in: az account set –subscription {id} Replace {id} with the desired subscription id value from the previous command. 
  • To create a service principal, type: az ad sp create-for-rbac –skip-assignment
  • This creates an Azure Service principal without a default assignment. The service principal command will produce an output. Copy this information as we will need it at a later stage.
  • Store the unique ACR ID as a variable: $acrid = az acr show –name kloudaks01 –resource-group Infra_core_SYD –query “id” –output tsv 
  • Use the “appId” from service principal creation step in the command below: az role assignment create –assignee “appid” –role Reader –scope $acrid

 

  1. Create an Azure Kubernetes Service (AKS) cluster

In this task, we will create an Azure Kubernetes Service cluster.

  • From the Azure Portal, select + Create a resource, Containers and select Kubernetes Service.
  • In the Basics blade provide the information as below:
    • Subscription: Choose the required subscription
    • Resource group: Select the appropriate resource group
    • Name: sanakscluster01
    • Region: Choose the same region as the resource group
    • Kubernetes version: 12.5. (Select an N-1 version)
    • DNS Name Prefix: sanakscluster01
    • Under Node size, click “Change size” to configure your VM size. Search and select “DS2_v2”.
    • Set the Node Count to 1
  • Click “Next: Authentication

Configure your service principal by clicking on “Configure service principal”. Use the output saved from the service principal creation step

  • Service principal client ID: Use the service principal “appId
  • Service principal client secret: Use the service principal “password
  • Click “Next: Networking“.
  • Leave the rest at the defaults and select “Review + create”.
  • After it finishes running final validation, click “Create“.
  • A new resource group for this cluster is created which houses all the components of the cluster node. The Azure Kubernetes Service cluster deployment will begin, and you can monitor the progress in the overview blade. This process can take up to 10 minutes before it is listed in the Portal.
  1. Import image into the Azure Container Registry (ACR)

NOTE: Run all the Azure CLI commands from your workstation’s PowerShell console

  • To perform push or pull into the ACR, we need to login to the container registry. Ensure you’re still connected to the azure CLI via PowerShell, else use az login to log back in again to your Azure subscription.
  • Now log into the Container Registry we created in step 1: az acr login –name kloudaks01 
  • Once logged into the container registry, we will now log into the AKS cluster : az aks get-credentials –name sanakscluster01 –resource-group Infra_Core_SYD
  • To view the current images in the repository, run the command: az acr repository list –name kloudaks01 –output table
  • You will see that this list is empty as we haven’t deployed any images to it yet.
  • For our demonstration, we will now import an demo app supplied by Microsoft into Docker’s public repository by running the command below: az acr import –name kloudaks01 –source mcr.microsoft.com/azuredocs/azure-vote-front:v2 –image azure-vote-front:v2
  • Wait for few mins for this action to complete.
  • To view the images uploaded into the repository, run the command: az acr repository list –name kloudaks01 –output table

 

  1. Publish the application
      • To publish the application to the AKS cluster, we will need to create a YAML file.
      • Create a file called azure-vote-all-in-one-redis.yml and copy the contents below into it and save it to your local workstation.
      • I’ve saved it to “C:\Temp\azure-vote-all-in-one-redis.yml”

    apiVersion: apps/v1beta1
    kind: Deployment
    metadata:
    name: azure-vote-back
    spec:
    replicas: 1
    template:
    metadata:
    labels:
    app: azure-vote-back
    spec:
    containers:
    – name: azure-vote-back
    image: redis
    ports:
    – containerPort: 6379
    name: redis

    apiVersion: v1
    kind: Service
    metadata:
    name: azure-vote-back
    spec:
    ports:
    – port: 6379
    selector:
    app: azure-vote-back

    apiVersion: apps/v1beta1
    kind: Deployment
    metadata:
    name: azure-vote-front
    spec:
    replicas: 1
    strategy:
    rollingUpdate:
    maxSurge: 1
    maxUnavailable: 1
    minReadySeconds: 5
    template:
    metadata:
    labels:
    app: azure-vote-front
    spec:
    containers:
    – name: azure-vote-front
    image: microsoft/azure-vote-front:v2
    ports:
    – containerPort: 80
    resources:
    requests:
    cpu: 250m
    limits:
    cpu: 500m
    env:
    – name: REDIS
    value: “azure-vote-back”

    apiVersion: v1
    kind: Service
    metadata:
    name: azure-vote-front
    spec:
    type: LoadBalancer
    ports:
    – port: 80
    selector:
    app: azure-vote-front

  • Ensure kubectl is installed in your Azure CLI. if not, run the command: az aks install-cli
  • To deploy a container from the Azure cli console, run the following command: kubectl apply -f “C:\Temp\azure-vote-all-in-one-redis.yml”
  • To monitor the deployment process run this command: kubectl get services –watch
  • Wait until the External – IP address is allocated and then exit by pressing CTRL+C. Make a note of this IP.
  • In the newly created resource group that house the cluster nodes, you will see an Inbound rule in the NSG that allows access to the External IP address on port 80.
  • Note down the External IP address and paste it into your browser. This load s up the Azure colour voting app in your browser. Give it a go 😊.

 

  1. Upgrade the AKS cluster

It is important that you apply the latest Kubernetes security patches or apply any upgrades to get access to the latest features.

  • To check which Kubernetes releases are available for your cluster, run the command: az aks get-upgrades –resource-group Infra_core_syd –name sanakscluster01 –output table
  • The output shows that the Kubernetes cluster can be upgraded to version 1.12.6
  • To perform this upgrade, run the command: az aks upgrade –resource-group Infra_core_syd –name sanakscluster01 –kubernetes-version 1.12.6
  • Press y for confirmation and wait for the process to complete.
  • To confirm that the upgrade was successful, type in the following command: Az aks show –resource-group Infra_core_syd –name sanakscluster01 –-output table
  1. Scaling AKS Cluster nodes
  • To check the list of cluster nodes running, use the command: Kubectl get nodes
  • Since we have created the cluster with a single node, the output of command will show one node.
  • We will now scale the cluster nodes to 4. Run the command below to perform it: az aks scale –resource-group RG_MEL –name sanakscluster01 –node-count 4
  • This will take a few minutes to complete its action.
  • Rerun the command: Kubectl get nodes
  • You should see the additional nodes running with four nodes.

 

  1. Pods and Scaling them
  • A pod is the smallest unit in Kubernetes that you create or deploy. A pod represents the application as a running process on your cluster.
  • In our YAML file we specified the number of replicas = 1 and therefore we have only one pod available for the application. See the screenshot below:

 

 

 

 

We will now scale the applications running with AKS cluster.

 

  • To view pods, run Kubectl get pods. The application shows up with a front end & a Back end
  • To scale, we need to know the deployment name and we can get this by running the command: Kubectl get deployment
  • We will now scale the application to 3 nodes. We have two deployments (Back end & Front end) to scale up.
  • Type the command: kubectl scale –replicas=3 deployment/azure-vote-back, deployment/azure-vote-front
  • To verify the application has scaled up, rerun the command: Kubectl get pods
  • After scaling the pods, you can notice a load balancer has been introduced into your resource group for the application. This is created by Azure Kubernetes Service.
  • Ensure you are still able to access the web app by the same IP on your web browser.

 

  1. Access the Kubernetes dashboard

To open your Kubernetes dashboard, complete the following steps:

  • Get the credentials for your cluster by running the command: az aks get-credentials –resource-group Infra_core_SYD –name sanakscluster01
  • Open the Kubernetes dashboard by running the following command: az aks browse –resource-group Infra_core_SYD –name sanakscluster01
  • Click on the URL from the above output, which will navigate you to the Kubernetes dashboard.
  • The dashboard provides information on the state of the Kubernetes resources in your cluster and on any errors that may have occurred. It can be used to deploy containerized applications to a Kubernetes cluster.

 

Category:
Azure Infrastructure
Tags: