04. How to deploy your Windows Containers based apps into Kubernetes in Azure Container Service (Including CI CD)
Applications based on Windows Containers will soon need to use platforms going further from IaaS VMs in order to easily achieve a better automated scalability, high scalability and significant improvement in automated deployments and versioning. You can achieve those goals with the orchestrator Kubernetes, available in Azure Container Services.
This post describes how to deploy eShopModernizedMVC to Kubernetes but deploying the eShopModernizedWebForms should be pretty similar, so you can use almost the same procedure but using different deployment .yml files.
Deploying to Kubernetes (K8s), from scratch, is a 2-step process:
- Deploy a K8s cluster in Azure Container Service (Azure) or any other environment.
- Deploy the application and related resources into the K8s cluster
However, before trying this scenario deploying to an orchestrator, it is recommended that you:
- Familiarize yourself with the previous sections about containerizing existing .NET Framework apps.
- You’ve been testing the sample applications (eShopModernizedMVC and/or eShopModernizedWebForms) and running them on a local Docker for Windows dev machine.
- Azure Subscription
- Azure CLI installed on dev machine (explained below)
- Kubectl (Kubernetes CLI) installed on dev machine and in PATH
- Access to eShopModernizedMVC image at Docker Hub (or any other Docker Registry)
Clone the Repo code into your hard drive.
Open a PowerShell with Admin privileges and run:
cd C:\Your-Path-to-eShopModernizing\Kubernetes\eShopModernizedMVC-K8s\ServiceDeployments
-
Run Azure CLI: In order to run the Azure CLI locally, (you need Azure CLI version 2.0.4 or later) you need to install it if you don't have it. Follow this procedure: Install Azure CLI 2.0
Then, check the version:
az --version -
Login to Azure with:
az login -
If you have multiple Azure subscriptions, select the one you whish to work with:
az account set --subscription [my-azure-subscription-guid] -
Check your default subscription with:
az account show
In order to deploy Windows Containers we need a Kubernetes cluster with Windows nodes instead of Linux. However, the Master node will be a Linux node.
Yo can find additional generic info on Kubernetes deployment into ACS in this post: https://docs.microsoft.com/en-us/azure/container-service/kubernetes/container-service-kubernetes-windows-walkthrough
-
Create an Azure Resource Group to hold everything related to the Kubernetes cluster and delete everything in a single step whenever you need to. Of course, you can choose your own name for the Resource Group:
az group create --name eShopK8sWinResGrp --location westus -
Create the Kubernetes cluster (you should use your own cluster name, user name and password):
az acs create --orchestrator-type=kubernetes --resource-group eShopK8sWinResGrp --name=eShopK8sWinCluster --agent-count=2 --generate-ssh-keys --windows --admin-username youruser --admin-password your@passwordIf re-using already an created ssh key pair, you can add a pointer to the public key, something like the following:
--ssh-key-value ~/.ssh/eshop_rsa.pub -
Install kubectl if you don't have it installed in your PC To connect to the Kubernetes cluster from your client computer, use kubectl, the Kubernetes command-line client.
If you're using Azure CloudShell, kubectl is already installed.
If you want to install it locally, you can use the az acs kubernetes install-cli command. The following Azure CLI example installs kubectl to your system. On Windows, run this command as an administrator:
az acs kubernetes install-cliDon't forget to add the "C:\Program Files (x86)" folder path to your system environment PATH variable.
-
Connect to the Kubernetes cluster and set the ssh key files to your local PC
az acs kubernetes get-credentials --resource-group=eShopK8sWinResGrp --name=eShopK8sWinClusterAgain, if re-using an already created ssh key pair, you can add a pointer to the private key, like the following:
--ssh-key-file C:\Users\CESARDL\.ssh\eshop_rsa -
Check the connection with kubectl connecting to the cluster by retrieving nodes list:
kubectl get nodes
-
Open the Kubernetes Dashboard to check what’s going on in the cluster using a browser.
- Open another PowerShell and run this command:
kubectl proxy
- Now, open a browser and type the following to Connect to Kubernetes Dashboard:
http://localhost:8001/ui
Leave it open so that you can check there, changes applied later.
In order to have a flexible deployment, instead of deploying the SQL container along with the applications, we have created separated deployment .yml files. This is a better option since the SQL container is heavier, a standard image and you don't need to re-deploy as often as the apps containers.
-
In case you are positioned in a different place, make sure you move, in PowerShell, to your deployment file path:
cd C:\Your-Path-to-eShopModernizing\Kubernetes\eShopModernizedSQL-K8s -
Run in PowerShell the kubectl to deploy the SQL Server container
kubectl create -f eshop-modernized-sql-k8s-services-deployment.yml
-
In case you are positioned in a different place, make sure you move, in PowerShell, to your deployment file path:
cd C:\Your-Path-to-eShopModernizing\Kubernetes\eShopModernizedMVC-K8s\ServiceDeployments -
Use or create a similar deployment file than this: eshop-modernized-mvc-k8s-services-deployment.yml
-
Run in PowerShell within the path
C:\Your-Path-to-eShopModernizing\Kubernetes\eShopModernizedMVC-K8s\ServiceDeploymentskubectl create -f eshop-modernized-mvc-k8s-services-deployment.yml
-
Check it out from Kubectl CLI:
kubectl get pods
kubectl get svc
You'll need to wait until you have an IP assigned. Check again until you see the IP with:
kubectl get svc
-
Run eShopModernizedMVC from Kubernetes! IMPORTANT: The first time you might need to wait a few minutes until the SQL Server Docker image is pulled.
You can check how the deployment is going by taking a look to the Kubernetes dashboard, like in the following screenshot where you can see how the containers are still being deployed (You need to set the
kubectl proxyfirst):
You can also check the state of the deployment by typing
kubectl get serviceswhere you'll see the EXTERNAL IP to use and ports to use when the deployment is finished.So, finally, you can test the app by typing the IP you get like in the following case:
http://104.42.224.204/
-
To scale-out the eShopModernizedMVC container/deployment run the following command with Kubectl:
kubectl scale --replicas=5 deployments/eshop-modernized-mvc
-
To see in the CLI the number of replicas per deployment, run:
kubectl get deployments
-
You can also scale-out the eShopModernizedMVC container/deployment from the Kubernetes Web UI:
-
To see in the Kubernetes Web UI the number of replicas per deployment:
You can delete everything from Azure with a simple Azure CLI 2 command:
az group delete --name eShopK8sWinResGrp --yes --no-wait
Or using the Azure portal, of course.
For further documentation on Kubernetes and Azure Container Service (ACS) check the following: https://docs.microsoft.com/en-us/azure/container-service/kubernetes/
As a pre-requisite we need the images pushed to our container registry, as we have shown in the section 3 of the wiki about the CI CD for Azure VMs
Our pipeline will take as artifact the github repository, where we have the Kubernetes configuration files.
The tasks of the release basically are deploying the services and then refreshing the pods to update the running versions of the pods to the new ones. First we deploy the SQL image using the 'Deploy to Kubernetes' task. We are simply passing here the configuration file of the SQL container for Kubernetes that we have stored in our repository.
The deployment of the MVC application is equal to the SQL deployment.
Finally we refresh the pod for MVC
In the case of the CD for the WebForms application we repeat the process, but changing the MVC application by the Webforms one.
Because we do not want to store in the code reposistory the values for our cofiguration variables, we need to do some steps. What we will do here is to put the values in the Release definition and substitute them during the release. For Kubernetes we have seen that the yml files store the environment variables. We have created one specific configuration file for the CD on 'Kubernetes\eShopModernizedMVC-K8s\ServiceDeployments\eshop-modernized-mvc-k8s-services-CD-deployment.yml'. This file is the same as the original one, but with the variables set with a replace token:
(...)
env:
- name: ConnectionString
value: "Server=sql-data;Database=Microsoft.eShopOnContainers.Services.CatalogDb;User Id=sa;Password=Pass@word"
- name: UseMockData
value: "False"
- name: UseCustomizationData
value: "False"
- name: UseAzureStorage
value: "#{use_azure_storage}#"
- name: StorageConnectionString
value: "#{your_storage_connection_string}#"
- name: AppInsightsInstrumentationKey
value: "#{your_app_insights_instrument_key}#"
- name: UseAzureActiveDirectory
value: "#{use_azure_active_directory}#"
- name: AzureActiveDirectoryClientId
value: "#{your_aad_client_id}#"
- name: AzureActiveDirectoryTenant
value: "#{your_aad_directory_tenant}#"
- name: PostLogoutRedirectUri
value: "#{your_aad_logout_refirect_uri}#"
(...)
We will set this value in the release process, using the 'Replace Tokens' task. We have set the task to take all the xml files and replace the pattern '{key_name}#' by the key_name if this one is found as a variable in the release.
In our example we have added this keys to the variables in the CD. As you can see the name of this variables corresponds to the replace tokens in the previous yml configuration file.
