Scott Hanselman

Setting up a managed container cluster with AKS and Kubernetes in the Azure Cloud running .NET Core in minutes

December 14, 2017 Comment on this post [11] Posted in Azure
Sponsored By

After building a Raspberry Pi Kubernetes Cluster, I wanted to see how quickly I could get up to speed on Kubernetes in Azure.

  • I installed the Azure CLI (Command Line Interface) in a few minutes - works on Windows, Mac or Linux.
    • I also remembered that I don't really need to install anything locally. I could just use the Azure Cloud Shell directly from within VS Code. I'd get a bash shell, Azure CLI, and automatically logged in without doing anything manual.
    • Anyway, while needlessly installing the Azure CLI locally, I read up on the Azure Container Service (AKS) here. There's walkthrough for creating an AKS Cluster here. You can actually run through the whole tutorial in the browser with an in-browser shell.
  • After logging in with "az login" I made a new resource group to hold everything with "az group create -l centralus -n aks-hanselman." It's in the centralus and it's named aks-hanselman.
  • Then I created a managed container service like this:
    C:\Users\scott\Source>az aks create -g aks-hanselman -n hanselkube --generate-ssh-keys
    / Running ...
  • This runs for a few minutes while creating, then when it's done, I can get ahold of the credentials I need with
    C:\Users\scott\Source>az aks get-credentials --resource-group aks-hanselman --name hanselkube
    Merged "hanselkube" as current context in C:\Users\scott\.kube\config
  • I can install Kubenetes CLI "kubectl" easily with "az aks install-cli"
    Then list out the nodes that are ready to go!
    C:\Users\scott\Source>kubectl get nodes
    NAME                       STATUS    ROLES     AGE       VERSION
    aks-nodepool1-13823488-0   Ready     agent     1m        v1.7.7
    aks-nodepool1-13823488-1   Ready     agent     1m        v1.7.7
    aks-nodepool1-13823488-2   Ready     agent     1m        v1.7.7

A year ago, Glenn Condron and I made a silly web app while recording a Microsoft Virtual Academy. We use it for demos and to show how even old (now over a year) containers can still be easily and reliably deployed. It's up at https://hub.docker.com/r/glennc/fancypants/.

I'll deploy it to my new Kubernetes Cluster up in Azure by making this yaml file:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: fancypants
spec:
replicas: 1
template:
metadata:
labels:
app: fancypants
spec:
containers:
- name: fancypants
image: glennc/fancypants:latest
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: fancypants
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: fancypants

I saved it as fancypants.yml, then run kubectl create -f fancypants.yml.

I can run kubectl proxy and then hit http://localhost:8001/api/v1/namespaces/kube-system/services/http:kubernetes-dashboard:/proxy/#!/overview?namespace=default to look at the Kubernetes Dashboard, proxyed locally, but all running in Azure.

image

When fancypants is created and deployed, then I can find out its external IP with:

C:\Users\scott\Sources>kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
fancypants LoadBalancer 10.0.116.145 52.165.232.77 80:31040/TCP 7m
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 18m

There's my IP, I hit it and boom, I've got fancypants in the managed cloud. I only have to pay for the VMs I'm using, and not for the VM that manages Kubernetes. That means the "kube-system" namespace is free, I pay for other namespaces like my "default" one.

image

Best part? When I'm done, I can just delete the resource group and take it all away. Per minute billing.

C:\Users\scott\Sources>az group delete -n aks-hanselman --yes

Super fun and just took about 30 min to install, read about, try it out, write this blog post, then delete. Try it yourself!


Sponsor: Check out JetBrains Rider: a new cross-platform .NET IDE. Edit, refactor, test and debug ASP.NET, .NET Framework, .NET Core, Xamarin or Unity applications. Learn more and download a 30-day trial!

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Hosting By
Hosted in an Azure App Service
December 14, 2017 14:35
Pro tip: if you use
kubectl apply -f fancypants.yaml
instead of create, Kubernetes maintains a "desired state" configuration for the service, and you can update the things by changing the yaml file and running apply again.

Read more about Imperative (create) vs Declarative (apply) object management here: Kubernetes Object Management
December 14, 2017 19:42
Almost a timely post. I just did the same last night. BUT, there are some bugs in the Windows version of az that prevent this from working. Specifically 'az aks get-credentials' fails but there is a thread on GitHub with some work-arounds. It does work under WSL, though.

I was also able to get this integrated into VSTS build and Release, although the instructions for that are a little weak. But it looks like I can edit the docs.

Finally, this article might help me to get DNS names setup for the application, which is my next step. I am trying to understand just what Helm and Draft are and why I should use them.
December 14, 2017 20:16
Rob - that was fixed in 2.0.21 a month ago. I did all this today under windows.
December 14, 2017 23:29
Am I right in assuming these are linux nodes?
Is it possible to add windows nodes to create a hybrid cluster?
December 14, 2017 23:34
Pretty slick cluster creation, wish it would let you create clusters with win server 2016 this way.
December 15, 2017 1:14
Also very interested in seeing windows servers in AKS (and ACI!). I know this is a big request but running windows containers at even medium scale and density is too hard right now.
December 15, 2017 2:15
@Allen windows containers are available in ACI already.
December 15, 2017 13:32
I've been playing with this for a week and had a great time setting up both IdentityServer4 and an Nginx reverse proxy (both docker containers), SSL (LetsEncrypt with kube-lego) and Azure DNS zone added too. "kubectl -f logs" on the container for streaming the aspnet core console logging really helps diagnose issues.

Here's hoping AKS GA comes to Australia soon. Would love to take advantage of Helm and Draft for that inner loop experience.
December 15, 2017 18:16
Hi Scott,

I've received a BAD REQUEST for the following missing registrations during the az aks create command:

  • Microsoft.Network
  • Microsoft.Compute
  • Microsoft.Storage


  • To install them, I ran the following commands:

    az provider register -n Microsoft.Network
    az provider register -n Microsoft.Compute
    az provider register -n Microsoft.Storage


    It went fine after that.
    Thanks!
    December 23, 2017 18:22
    Nice post Scott. I am running a series of posts to demonstrate the capabilities of Azure and Azure Container Service using Docker Swarm as Orchestrator and VSTS https://www.handsonarchitect.com/2017/12/continuous-deployment-of-multi.html

    Provisioning resources in cloud using Azure portal or Azure CLI is quick and makes our lives easy to quickly prototype things. VSTS is making it even easier to go full DevOps ways with integrated solution for ALM as well as CI CD pipelines.
    December 23, 2017 18:22
    Nice post Scott. I am running a series of posts to demonstrate the capabilities of Azure and Azure Container Service using Docker Swarm as Orchestrator and VSTS https://www.handsonarchitect.com/2017/12/continuous-deployment-of-multi.html

    Provisioning resources in cloud using Azure portal or Azure CLI is quick and makes our lives easy to quickly prototype things. VSTS is making it even easier to go full DevOps ways with integrated solution for ALM as well as CI CD pipelines.

    Comments are closed.

    Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.