Deploying an Azure Kubernetes cluster with managed disks

Azure managed disks is finally on Kubernetes on Azure. Let’s use ACS engine with Kubernetes 1.7 to try it out.

Requirements

  • Bash
  • Azure CLI 2.0 you can install it here, or use the Azure Cloud Shell in your browser (I am currently using azure-cli (2.0.16))
  • jq for parsing data from json responses on bash.
  • Azure subscription where you are the owner or have a Service Principal with at least Contributor role to the subscription.
  • SSH keys
  • VSCode for file editing

Setting up the environment

  1. First of all, let’s download the latest version of the acs-engine in your computer. At the moment of writing this article, I am using v0.6.0 from their list of releases. If you are using Mac OS X, you can type in the following commands from your terminal:

     mkdir managed-k8s-acs
     cd managed-k8s-acs
     curl -L https://github.com/Azure/acs-engine/releases/download/v0.6.0/acs-engine-v0.6.0-darwin-amd64.tar.gz | tar zx
    

    Just if you would like to check, the MD5 sum of the binary is the following: b124d5ca90dcf5bdd0d9da5699ba776b.

  2. Get the json file example from my gist repository:

     curl -O https://gist.githubusercontent.com/brusMX/23077b2764f35cb20830e47c27a0c0d7/raw/fd844532581016220d9a07d855f7e39ffb7cfc00/managed-disks-cluster.json
    
  3. Generate a Service Principal for your deployment, you can use my obtainAzure.sh file to obtain it:

     curl -O https://gist.githubusercontent.com/brusMX/96538826d582388cb3b73a66a023b332/raw/f6fe0ec3ac1ddbbd0ede7e9d49a6eb49026af6a2/obtainAzureSP.sh
     ./obtainAzureSP.sh
    

    You will be using AZURE_CLIENT_ID and AZURE_CLIENT_SECRET in the next step, so keep them close. Also, remember that if you create a Service Principal for a subscription that was not the default one, you will have to run the following command:

     az account set -s <<CHOSEN SUBSCRIPTION ID>>
    
  4. Open VSCode: code managed-disk-cluster.json and update the file accordingly.

    1. Make sure to use your own dns, update the value of dnsPrefix in line 10
    2. Paste the content of (cat ~/.ssh/id_rsa.pub) your public ssh key into keydata in line 29.
    3. Put the value of AZURE_CLIENT_ID on clientId in line 35
    4. Update the value of secret with AZURE_CLIENT_SECRET

Deploying the cluster

Now that we have all our files in order, we can proceed to use ACS-Engine to create the artifacts of our cluster and deploy them.

  1. Create artifacts with ACS-Engine, you will see a folder called _output after you run the following command:

     ./acs-engine-v0.6.0-darwin-amd64/acs-engine generate managed-disks-cluster.json
    
  2. Set up environment variables that will define where the cluster will be located:

    1. Choose a location:

       export LOC=southcentralus
      
    2. Name your Resource Group

       export RG_NAME=cluster-mngd-k8s-brusmx
      
    3. Obtain the dns name from your json file

       export RG_DNS_NAME=`cat managed-disks-cluster.json | jq -r ."properties"."masterProfile"."dnsPrefix"`
      
  3. Create your resource group where everything will be deployed (if something goes bad, you can always delete the whole RG and start again)

     az group create --name "${RG_NAME}" --location $LOC
    
  4. Deploy your cluster to Azure with the CLI

     az group deployment create --resource-group="${RG_NAME}" --template-file="_output/${RG_DNS_NAME}/azuredeploy.json" --name="${RG_DNS_NAME}" --parameters @_output/${RG_DNS_NAME}/azuredeploy.parameters.json
    

Connect to your cluster and test it out

After the cluster has been succesfully deployed we can obtain our kubeconfig file and start interacting with it.

  1. Obtain .kubeconfig file

     scp -o StrictHostKeyChecking=no azureuser@$RG_DNS_NAME.$LOC.cloudapp.azure.com:/home/azureuser/.kube/config config-$RG_DNS_NAME
    
  2. Paste it in your home. For this case I will create an extra file so you don’t have to worry about your previous k8s config files.

     mkdir ~/.kube
     mv config-$RG_DNS_NAME ~/.kube
     export  KUBECONFIG=~/.kube/config-$RG_DNS_NAME
    
  3. Confirm that your cluster is up. You can start running the following commands and make sure that everything is working the way it should be:

     kubectl cluster-info
    
     Kubernetes master is running at https://k8scluster.southcentralus.cloudapp.azure.com
     Heapster is running at https://k8scluster.southcentralus.cloudapp.azure.com/api/v1/namespaces/kube-system/services/heapster/proxy
     KubeDNS is running at https://k8scluster.southcentralus.cloudapp.azure.com/api/v1/namespaces/kube-system/services/kube-dns/proxy
     kubernetes-dashboard is running at https://k8scluster.southcentralus.cloudapp.azure.com/api/v1/namespaces/kube-system/services/kubernetes-dashboard/proxy
     tiller-deploy is running at https://k8scluster.southcentralus.cloudapp.azure.com/api/v1/namespaces/kube-system/services/tiller-deploy/prox
    
     kubectl get nodes
    
     NAME                    STATUS    AGE       VERSION
     k8s-agent-25202797-0    Ready     44s       v1.7.5
     k8s-master-25202797-0   Ready     52s       v1.7.5