Skip to content

Files

Latest commit

f71baa5 · Aug 9, 2021

History

History
167 lines (112 loc) · 9.05 KB

tutorial-kubernetes-deploy-cluster.md

File metadata and controls

167 lines (112 loc) · 9.05 KB
title description services ms.topic ms.date ms.custom
Kubernetes on Azure tutorial - Deploy a cluster
In this Azure Kubernetes Service (AKS) tutorial, you create an AKS cluster and use kubectl to connect to the Kubernetes master node.
container-service
tutorial
05/24/2021
mvc, devx-track-azurecli, devx-track-azurepowershell

Tutorial: Deploy an Azure Kubernetes Service (AKS) cluster

Kubernetes provides a distributed platform for containerized applications. With AKS, you can quickly create a production ready Kubernetes cluster. In this tutorial, part three of seven, a Kubernetes cluster is deployed in AKS. You learn how to:

[!div class="checklist"]

  • Deploy a Kubernetes AKS cluster that can authenticate to an Azure container registry
  • Install the Kubernetes CLI (kubectl)
  • Configure kubectl to connect to your AKS cluster

In later tutorials, the Azure Vote application is deployed to the cluster, scaled, and updated.

Before you begin

In previous tutorials, a container image was created and uploaded to an Azure Container Registry instance. If you haven't done these steps, and would like to follow along, start at Tutorial 1 – Create container images.

This tutorial requires that you're running the Azure CLI version 2.0.53 or later. Run az --version to find the version. If you need to install or upgrade, see Install Azure CLI.

This tutorial requires that you're running Azure PowerShell version 5.9.0 or later. Run Get-InstalledModule -Name Az to find the version. If you need to install or upgrade, see Install Azure PowerShell.


Create a Kubernetes cluster

AKS clusters can use Kubernetes role-based access control (Kubernetes RBAC). These controls let you define access to resources based on roles assigned to users. Permissions are combined if a user is assigned multiple roles, and permissions can be scoped to either a single namespace or across the whole cluster. By default, the Azure CLI automatically enables Kubernetes RBAC when you create an AKS cluster.

Create an AKS cluster using az aks create. The following example creates a cluster named myAKSCluster in the resource group named myResourceGroup. This resource group was created in the previous tutorial in the eastus region. The following example does not specify a region so the AKS cluster is also created in the eastus region. For more information, see Quotas, virtual machine size restrictions, and region availability in Azure Kubernetes Service (AKS) for more information about resource limits and region availability for AKS.

To allow an AKS cluster to interact with other Azure resources, a cluster identity is automatically created, since you did not specify one. Here, this cluster identity is granted the right to pull images from the Azure Container Registry (ACR) instance you created in the previous tutorial. To execute the command successfully, you're required to have an Owner or Azure account administrator role on the Azure subscription.

az aks create \
    --resource-group myResourceGroup \
    --name myAKSCluster \
    --node-count 2 \
    --generate-ssh-keys \
    --attach-acr <acrName>

Create an AKS cluster using New-AzAksCluster. The following example creates a cluster named myAKSCluster in the resource group named myResourceGroup. This resource group was created in the previous tutorial in the eastus region. The following example does not specify a region so the AKS cluster is also created in the eastus region. For more information, see Quotas, virtual machine size restrictions, and region availability in Azure Kubernetes Service (AKS) for more information about resource limits and region availability for AKS.

To allow an AKS cluster to interact with other Azure resources, a cluster identity is automatically created, since you did not specify one. Here, this cluster identity is granted the right to pull images from the Azure Container Registry (ACR) instance you created in the previous tutorial. To execute the command successfully, you're required to have an Owner or Azure account administrator role on the Azure subscription.

New-AzAksCluster -ResourceGroupName myResourceGroup -Name myAKSCluster -NodeCount 2 -GenerateSshKey -AcrNameToAttach <acrName>

To avoid needing an Owner or Azure account administrator role, you can also manually configure a service principal to pull images from ACR. For more information, see ACR authentication with service principals or Authenticate from Kubernetes with a pull secret. Alternatively, you can use a managed identity instead of a service principal for easier management.

After a few minutes, the deployment completes, and returns JSON-formatted information about the AKS deployment.

Note

To ensure your cluster to operate reliably, you should run at least 2 (two) nodes.

Install the Kubernetes CLI

To connect to the Kubernetes cluster from your local computer, you use kubectl, the Kubernetes command-line client.

If you use the Azure Cloud Shell, kubectl is already installed. You can also install it locally using the az aks install-cli command:

az aks install-cli

If you use the Azure Cloud Shell, kubectl is already installed. You can also install it locally using the Install-AzAksKubectl cmdlet:

Install-AzAksKubectl

Connect to cluster using kubectl

To configure kubectl to connect to your Kubernetes cluster, use the az aks get-credentials command. The following example gets credentials for the AKS cluster named myAKSCluster in the myResourceGroup:

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

To configure kubectl to connect to your Kubernetes cluster, use the Import-AzAksCredential cmdlet. The following example gets credentials for the AKS cluster named myAKSCluster in the myResourceGroup:

Import-AzAksCredential -ResourceGroupName myResourceGroup -Name myAKSCluster

To verify the connection to your cluster, run the kubectl get nodes command to return a list of the cluster nodes:

kubectl get nodes

The following example output shows the list of cluster nodes.

$ kubectl get nodes

NAME                                STATUS   ROLES   AGE     VERSION
aks-nodepool1-37463671-vmss000000   Ready    agent   2m37s   v1.18.10
aks-nodepool1-37463671-vmss000001   Ready    agent   2m28s   v1.18.10

Next steps

In this tutorial, a Kubernetes cluster was deployed in AKS, and you configured kubectl to connect to it. You learned how to:

[!div class="checklist"]

  • Deploy a Kubernetes AKS cluster that can authenticate to an Azure container registry
  • Install the Kubernetes CLI (kubectl)
  • Configure kubectl to connect to your AKS cluster

Advance to the next tutorial to learn how to deploy an application to the cluster.

[!div class="nextstepaction"] Deploy application in Kubernetes