Deploying a multi-container application to Azure Kubernetes Services

 

Overview

Azure Kubernetes Service (AKS) is the quickest way to use Kubernetes on Azure. Azure Kubernetes Service (AKS) manages your hosted Kubernetes environment, making it quick and easy to deploy and manage containerized applications without container orchestration expertise. It also eliminates the burden of ongoing operations and maintenance by provisioning, upgrading, and scaling resources on demand, without taking your applications offline. Azure DevOps helps in creating Docker images for faster deployments and reliability using the continuous build option.

One of the biggest advantage to use AKS is that instead of creating resources in cloud you can create resources and infrastructure inside Azure Kubernetes Cluster through Deployments and Services manifest files.

Lab Scenario

This lab uses a Dockerized ASP.NET Core web application - MyHealthClinic (MHC) and is deployed to a Kubernetes cluster running on Azure Kubernetes Service (AKS) using Azure DevOps.

There is a mhc-aks.yaml manifest file which consists of definitions to spin up Deployments and Services such as Load Balancer in the front and Redis Cache in the backend. The MHC application will be running in the mhc-front pod along with the Load Balancer.

The following image will walk you through all the steps explained in this lab

If you are new to Kubernetes, click here for description of terminology used in this lab.

What’s covered in this lab

The following tasks will be performed:

• Create an Azure Container Registry (ACR), AKS and Azure SQL server

• Provision the Azure DevOps Team Project with a .NET Core application using the Azure DevOps Demo Generator tool.

• Configure application and database deployment, using Continuous Deployment (CD) in the Azure DevOps

• Initiate the build to automatically deploy the application

Want additional learning? Check out the Automate multi-container Kubernetes deployments module on Microsoft Learn.

Before you begin

1. Refer the Getting Started page to know the prerequisites for this lab.

2. Click the Azure DevOps Demo Generator link and follow the instructions in Getting Started page to provision the project to your Azure DevOps.

   For this lab the Azure Kubernetes Service template is used which is already selected when you click on the link above. There are some additional extensions required for this lab and can be automatically installed during the process.

   

Setting up the environment

The following azure resources need to be configured for this lab:

Azure resources	Description
Azure Container Registry	Used to store the Docker images privately
AKS	Docker images are deployed to Pods running inside AKS
Azure SQL Server	SQL Server on Azure to host database

1. Launch the Azure Cloud Shell from the Azure portal and choose Bash.

2. Deploy Kubernetes to Azure, using CLI:

   i. Get the latest available Kubernetes version in your preferred region into a bash variable. Replace <region> with the region of your choosing, for example eastus.

     version=$(az aks get-versions -l <region> --query 'orchestrators[-1].orchestratorVersion' -o tsv)
   

   ii. Create a Resource Group

     az group create --name akshandsonlab --location <region>
   

   iii. Create AKS using the latest version available

    az aks create --resource-group akshandsonlab --name <unique-aks-cluster-name> --enable-addons monitoring --kubernetes-version $version --generate-ssh-keys --location <region>

3. Deploy Azure Container Registry(ACR): Run the below command to create your own private container registry using Azure Container Registry (ACR).

    az acr create --resource-group akshandsonlab --name <unique-acr-name> --sku Standard --location <region>

4. Authenticate with Azure Container Registry from Azure Kubernetes Service : When you’re using Azure Container Registry (ACR) with Azure Kubernetes Service (AKS), an authentication mechanism needs to be established. You can set up the AKS to ACR integration in a few simple commands with the Azure CLI. This integration assigns the AcrPull role to the managed identity associated to the AKS Cluster. Replace the variables $AKS_RESOURCE_GROUP, $AKS_CLUSTER_NAME, $ACR_NAME with appropriate values below and run the command.

    az aks update -n $AKS_CLUSTER_NAME -g $AKS_RESOURCE_GROUP --attach-acr $ACR_NAME
   

   For more information see document on how to Authenticate with Azure Container Registry from Azure Kubernetes Service

5. Create Azure SQL server and Database: Create an Azure SQL server.

    az sql server create -l <region> -g akshandsonlab -n <unique-sqlserver-name> -u sqladmin -p P2ssw0rd1234
   

   Create a database

    az sql db create -g akshandsonlab -s <unique-sqlserver-name> -n mhcdb --service-objective S0

6. The following components - Container Registry, Kubernetes Service, SQL Server along with SQL Database are deployed. Access each of these components individually and make a note of the details which will be used in Exercise 1.

   

7. Select the mhcdb SQL database and make a note of the Server name.

   

8. Click on “Set server Firewall” and enable “Allow Azure services …” option.

   

9. Navigate to the resource group, select the created container registry and make a note of the Login server name.

   

Now you have all the required azure components to follow this lab.

Exercise 1: Configure Build pipeline

Make sure that you have created the AKS project in your Azure DevOps organization through Azure DevOps Demo Generator (as mentioned in pre-requisites). We will manually map Azure resources such as AKS and Azure Container Registry to the build and release definitions.

1. Navigate to Pipelines –> Pipelines.

   

2. Select MyHealth.AKS.Build pipeline and click Edit.

   

3. In Run services task, select your Azure subscription from Azure subscription dropdown. Click Authorize.

   

   You will be prompted to authorize this connection with Azure credentials. Disable pop-up blocker in your browser if you see a blank screen after clicking the OK button, and please retry the step.

   This creates an Azure Resource Manager Service Endpoint, which defines and secures a connection to a Microsoft Azure subscription, using Service Principal Authentication (SPA). This endpoint will be used to connect Azure DevOps and Azure.

4. Following the successful authentication, select appropriate values from the dropdown - Azure subscription and Azure Container Registry as shown.

   Repeat this for the Build services, Push services and Lock services tasks in the pipeline.

   

   Tasks	Usage
   Replace tokens	replace ACR in mhc-aks.yaml and database connection string in appsettings.json
   Run services	prepares suitable environment by pulling required image such as aspnetcore-build:1.0-2.0 and restoring packages mentioned in .csproj
   Build services	builds the docker images specified in a docker-compose.yml file and tags images with $(Build.BuildId) and latest
   Push services	pushes the docker image myhealth.web to Azure Container Registry
   Publish Build Artifacts	publishes mhc-aks.yaml & myhealth.dacpac files to artifact drop location in Azure DevOps so that they can be utilized in Release Definition

   applicationsettings.json file contains details of the database connection string used to connect to Azure database which was created in the beginning of this lab.

   mhc-aks.yaml manifest file contains configuration details of deployments, services and pods which will be deployed in Azure Kubernetes Service. The manifest file will look like as below

   

   For more information on the deployment manifest, see AKS Deployments and YAML manifests

5. Click on the Variables tab.

   

   Update ACR and SQLserver values for Pipeline Variables with the details noted earlier while configuring the environment. 

6. Save the changes.

   

Exercise 1.1: Configure Build pipeline (YAML) -Optional

We also have a YAML build pipeline if that’s something you’re interested in. To proceed through the YAML pipeline, choose MyHealth.AKS.Build-YAML and click Edit. If you utilize the YAML pipeline, make sure to update the MyHealth.AKS.Release release definition’s artifact link.

1. Navigate to Pipelines –> Pipelines.

2. Select MyHealth.AKS.Build - YAML pipeline and click Edit.

   

3. In Run Services task, select settings. Select your Azure subscription from Azure subscription dropdown. Click Authorize.

   

   You will be prompted to authorize this connection with Azure credentials. Disable pop-up blocker in your browser if you see a blank screen after clicking the OK button, and please retry the step. This creates an Azure Resource Manager Service Endpoint, which defines and secures a connection to a Microsoft Azure subscription, using Service Principal Authentication (SPA). This endpoint will be used to connect Azure DevOps and Azure.

4. Following the successful authentication, select appropriate values from the dropdown - Azure subscription and Azure Container Registry as shown and click Add.

   

   Repeat this for the Build services, Push services and Lock services tasks in the pipeline.

   

5. Click on the Variables tab.

   

6. Update ACR and SQLserver values for Pipeline Variables with the details noted earlier while configuring the environment.

   

Exercise 2: Configure Release pipeline

1. Navigate to Pipelines | Releases. Select MyHealth.AKS.Release pipeline and click Edit.

   

2. Select Dev stage and click View stage tasks to view the pipeline tasks.

   

3. In the Dev environment, under the DB deployment phase, select Azure Resource Manager from the drop down for Azure Service Connection Type, update the Azure Subscription value from the dropdown for Execute Azure SQL: DacpacTask task.

   

4. In the AKS deployment phase, select Create Deployments & Services in AKS task.

   

   Update the Azure Subscription, Resource Group and Kubernetes cluster from the dropdown. Expand the Secrets section and update the parameters for Azure subscription and Azure container registry from the dropdown.

   Repeat similar steps for Update image in AKS task.

   

   • Create Deployments & Services in AKS will create the deployments and services in AKS as per the configuration specified in mhc-aks.yaml file. The Pod, for the first time will pull up the latest docker image.

   • Update image in AKS will pull up the appropriate image corresponding to the BuildID from the repository specified, and deploys the docker image to the mhc-front pod running in AKS.

   • A secret called mysecretkey is created in AKS cluster through Azure DevOps by using command kubectl create secret in the background. This secret will be used for authorization while pulling myhealth.web image from the Azure Container Registry.

5. Select the Variables section under the release definition, update ACR and SQLserver values for Pipeline Variables with the details noted earlier while configuring the environment. Select the Save button.

   

Exercise 3: Trigger a Build and deploy application

In this exercise, let us trigger a build manually and upon completion, an automatic deployment of the application will be triggered. Our application is designed to be deployed in the pod with the load balancer in the front-end and Redis cache in the back-end.

1. Select MyHealth.AKS.build pipeline. Click on Run pipeline

   

2. Once the build process starts, select the build job to see the build in progress.

   

3. The build will generate and push the docker image to ACR. After the build is completed, you will see the build summary. To view the generated images navigate to the Azure Portal, select the Azure Container Registry and navigate to the Repositories.

   

4. Switch back to the Azure DevOps portal. Select the Releases tab in the Pipelines section and double-click on the latest release. Select In progress link to see the live logs and release summary.

   

   

5. Once the release is complete, launch the Azure Cloud Shell and run the below commands to see the pods running in AKS:

   1. Type az aks get-credentials --resource-group yourResourceGroup --name yourAKSname in the command prompt to get the access credentials for the Kubernetes cluster. Replace the variables yourResourceGroup and yourAKSname with the actual values.

      

   2. kubectl get pods

      

      The deployed web application is running in the displayed pods.

6. To access the application, run the below command. If you see that External-IP is pending, wait for sometime until an IP is assigned.

   kubectl get service mhc-front --watch

   

7. Copy the External-IP and paste it in the browser and press the Enter button to launch the application.

   

Kubernetes resource view in the Azure portal (preview)

The Azure portal includes a Kubernetes resource viewer (preview) for easy access to the Kubernetes resources in your Azure Kubernetes Service (AKS) cluster. Viewing Kubernetes resources from the Azure portal reduces context switching between the Azure portal and the kubectl command-line tool, streamlining the experience for viewing and editing your Kubernetes resources. The resource viewer currently includes multiple resource types, such as deployments, pods, and replica sets.

The Kubernetes resource view from the Azure portal replaces the AKS dashboard add-on, which is set for deprecation.

More information found at: https://docs.microsoft.com/en-us/azure/aks/kubernetes-portal

Summary

Azure Kubernetes Service (AKS) reduces the complexity and operational overhead of managing a Kubernetes cluster by offloading much of that responsibility to the Azure. With Azure DevOps and Azure Container Services (AKS), we can build DevOps for dockerized applications by leveraging docker capabilities enabled on Azure DevOps Hosted Agents.

Azure Functions

 

reate your first serverless app

1. Select the button to create a new project in the Azure Functions explorer

   

2. Select a new, empty folder to contain your project

3. Select your desired programming language

4. Select "HTTP trigger" for your project's first function

5. Use "HttpTrigger1" as the function name

6. Select "Anonymous" for the authorization level, which enables anyone to call your function endpoint without a key.

   To learn more about authorization levels, see here.

7. If the selected folder is not already open, select "Open in current window" to open it

Run the serverless app locally

This extension integrates with the Azure Functions Core Tools to let you run your project locally before publishing to Azure.

1. To start your project, press F5 or the "play" button

   

2. If you do not have the Azure Functions Core Tools installed, you will be automatically prompted to install. Follow the specified instructions, or skip to the "Deploy" step if you would rather deploy without running locally.

   TIP: The "Terminal" panel should pop up automatically and you know your project is running if you see output

3. Expand your local project in the Azure Functions explorer to copy your function's url

   

4. Navigate to a browser, paste the url, and append ?name=world

   TIP: Your url should look like this: http://localhost:7071/api/HttpTrigger1?name=world

5. A response of "Hello world" is returned in the browser and you know your function worked!

6. Select the "Detach" button to stop your project from running locally

   

Deploy to Azure

1. Sign in to your Azure Account by clicking "Sign in to Azure..." in the Azure Functions explorer

   If you don't already have an Azure Account, click "Create a Free Azure Account"

2. Select the 'plus' button to open the "Create Resource" menu

   

3. Choose "Create Function App in Azure..."

   

4. Enter a globally unique name for your Function App

5. If multiple versions of your language's runtime are supported (i.e. Node.js 10 and Node.js 12), select your desired version (the latest is recommended)

6. Select a location

7. Wait for your Function App to be created. Progress will be shown in the Activity Log panel

   

8. Once your Function App has been created, reveal the resource in the Resources view.

   

9. Right click your Function App and select "Deploy to Function App"

   

10. Once deployment is complete, expand your subscription in the Azure Functions explorer to copy your deployed function's url

    

11. Navigate to a browser, paste the url, and append ?name=world

    TIP: Your url should look like this: https://<function app name>.azurewebsites.net/api/HttpTrigger1?name=world

12. A response of "Hello world" is returned in the browser and you know your function worked!

Azure Functions

Azure Functions 

Azure Functions is the popular serverless compute platform on Microsoft Azure, supporting rapid integration with the Microsoft suite of products. Azure Functions is an event-driven serverless compute platform which enables complex orchestration difficulties to be solved easily. Using Triggers and Bindings, services can be integrated. Applications can be deployed and scaled flawlessly in the cloud with Azure functions. Depending on the workload volume, the infrastructure scales automatically. Building, debugging, deploying, and monitoring are all possible with ease with the built-in DevOps capabilities supported by the Azure Functions. It supports multiple programming languages from C#, Python, Java, or Node.js. With the use of Azure Functions, it can drastically minimize the time to solve problems compared to traditional approaches thus saving the time of developers and duration to provide service to the clients. Learn more about Azure Serverless from the previous article, Azure Serverless. The Azure Function allows us irrespective of the setup of virtual machines or publishing of the web applications to run our code in the serverless environment.  

Azure Function App 

In order to host the execution of the functions, Azure Function App is integral. The function app allows grouping of the functions for convenience in deployment, management, resource sharing, and scaling as one logical unit. Let us learn to create the function app in Azure through the step-by-step tutorial.  

Step 1 

First of all, visit the Azure Portal and click on Create a resource.  

Step 2 

Now, on the search bar in the marketplace, find Function App.  

Click on Function App.  

Step 3 

Under the Function App plan, click on Create.  

Step 4 

Now, we are taken to the page to fill the details to create the function app.  

Select the appropriate subscription and choose your resource group. If you don’t have one, create a new one.  

Step 5 

Fill in the instance details: the function app name, the method of publishing, runtime stack, version, and region. I’ve selected Code for publishing and .NET as runtime. The region is the location where you want to setup this service. It is better to select one near to the expected location of your users.  

Under the Operating System, I’ve selected Windows and Consumption (serverless) for the plan type.  

Step 6 

Now, under Monitoring, select yes for enabling the Application insights.  

Once done, click on Review + Create.  

Step 7 

Next, Click on Create.  

The deployment process is initialized.  

Step 8 

As the deployment process proceeds, we can see the services and templates being created.  

As the deployment is complete, we are provided with the “Go to resource” button to access the service we created.  

Step 9 

We can see the details of the Azure Function app we created here. The URL is also showcased to explore.  

The Metrics are all visualized for Memory, Function Execution Count and the time duration of the execution unit.  

Creating the Trigger Function 

Step 10 

Now, Under Functions in the left menu, click on Functions.  

Now, click on Create Button.  

Step 11 

Here, we are provided with the Development Environment through the Portal itself.  

Also, we are given the choice of the template we want to use with the options of HTTP Trigger, Azure Queue Storage Trigger, Azure Event Hub Trigger and more. Aside is described in detail about the function.  

Step 12 

We’ll select the HTTP Tigger.  

Now, we name our New Function and set the Authorization level to Function.  

Once, all is set, Click on Create.  

Step 13 

The notification is updated about the creation of the function HttpTriggerEx1.  

As we visit the details page of our function, we can see visualizations in detail. We can see the status is Enabled i.e. It's currently running.  

Function Testing

Step 14 

Now, under the Developer menu, select Code + Test.  

Here, we have the HTTP Trigger code where we have an output message once the function is executed successfully.  

Click on Get Function URL.  

Set the Key to Default and copy the URL.  

Step 15 

Now, on your browser, paste the URL.  

We can see the HTTP trigger success message that the HTTP Triggered function has been successfully executed.  

 

We can also see the logs about the execution with more details such as the time duration and on-going request processing.  

Thus, in this way, we can create Trigger functions using the Azure Function App which can be used for various applications for different needs ranging from HTTP Trigger to Azure Event Hub, Azure Service Bus, Azure Storage, and more.