Deploying an Azure Kubernetes cluster with managed disks

Posted on September 13, 2017

Azure managed disks is finally on Kubernetes on Azure. Let’s use ACS engine with Kubernetes 1.7 to try it out.

Requirements

  • Bash
  • Azure CLI 2.0 you can install it here, or use the Azure Cloud Shell in your browser (I am currently using azure-cli (2.0.16))
  • jq for parsing data from json responses on bash.
  • Azure subscription where you are the owner or have a Service Principal with at least Contributor role to the subscription.
  • SSH keys
  • VSCode for file editing

Setting up the environment

  1. First of all, let’s download the latest version of the acs-engine in your computer. At the moment of writing this article, I am using v0.6.0 from their list of releases. If you are using Mac OS X, you can type in the following commands from your terminal:

     mkdir managed-k8s-acs
 cd managed-k8s-acs
 curl -L https://github.com/Azure/acs-engine/releases/download/v0.6.0/acs-engine-v0.6.0-darwin-amd64.tar.gz | tar zx

    Just if you would like to check, the MD5 sum of the binary is the following: b124d5ca90dcf5bdd0d9da5699ba776b.

  2. Get the json file example from my gist repository:

     curl -O https://gist.githubusercontent.com/brusMX/23077b2764f35cb20830e47c27a0c0d7/raw/fd844532581016220d9a07d855f7e39ffb7cfc00/managed-disks-cluster.json

  3. Generate a Service Principal for your deployment, you can use my obtainAzure.sh file to obtain it:

     curl -O https://gist.githubusercontent.com/brusMX/96538826d582388cb3b73a66a023b332/raw/f6fe0ec3ac1ddbbd0ede7e9d49a6eb49026af6a2/obtainAzureSP.sh
 ./obtainAzureSP.sh

    You will be using AZURE_CLIENT_ID and AZURE_CLIENT_SECRET in the next step, so keep them close. Also, remember that if you create a Service Principal for a subscription that was not the default one, you will have to run the following command:

     az account set -s <<CHOSEN SUBSCRIPTION ID>>

  4. Open VSCode: code managed-disk-cluster.json and update the file accordingly.

    1. Make sure to use your own dns, update the value of dnsPrefix in line 10
    2. Paste the content of (cat ~/.ssh/id_rsa.pub) your public ssh key into keydata in line 29.
    3. Put the value of AZURE_CLIENT_ID on clientId in line 35
    4. Update the value of secret with AZURE_CLIENT_SECRET

Deploying the cluster

Now that we have all our files in order, we can proceed to use ACS-Engine to create the artifacts of our cluster and deploy them.

  1. Create artifacts with ACS-Engine, you will see a folder called _output after you run the following command:

     ./acs-engine-v0.6.0-darwin-amd64/acs-engine generate managed-disks-cluster.json

  2. Set up environment variables that will define where the cluster will be located:

    1. Choose a location:

       export LOC=southcentralus

    2. Name your Resource Group

       export RG_NAME=cluster-mngd-k8s-brusmx

    3. Obtain the dns name from your json file

       export RG_DNS_NAME=`cat managed-disks-cluster.json | jq -r ."properties"."masterProfile"."dnsPrefix"`

  3. Create your resource group where everything will be deployed (if something goes bad, you can always delete the whole RG and start again)

     az group create --name "${RG_NAME}" --location $LOC

  4. Deploy your cluster to Azure with the CLI

     az group deployment create --resource-group="${RG_NAME}" --template-file="_output/${RG_DNS_NAME}/azuredeploy.json" --name="${RG_DNS_NAME}" --parameters @_output/${RG_DNS_NAME}/azuredeploy.parameters.json

Connect to your cluster and test it out

After the cluster has been succesfully deployed we can obtain our kubeconfig file and start interacting with it.

  1. Obtain .kubeconfig file

     scp -o StrictHostKeyChecking=no azureuser@$RG_DNS_NAME.$LOC.cloudapp.azure.com:/home/azureuser/.kube/config config-$RG_DNS_NAME

  2. Paste it in your home. For this case I will create an extra file so you don’t have to worry about your previous k8s config files.

     mkdir ~/.kube
 mv config-$RG_DNS_NAME ~/.kube
 export  KUBECONFIG=~/.kube/config-$RG_DNS_NAME

  3. Confirm that your cluster is up. You can start running the following commands and make sure that everything is working the way it should be:

     kubectl cluster-info

 Kubernetes master is running at https://k8scluster.southcentralus.cloudapp.azure.com
 Heapster is running at https://k8scluster.southcentralus.cloudapp.azure.com/api/v1/namespaces/kube-system/services/heapster/proxy
 KubeDNS is running at https://k8scluster.southcentralus.cloudapp.azure.com/api/v1/namespaces/kube-system/services/kube-dns/proxy
 kubernetes-dashboard is running at https://k8scluster.southcentralus.cloudapp.azure.com/api/v1/namespaces/kube-system/services/kubernetes-dashboard/proxy
 tiller-deploy is running at https://k8scluster.southcentralus.cloudapp.azure.com/api/v1/namespaces/kube-system/services/tiller-deploy/prox

     kubectl get nodes

 NAME                    STATUS    AGE       VERSION
 k8s-agent-25202797-0    Ready     44s       v1.7.5
 k8s-master-25202797-0   Ready     52s       v1.7.5