Thanks! We'll be in touch in the next 12 hours
Oops! Something went wrong while submitting the form.

Continuous Deployment with Azure Kubernetes Service, Azure Container Registry & Jenkins

Introduction

Containerization has taken the application development world by storm. Kubernetes has become the standard way of deploying new containerized distributed applications used by the largest enterprises in a wide range of industries for mission-critical tasks, it has become one of the biggest open-source success stories.

Although Google Cloud has been providing Kubernetes as a service since November 2014 (Note it started with a beta project), Microsoft with AKS (Azure Kubernetes Service) and Amazon with EKS (Elastic Kubernetes Service)  have jumped on to the scene in the second half of 2017.

Example:

AWS had KOPS

Azure had Azure Container Service.

However, they were wrapper tools available prior to these services which would help a user create a Kubernetes cluster, but the management and the maintenance (like monitoring and upgrades) needed efforts.

Azure Container Registry:

With container demand growing, there is always a need in the market for storing and protecting the container images. Microsoft provides a Geo Replica featured private repository as a service named Azure Container Registry.

Azure Container Registry is a registry offering from Microsoft for hosting container images privately. It integrates well with orchestrators like Azure Container Service, including Docker Swarm, DC/OS, and the new Azure Kubernetes service. Moreover, ACR  provides capabilities such as Azure Active Directory-based authentication, webhook support, and delete operations.

The coolest feature provided is Geo-Replication. This will create multiple copies of your image and distribute it across the globe and the container when spawned will have access to the image which is nearest.

Although Microsoft has good documentation on how to set up ACR  in your Azure Subscription, we did encounter some issues and hence decided to write a blog on the precautions and steps required to configure the Registry in the correct manner.

Note: We tried this using a free trial account. You can setup it up by referring the following link

Prerequisites:

  • Make sure you have resource groups created in the supported region.
    Supported Regions: eastus, westeurope, centralus, canada central, canadaeast
  • If you are using Azure CLI for operations please make sure you use the version: 2.0.23 or 2.0.25 (This was the latest version at the time of writing this blog)

Steps to install Azure CLI 2.0.23 or 2.0.25 (ubuntu 16.04 workstation):

CODE: https://gist.github.com/velotiotech/a92748aa4b988c7e11f438e73f08d5f8.js

Steps for Container Registry Setup:

  • Login to your Azure Account:

CODE: https://gist.github.com/velotiotech/023d00ac9a98ad80679befa89a11da75.js

  • Create a resource group:

CODE: https://gist.github.com/velotiotech/4385408e81de517460f7e2a26850da43.js

  • Create a Container Registry:

CODE: https://gist.github.com/velotiotech/d9a575e9731c27272e5e637b9f61d905.js

Note: SKU defines the storage available for the registry for type Basic the storage available is 10GB, 1 WebHook and the billing amount is 11 Rs/day.

For detailed information on the different SKU available visit the following link

  • Login to the registry :

CODE: https://gist.github.com/velotiotech/06dae2421684d0b3e99460f3a0539bc9.js

  • Sample docker file for a node application :

CODE: https://gist.github.com/velotiotech/99460d564c40475b08d98ca4c97a7b30.js

  • Build the docker image :

CODE: https://gist.github.com/velotiotech/2434c7e519c9967d3094d1e53ccd50f4.js

  • Get the login server value for your ACR :

CODE: https://gist.github.com/velotiotech/9c6b657799b5546c0bea8e9a1d1a052b.js

  • Tag the image with the Login Server Value:
    Note: Get the image ID from docker images command

Example:

CODE: https://gist.github.com/velotiotech/8233b0244df0192de133d9eb7ee8a559.js


Push the image to the Azure Container Registry:Example:

CODE: https://gist.github.com/velotiotech/a77c1c2a36d3f49c3860eda18b206d7f.js

Microsoft does provide a GUI option to create the ACR.

  • List Images in the Registry:

Example:

CODE: https://gist.github.com/velotiotech/2f918723262d034a3d2b05324e1faa4a.js

  • List tags for the Images:

Example:

CODE: https://gist.github.com/velotiotech/dc157ae63f7e410c25c9b96bdaab847b.js

  • How to use the ACR image in Kubernetes deployment: Use the login Server Name + the image name

Example :

CODE: https://gist.github.com/velotiotech/32a9842e361aaa7012312f59afa244c4.js

Azure Kubernetes Service

Microsoft released the public preview of Managed Kubernetes for Azure Container Service (AKS) on October 24, 2017. This service simplifies the deployment, management, and operations of Kubernetes. It features an Azure-hosted control plane, automated upgrades, self-healing, easy scaling.

Similarly to Google AKE and Amazon EKS, this new service will allow access to the nodes only and the master will be managed by Cloud Provider. For more information visit the following link.

Let's now get our hands dirty and deploy an AKS infrastructure to play with:

  • Enable AKS preview for your Azure Subscription: At the time of writing this blog, AKS is in preview mode, it requires a feature flag on your subscription.

CODE: https://gist.github.com/velotiotech/1ed34530f05f3c2fefd86476f28d87a3.js

  • Kubernetes Cluster Creation Command: Note: A new separate resource group should be created for the Kubernetes service.Since the service is in preview, it is available only to certain regions.

Make sure you create a resource group under the following regions.

CODE: https://gist.github.com/velotiotech/2904c1bb46ba4470dd6fe95eb356fac0.js

Example with different arguments :

Create a Kubernetes cluster with a specific version.

CODE: https://gist.github.com/velotiotech/d781bd218fa6160c9fb755308fc00e02.js

Create a Kubernetes cluster with a larger node pool.

CODE: https://gist.github.com/velotiotech/636d87102ff086881c9b333a62585fd9.js

Install the Kubectl CLI :

To connect to the kubernetes cluster from the client computer Kubectl command line client is required.

CODE: https://gist.github.com/velotiotech/50f9f0701997e23ea84f5c54c6ed0bd7.js

Note: If you're using Azure CloudShell, kubectl is already installed. If you want to install it locally, run the above  command:

  • To configure kubectl to connect to your Kubernetes cluster :

CODE: https://gist.github.com/velotiotech/c167ab4266c8f35595f48ac37f2487f1.js

Example :

CODE: https://gist.github.com/velotiotech/ac40b6014a435271f49ca0e3779e800f.js

  • Verify the connection to the cluster :

CODE: https://gist.github.com/velotiotech/f5747c96453127c6e87b836bc545838c.js

  • For all the command line features available for Azure check the link: https://docs.microsoft.com/en-us/cli/azure/aks?view=azure-cli-latest

We had encountered a few issues while setting up the AKS cluster at the time of writing this blog. Listing them along with the workaround/fix:

CODE: https://gist.github.com/velotiotech/42a768ef783de7a57d781a06af9449a9.js

Error: Operation failed with status: 'Bad Request'.

Details: Resource provider registrations Microsoft.Compute, Microsoft.Storage, Microsoft.Network are needed we need to enable them.

Fix: If you are using the trial account, click on subscriptions and check whether the following providers are registered or not :

  • Microsoft.Compute
  • Microsoft.Storage
  • Microsoft.Network
  • Microsoft.ContainerRegistry
  • Microsoft.ContainerService

Error: We had encountered the following mentioned open issues at the time of writing this blog.

  1. Issue-1
  2. Issue-2
  3. Issue-3


Jenkins setup for CI/CD with ACR, AKS

Microsoft provides a solution template which will install the latest stable Jenkins version on a Linux (Ubuntu 14.04 LTS) VM along with tools and plugins configured to work with Azure. This includes:

  • git for source control
  • Azure Credentials plugin for connecting securely
  • Azure VM Agents plugin for elastic build, test and continuous integration
  • Azure Storage plugin for storing artifacts
  • Azure CLI to deploy apps using scripts

Refer the below link to bring up the Instance

Pipeline plan for Spinning up a Nodejs Application using ACR - AKS - Jenkins

Azure Pipeline

What the pipeline accomplishes :

Stage 1:

The code gets pushed in the Github. The Jenkins job gets triggered automatically. The Dockerfile is checked out from Github.

Stage 2:

Docker builds an image from the Dockerfile and then the image is tagged with the build number.Additionally, the latest tag is also attached to the image for the containers to use.

Stage 3:

We have default deployment and service YAML files stored on the Jenkins server. Jenkins makes a copy of the default YAML files, make the necessary changes according to the build and put them in a separate folder.

Stage 4:

kubectl was initially configured at the time of setting up AKS on the Jenkins server. The YAML files are fed to the kubectl util which in turn creates pods and services.

Sample Jenkins pipeline code :

CODE: https://gist.github.com/velotiotech/c5372679bbc8555ca1bd747603030b31.js

What we achieved:

  • We managed to create a private Docker registry on Azure using the ACR feature using az-cli 2.0.25.
  • Secondly, we were able to spin up a private Kubernetes cluster on Azure with 2 nodes.
  • Setup Up Jenkins using a pre-cooked template which had all the plugins necessary for communication with ACR and AKS.
  • Orchestrate  a Continuous Deployment pipeline in Jenkins which uses docker features.