ZiGMaX IT Blog

Catégorie : Azure (Page 84 of 112)

Déployer une application dans AKS

3 février 2018 / / 0 Comments

Salut!

Après vu ensemble comment déployer un cluster AKS, nous allons voir ensemble dans cet article comment déployer une application à l’intérieur de celui-ci. Nous utiliserons la registry que nous avons pu créer dans un précédent article.

maxime@Azure:~$ az acr list --resource-group k8smaxdemo --query "[].{acrLoginServer:loginServer}" --output table
AcrLoginServer
------------------------
k8smaxdemoacr.azurecr.io
vi aks_to_acr.sh

#!/bin/bash

# Grant AKS access to ACR

AKS_RESOURCE_GROUP=k8smaxdemo
AKS_CLUSTER_NAME=myK8sCluster
ACR_RESOURCE_GROUP=k8smaxdemo
ACR_NAME=k8smaxdemoacr

# Get the id of the service principal configured for AKS
CLIENT_ID=$(az aks show --resource-group $AKS_RESOURCE_GROUP --name $AKS_CLUSTER_NAME --query "servicePrincipalProfile.clientId" --output tsv)

# Get the ACR registry resource id
ACR_ID=$(az acr show --name $ACR_NAME --resource-group $ACR_RESOURCE_GROUP --query "id" --output tsv)

# Create role assignment
az role assignment create --assignee $CLIENT_ID --role Reader --scope $ACR_ID
maxime@Azure:~$ ./aks_to_acr.sh
{
 "id": "/subscriptions/7db5e03c-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/k8smaxdemo/providers/Microsoft.ContainerRegistry/registries/k8smaxdemoacr/providers/Microsoft.Authorization/roleAssignments/85f55dfb-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
 "name": "85f55dfb-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
 "properties": {
 "additionalProperties": {
 "createdBy": null,
 "createdOn": "2018-02-03T19:54:33.0900849Z",
 "updatedBy": "56dfc2de-7c4d-4b8a-bf7b-d63cdeae5907",
 "updatedOn": "2018-02-03T19:54:33.0900849Z"
 },
 "principalId": "f6700ac3-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
 "roleDefinitionId": "/subscriptions/7db5e03c-xxxx-xxxx-xxxx-xxxxxxxxxxxx/providers/Microsoft.Authorization/roleDefinitions/acdd
72a7-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
 "scope": "/subscriptions/7db5e03c-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/k8smaxdemo/providers/Microsoft.ContainerRegistry/r
egistries/k8smaxdemoacr"
 },
 "resourceGroup": "k8smaxdemo",
 "type": "Microsoft.Authorization/roleAssignments"
}
vi aks_secrets.sh

#!/bin/bash

# Access with Kubernetes Secrets

ACR_NAME=k8smaxdemoacr
SERVICE_PRINCIPAL_NAME=acr-service-principal

# Populate the ACR login server and resource id. 
ACR_LOGIN_SERVER=$(az acr show --name $ACR_NAME --query loginServer --output tsv)
ACR_REGISTRY_ID=$(az acr show --name $ACR_NAME --query id --output tsv)

# Create a contributor role assignment with a scope of the ACR resource. 
SP_PASSWD=$(az ad sp create-for-rbac --name $SERVICE_PRINCIPAL_NAME --role Reader --scopes $ACR_REGISTRY_ID --query password --output tsv)

# Get the service principle client id.
CLIENT_ID=$(az ad sp show --id http://$SERVICE_PRINCIPAL_NAME --query appId --output tsv)

# Output used when creating Kubernetes secret.
echo "Service principal ID: $CLIENT_ID"
echo "Service principal password: $SP_PASSWD"
maxime@Azure:~$ ./aks_secrets.sh
Retrying role assignment creation: 1/36
Service principal ID: 7fb4393b-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Service principal password: 8axxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
maxime@Azure:~$ kubectl create secret docker-registry acr-auth --docker-server k8smaxdemoacr.azurecr.io --docker-username 7fb4393b-
xxxx-xxxx-xxxx-xxxxxxxxxxxx --docker-password 8axxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx --docker-email max.coquerel@live.fr
secret "acr-auth" created
vi azure-vote-all-in-one-redis.yaml

apiVersion: apps/v1beta1
kind: Deployment
metadata:
 name: azure-vote-back
spec:
 replicas: 1
 template:
 metadata:
 labels:
 app: azure-vote-back
 spec:
 containers:
 - name: azure-vote-back
 image: redis
 ports:
 - containerPort: 6379
 name: redis
---
apiVersion: v1
kind: Service
metadata:
 name: azure-vote-back
spec:
 ports:
 - port: 6379
 selector:
 app: azure-vote-back
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
 name: azure-vote-front
spec:
 replicas: 1
 template:
 metadata:
 labels:
 app: azure-vote-front
 spec:
 containers:
 - name: azure-vote-front
 image: k8smaxdemoacr.azurecr.io/microsoft/azure-vote-front:redis-v1
 ports:
 - containerPort: 80
 env:
 - name: REDIS
 value: "azure-vote-back"
 imagePullSecrets:
 - name: acr-auth
---
apiVersion: v1
kind: Service
metadata:
 name: azure-vote-front
spec:
 type: LoadBalancer
 ports:
 - port: 80
 selector:
 app: azure-vote-front
maxime@Azure:~$ kubectl create -f azure-vote-all-in-one-redis.yaml
deployment "azure-vote-back" created
service "azure-vote-back" created
deployment "azure-vote-front" created
service "azure-vote-front" created
maxime@Azure:~$ kubectl get service azure-vote-front --watch
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
azure-vote-front LoadBalancer 10.0.85.75 <pending> 80:30785/TCP 32s
azure-vote-front LoadBalancer 10.0.85.75 52.226.17.113 80:30785/TCP 2m

AKS – Pulling Containers depuis Azure Container Registry (ACR)

3 février 2018 / / 0 Comments

Hello,

Nous allons voir ensemble dans cet article comment créer une Azure Container Registry (ACR) puis comment puller une image vers cette registry.

maxime@Azure:~$ az acr create --name k8smaxdemoacr --resource-group k8smaxdemo --sku Basic
{
 "adminUserEnabled": false,
 "creationDate": "2018-02-03T16:11:49.362128+00:00",
 "id": "/subscriptions/7db5e03c-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/k8smaxdemo/providers/Microsoft.ContainerRegistry/regist
ries/k8smaxdemoacr",
 "location": "eastus",
 "loginServer": "k8smaxdemoacr.azurecr.io",
 "name": "k8smaxdemoacr",
 "provisioningState": "Succeeded",
 "resourceGroup": "k8smaxdemo",
 "sku": {
 "name": "Basic",
 "tier": "Basic"
 },
 "status": null,
 "storageAccount": null,
 "tags": {},
 "type": "Microsoft.ContainerRegistry/registries"
}

docker pull microsoft/azure-vote-front:redis-v1
docker tag microsoft/azure-vote-front:redis-v1 k8smaxdemoacr.azurecr.io/microsoft/azure-vote-front:redis-v1
docker login k8smaxdemoacr.azurecr.io --username k8smaxdemoacr --password PASSWORD
docker push k8smaxdemoacr.azurecr.io/microsoft/azure-vote-front:redis-v1

Rajouter des nodes dans AKS

3 février 2018 / / 0 Comments

Salut!

Vous venez de déployer votre cluster AKS, après quelques jours vous vous apercevez qu’il vous manque des nodes. Nous allons voir ensemble comment en rajouter de manière dynamique.

Dans l’exemple ci-dessous nous partons d’un cluster qui n’a qu’un seul et unique node et nous allons lui rajouter deux autres nodes :

maxime@Azure:~$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
aks-nodepool1-23772193-0 Ready agent 47m v1.8.7
maxime@Azure:~$ az aks scale --resource-group=k8smaxdemo --name=myK8SCluster --node-count 3
{
 "agentPoolProfiles": [
 {
 "count": 3,
 "dnsPrefix": null,
 "fqdn": null,
 "name": "nodepool1",
 "osDiskSizeGb": null,
 "osType": "Linux",
 "ports": null,
 "storageProfile": "ManagedDisks",
 "vmSize": "Standard_D1_v2",
 "vnetSubnetId": null
 }
 ],
 "dnsPrefix": "myK8sClust-k8smaxdemo-7db5e0",
 "fqdn": "myk8sclust-k8smaxdemo-7db5e0-0d1c495b.hcp.eastus.azmk8s.io",
 "id": "/subscriptions/7db5e03c-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/k8smaxdemo/providers/Microsoft.ContainerService/managed
Clusters/myK8sCluster",
 "kubernetesVersion": "1.8.7",
 "linuxProfile": {
 "adminUsername": "azureuser",
 "ssh": {
 "publicKeys": [
 {
 "keyData": "ssh-rsa AAAABxxxxxxxxxxxxxxxxxxxxxx"
 }
 ]
 }
 },
 "location": "eastus",
 "name": "myK8sCluster",
 "provisioningState": "Succeeded",
 "resourceGroup": "k8smaxdemo",
 "servicePrincipalProfile": {
 "clientId": "e6ef7a6f-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
 "keyVaultSecretRef": null,
 "secret": null
 },
 "tags": null,
 "type": "Microsoft.ContainerService/ManagedClusters"
}

 

« Older posts Newer posts »

© 2025 ZiGMaX IT Blog

Theme by Anders NorenUp ↑