Deploying Kubernetes with Azure
I’m loving everything related to containers at the moment, in Azure we have a number of ways that we can deploy our container work loads:
Each brings with it its own benefits and challenges some of which are listed below:
- Container Instances & App Services are great for low complexity single container deployments, using these services developers need not be concerned about creating & managing a cluster.
- AKS(PREVIEW) is a Kubernetes specific solution which is great for building highly available complex container deployments, AKS clusters require minimal maintenance due to built-in support for auto-scaling, auto-patching, auto-updates etc.
- ACS supports deploying multiple Orchestrators and is also great for complex container workloads but the burden of maintaining your cluster falls mainly on you.
- ServiceFabric is a battle tested distributed system which now also has the ability to orchestrate container workloads along side its native programming models i.e. Reliable Services and Reliable Actors.
In this post I will demonstrate the various ways of deploying a Kubernetes cluster on Azure, Kubernetes is a popular container orchestration solution. A container orchestrator allows us to amongst other things automate deployments, scale our workloads and monitor our deployments. There are multiple ways we can deploy Kubernetes on Azure:
- Azure Container Service(ACS)
- Portal or CLI
- ACS-Engine
- Azure Container Service(AKS)
- Manually using IaaS and core compute i.e. VMs/VM Scalesets/VNET’s etc, this method is out of scope of this blog post.
Requirements
To follow along with the steps in this blog post you will need a Azure Subscription and the Azure Cross Platform CLI installed, this is available through the Azure Cloud Shell or to install on your local machine - https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest If you have the tooling installed locally you need to first login to your subscription, in my case I will be using Windows Subsystem for Linux & Ubuntu.
$ az login
The login command will output further steps to the console which must be performed in your browser, once authenticated we can move on to creating our cluster. [![az login](/content/imag
ACS
First step is to create a new Azure Resource Group which will contain all the resources which will be provisioned for our cluster, we need to provide a name and the region where we would like to create it.
$ az group create --name geacsclusterrg --location westeurope
In the output from the command we should see "ProvisioningState Succeeded" [ and 2 agents(Windows), during the course of the deployment it will also generate an SSH KeyPair (this will be located in [User Profile]\.ssh\) these keys will be used to manage our cluster. Once the command completes it will output a json result and again we should see "provisioningState Succeeded" if the deployment was successful. [
AKS
AKS simplifies managing a kubernetes cluster, the service is currently in preview and during this period there are a number of limitations:
- Manually register the AKS Azure resource provider
- We can also only deploy Linux agents(Windows support is coming).
So to create our cluster we run the following commands, first we need to ensure the the Azure resource provider is registered for the Container Service.
$ az provider register -n Microsoft.ContainerService
[
$ az group create --name geacsclusterrg --location westeurope
[ with a managed head node, during the course of the deployment it will also generate an SSH KeyPair (this will be located in [User Profile]\.ssh\) these keys will be used to manage our cluster. Once the command completes it will output a json result and we should see "provisioningState Succeeded". [
Connecting to our Cluster
The steps to connect to our cluster are very similar to ACS, first we need the kubectl tool. We can download the binary manually using the instructions detailed in the kubernetes docs or we can use the Azure CLI using the following command.
$ az aks install-cli
[
$ az aks get-credentials --resource-group=geacsclusterrg --name=myclustername
$ kubectl get nodes
[
$ az aks browse --resource-group=geacsclusterrg --name=myclustername
[
ACS-Engine
ACS-Engine allows us to define complex container deployments for Azure we describe them as JSON and the tool then converts this JSON to a set of ARM Templates which can be deployed to Azure. I chose to build acs-engine from source and in my case I used the Windows Subsystem for Linux & Ubuntu, but you can also download pre-compiled binaries - for more details see - https://github.com/Azure/acs-engine/blob/master/docs/acsengine.md Before we continue we need to:
- Generate a SSH KeyPair - https://github.com/Azure/acs-engine/blob/master/docs/ssh.md#ssh-key-generation
- Create a Service Principal with read/write permissions on your subscription -https://github.com/Azure/acs-engine/blob/master/docs/ssh.md#ssh-key-generation
Next we can create a cluster definition - The JSON below will create a hybrid Windows/Linux ACS cluster using Kubernetes, replace the values for keyData and ServicePrincipal with the values you created above.
{
"apiVersion": "vlabs",
"properties": {
"orchestratorProfile": {
"orchestratorType": "Kubernetes"
},
"masterProfile": {
"count": 1,
"dnsPrefix": "gemycluster",
"vmSize": "Standard_A2"
},
"agentPoolProfiles": [
{
"name": "windowspool1",
"count": 2,
"vmSize": "Standard_A3",
"availabilityProfile": "AvailabilitySet",
"osType": "Windows"
},
{
"name": "linuxpool1",
"count": 1,
"vmSize": "Standard_A2",
"availabilityProfile": "AvailabilitySet",
"osType": "Linux"
}
],
"windowsProfile": {
"adminUsername": "gareth",
"adminPassword": "MyStringPassword"
},
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
]
}
},
"servicePrincipalProfile": {
"clientId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
}
}
Save the text above as a file called acs-kubernetes.json, we can then convert the JSON to the equivilent ARM Templates using the following command.
$ ./bin/acs-engine generate $HOME/acs-kubernetes.json
[
$ az group create --name geacsclusterrg --location westeurope
Then finally run the deployment script
$ az group deployment create -g geacsclusterrg -n myclusterdeploy \
--template-file azuredeploy.json \
--parameters @azuredeploy.parameters.json
[
Connecting to our Cluster
If you haven't already downloaded the binary you can do so manually using the instructions detailed in the kubernetes docs making sure to match the version used for the cluster. Can also be achieved through the Azure CLI and the --client-version switch. Its best to place the kubectl binary somewhere on your PATH on Windows you may want to place it in location like_ "%ProgramFiles(x86)%\kubernetes\kubectl.exe" and then you_ need to add the "%ProgramFiles(x86)%\kubernetes" folder to your PATH environment variable. To connect to our cluster we also need to download our kubeconfig & test the connection by getting a list of nodes in the cluster we can do this using the following commands. First we need to download the kubeconfig from the newly created master node on linux you can execute the following commands.
$ scp azureuser@gMASTERFQDN:.kube/config .
$ export KUBECONFIG=`pwd`/config
[
$ kubectl get nodes
[
$ kubectl proxy
[
Summary
There you go we have successfully deployed our first kubernetes cluster on Azure! As we saw there are multiple strategies for deploying our container workloads to Azure, its up to you which you choose. Once we successfully completed the steps above we should be looking at the Kubernetes dashboard displayed below. [