Scott Hanselman

Setting up a managed container cluster with AKS and Kubernetes in the Azure Cloud running .NET Core in minutes

December 14, '17 Comments [11] Posted in Azure
Sponsored By

After building a Raspberry Pi Kubernetes Cluster, I wanted to see how quickly I could get up to speed on Kubernetes in Azure.

  • I installed the Azure CLI (Command Line Interface) in a few minutes - works on Windows, Mac or Linux.
    • I also remembered that I don't really need to install anything locally. I could just use the Azure Cloud Shell directly from within VS Code. I'd get a bash shell, Azure CLI, and automatically logged in without doing anything manual.
    • Anyway, while needlessly installing the Azure CLI locally, I read up on the Azure Container Service (AKS) here. There's walkthrough for creating an AKS Cluster here. You can actually run through the whole tutorial in the browser with an in-browser shell.
  • After logging in with "az login" I made a new resource group to hold everything with "az group create -l centralus -n aks-hanselman." It's in the centralus and it's named aks-hanselman.
  • Then I created a managed container service like this:
    C:\Users\scott\Source>az aks create -g aks-hanselman -n hanselkube --generate-ssh-keys
    / Running ...
  • This runs for a few minutes while creating, then when it's done, I can get ahold of the credentials I need with
    C:\Users\scott\Source>az aks get-credentials --resource-group aks-hanselman --name hanselkube
    Merged "hanselkube" as current context in C:\Users\scott\.kube\config
  • I can install Kubenetes CLI "kubectl" easily with "az aks install-cli"
    Then list out the nodes that are ready to go!
    C:\Users\scott\Source>kubectl get nodes
    NAME                       STATUS    ROLES     AGE       VERSION
    aks-nodepool1-13823488-0   Ready     agent     1m        v1.7.7
    aks-nodepool1-13823488-1   Ready     agent     1m        v1.7.7
    aks-nodepool1-13823488-2   Ready     agent     1m        v1.7.7

A year ago, Glenn Condron and I made a silly web app while recording a Microsoft Virtual Academy. We use it for demos and to show how even old (now over a year) containers can still be easily and reliably deployed. It's up at https://hub.docker.com/r/glennc/fancypants/.

I'll deploy it to my new Kubernetes Cluster up in Azure by making this yaml file:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: fancypants
spec:
replicas: 1
template:
metadata:
labels:
app: fancypants
spec:
containers:
- name: fancypants
image: glennc/fancypants:latest
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: fancypants
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: fancypants

I saved it as fancypants.yml, then run kubectl create -f fancypants.yml.

I can run kubectl proxy and then hit http://localhost:8001/api/v1/namespaces/kube-system/services/http:kubernetes-dashboard:/proxy/#!/overview?namespace=default to look at the Kubernetes Dashboard, proxyed locally, but all running in Azure.

image

When fancypants is created and deployed, then I can find out its external IP with:

C:\Users\scott\Sources>kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
fancypants LoadBalancer 10.0.116.145 52.165.232.77 80:31040/TCP 7m
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 18m

There's my IP, I hit it and boom, I've got fancypants in the managed cloud. I only have to pay for the VMs I'm using, and not for the VM that manages Kubernetes. That means the "kube-system" namespace is free, I pay for other namespaces like my "default" one.

image

Best part? When I'm done, I can just delete the resource group and take it all away. Per minute billing.

C:\Users\scott\Sources>az group delete -n aks-hanselman --yes

Super fun and just took about 30 min to install, read about, try it out, write this blog post, then delete. Try it yourself!


Sponsor: Check out JetBrains Rider: a new cross-platform .NET IDE. Edit, refactor, test and debug ASP.NET, .NET Framework, .NET Core, Xamarin or Unity applications. Learn more and download a 30-day trial!

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb
Thursday, 14 December 2017 10:35:51 UTC
Pro tip: if you use
kubectl apply -f fancypants.yaml
instead of create, Kubernetes maintains a "desired state" configuration for the service, and you can update the things by changing the yaml file and running apply again.

Read more about Imperative (create) vs Declarative (apply) object management here: Kubernetes Object Management
Thursday, 14 December 2017 15:42:01 UTC
Almost a timely post. I just did the same last night. BUT, there are some bugs in the Windows version of az that prevent this from working. Specifically 'az aks get-credentials' fails but there is a thread on GitHub with some work-arounds. It does work under WSL, though.

I was also able to get this integrated into VSTS build and Release, although the instructions for that are a little weak. But it looks like I can edit the docs.

Finally, this article might help me to get DNS names setup for the application, which is my next step. I am trying to understand just what Helm and Draft are and why I should use them.
Rob Cannon
Thursday, 14 December 2017 16:16:00 UTC
Rob - that was fixed in 2.0.21 a month ago. I did all this today under windows.
Scott Hanselman
Thursday, 14 December 2017 19:29:04 UTC
Am I right in assuming these are linux nodes?
Is it possible to add windows nodes to create a hybrid cluster?
Andy Pook
Thursday, 14 December 2017 19:34:22 UTC
Pretty slick cluster creation, wish it would let you create clusters with win server 2016 this way.
Jack
Thursday, 14 December 2017 21:14:47 UTC
Also very interested in seeing windows servers in AKS (and ACI!). I know this is a big request but running windows containers at even medium scale and density is too hard right now.
Allen
Thursday, 14 December 2017 22:15:25 UTC
@Allen windows containers are available in ACI already.
Jack
Friday, 15 December 2017 09:32:45 UTC
I've been playing with this for a week and had a great time setting up both IdentityServer4 and an Nginx reverse proxy (both docker containers), SSL (LetsEncrypt with kube-lego) and Azure DNS zone added too. "kubectl -f logs" on the container for streaming the aspnet core console logging really helps diagnose issues.

Here's hoping AKS GA comes to Australia soon. Would love to take advantage of Helm and Draft for that inner loop experience.
Mark
Friday, 15 December 2017 14:16:31 UTC
Hi Scott,

I've received a BAD REQUEST for the following missing registrations during the az aks create command:

  • Microsoft.Network
  • Microsoft.Compute
  • Microsoft.Storage


  • To install them, I ran the following commands:

    az provider register -n Microsoft.Network
    az provider register -n Microsoft.Compute
    az provider register -n Microsoft.Storage


    It went fine after that.
    Thanks!
    Saturday, 23 December 2017 14:22:35 UTC
    Nice post Scott. I am running a series of posts to demonstrate the capabilities of Azure and Azure Container Service using Docker Swarm as Orchestrator and VSTS https://www.handsonarchitect.com/2017/12/continuous-deployment-of-multi.html

    Provisioning resources in cloud using Azure portal or Azure CLI is quick and makes our lives easy to quickly prototype things. VSTS is making it even easier to go full DevOps ways with integrated solution for ALM as well as CI CD pipelines.
    Saturday, 23 December 2017 14:22:38 UTC
    Nice post Scott. I am running a series of posts to demonstrate the capabilities of Azure and Azure Container Service using Docker Swarm as Orchestrator and VSTS https://www.handsonarchitect.com/2017/12/continuous-deployment-of-multi.html

    Provisioning resources in cloud using Azure portal or Azure CLI is quick and makes our lives easy to quickly prototype things. VSTS is making it even easier to go full DevOps ways with integrated solution for ALM as well as CI CD pipelines.
    Comments are closed.

    Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.