Shell Script for creating AKS Cluster and Azure Container Registry | Setup ACR and AKS Cluster in Azure Cloud using Azure CLI and Script

#!/bin/sh

# This is the shell script for creating AKS cluster, ACR Repo and a namespace

#Create Resource Group

AKS_RESOURCE_GROUP=aks-rg

AKS_REGION=centralus

# Set Cluster Name

AKS_CLUSTER=aks-cluster

# set ACR name

ACR_NAME=myacrrepo531

echo $AKS_RESOURCE_GROUP, $AKS_REGION, $AKS_CLUSTER, $ACR_NAME

# Create Resource Group

az group create --location ${AKS_REGION} --name ${AKS_RESOURCE_GROUP}

# Create AKS cluster with two worker nodes

az aks create --resource-group ${AKS_RESOURCE_GROUP} --name ${AKS_CLUSTER} --node-count 2 --generate-ssh-keys

# Create Azure Container Registry

az acr create --resource-group ${AKS_RESOURCE_GROUP} \

                     --name ${ACR_NAME} \

                     --sku Standard \

                     --location ${AKS_REGION}

#Providing required permission for downloading Docker image from ACR into AKS Cluster

az aks update -n ${AKS_CLUSTER} -g ${AKS_RESOURCE_GROUP} --attach-acr ${ACR_NAME}

# Configure Kube Credentials

az aks get-credentials --name ${AKS_CLUSTER}  --resource-group ${AKS_RESOURCE_GROUP}

# Create a namespace in AKS cluster for Helm deployment

kubectl create namespace helm-deployment

How to Deploy Springboot Microservices into AKS cluster using Helm and Azure Pipelines | Deploy Docker Containers into AKS cluster using Azure Release Pipelines | Deploy Microservices into AKS cluster using Helm and Azure Pipelines

We are going to learn how to deploy Springboot Microservices Docker container into Azure Kubernetes Cluster(AKS) using Helm and Azure pipelines. 

Sample springboot App Code:

I have created a sample Springboot App setup in GitHub. Click here to access code base in GitHub.

Watch steps in YouTube channel:

What is Helm?

Helm is a package manager for Kubernetes. Helm is the K8s equivalent of yum or apt. It accomplishes the same goals as Linux system package managers like APT or YUM: managing the installation of applications and dependencies behind the scenes and hiding the complexity from the user.

Helm Charts

Helm uses a packaging format called Charts. A Helm Chart is a collection of files that describe a set of Kubernetes resources. Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application. Charts are easy to create, version, share, and publish.

Implementation steps:

1. Create a resource group, AKS cluster and Azure container registry 
2. Provide pull access for AKS to pull image from ACR 
3. Create a namespace for helm deployment
4. Create a helm chart for spring boot app
5. Create a build pipeline to automate docker image
6. Customize pipeline with helm package tasks
7. Create a release pipeline
8. Customize pipeline with helm upgrade tasks 
9. Run the pipeline to deploy springboot app into AKS
10. Verify deployments in the namespace in AKS
11. Use kubectl port forward to access app locally
12. Access the app in the browser

Pre-requisites:

• Azure CLI is installed on your local machine.
• Helm installed
• kubectl installed
• Azure subscription, click here if you don't have one.
• AKS cluster needs to be up running. You can create AKS cluster, ACR Repo using shell script provided in my website.
• Azure DevOps project dashboard in https://dev.azure.com/
• Dockerfile created along with the application source code for springboot App.
• Make sure AKS has pull access from ACR

Create Helm chart using helm

Go to your root of repo where you have source code for your springboot application. Create helm chart by executing below command:

helm create mychart

tree mychart

Execute the above command to see the files created.

Add Docker image details to download from ACR before deploying to AKS cluster

open mychart/values.yaml

change per below values:

image:

repository: myacrrepo531.azurecr.io/akannan1087/docker-spring-boot

tag: ""

open mychart/templates/deployment.yaml and change containerPort to 8080

Save the files, commit and push into source code repo you are using.

Make sure worker nodes are running

kubectl get nodes

Pipeline Implementation Steps:

Part 1 - Create Azure Build pipeline for building Docker image, uploading image into ACR and packaging helm chart.

Part 2 - Create Azure Release pipeline for deploying Springboot Docker containers into AKS using helm upgrade task.

 

Part 1 - How to create a Azure Build Pipeline

1. Login into your Azure DevOps dashboard

2. Click on Pipelines.

3. Click on New Pipeline

4. Click on use the classic editor

Enter your repo name and branch name where you have stored your source code along with Dockerfile:

Click on Continue. Now choose the template by typing Helm, Select Azure Kubernetes service and click Apply.

Now pipeline is created with six tasks already. We need to start customizing the pipeline:

Select Ubuntu as build agent from Agent specification drop down, avoid Windows server as build agent.

Let's also add Maven build task for building the JAR file.

Click on + icon and type Maven. this should be the first task.

And then enter maven goal as package

Let's modify Build an image task.

Select Push an image task

Leave Install Helm Task as it is, we need that task to install Helm on build agent

Remove helm init task by selecting remove selected task

Customize helm package task, select Chart Path by clicking ... dots

Choose the folder where you have helm chart files, select OK

Leave Publish artifact task as it is.

Now click Save + Queue and run to start Building the pipeline

Check build output..

Once the build is completed, you should be able to see the Docker image in Azure Portal under Resource Group, ACR repo name --> Repositories

Part 2  - How to Create Release pipeline for deploying Springboot Microservices containers into AKS Cluster

Go to Pipelines --> Click on Releases --> New Release pipeline

Click on Stage 1 and choose a template by typing helm

and choose Deploy an application to K8S cluster using helm chart

Change the stage name to Deploy to AKS

Now click on Add an artifact

Select the Build pipeline and click on the latest version

Now click on Deploy to AKS stage

Click on Deploy to AKS 

Enter right value for Azure subscription, Resource group and AKS Cluster by selecting from down down.

Now click on the Agent Job, and select Azure pipelines and choose Ubutu as Build agent, avoid windows agents.

Leave install Helm 2.9.1 task

make sure check for latest version of Helm. this will install latest version of Helm which is 3.x

Remove helm init task by selecting remove selected task

Let's start customizing helm upgrade task. Enter helm-deployment as namespace, chart type as File path and click on three dots.

choose the package mychart-0.1.0.tgz and click ok.

Enter first as release name

enter below values for for set values:

image.tag=$(Build.BuildId)

Now click on Save.

Optional step - Enable Continuous Deploy Trigger

This will deploy microservices into AKS cluster for every new build in build pipeline.

Click on Create a release

and then click Create 

Click on Release number to see the output

Click on Stage to see the logs

Click on Logs, you will see the following tasks are in green to confirm Deployment was successful.

Let's check if deployment created any pods in helm-deployment namespace.

How to access Springboot Application using port forward locally?

kubectl get deployments -n helm-deployment 

kubectl get pods -n helm-deployment 

Get the pod name and use port forward to access locally

kubectl port-forward first-springboot-pod_name 8080 -n helm-deployment

If you see any errors after deploying the pods, you can check the pod logs.

kubectl describe pod <pod_name>  -n helm-deployment 

Go to the browser enter http://localhost:8080

You should see below web page.

Clean up Resources

Let us see how to clean up the resources that were created. We can use az group delete command to remove the resource group, AKS cluster, and all related resources. 

az group delete --name aks-rg --yes --no-wait

Watch Steps in YouTube Channel:

How to Monitor AKS Cluster using Azure Monitor and Grafana | Setup monitoring on AKS Cluster using Azure Log Analytics Workspace and Grafana

We can monitor AKS cluster using many ways. We will monitor AKS cluster using Azure Log Analytics workspace which collects log data and metrics from AKS cluster and stores them inside workspace. We will use Grafana for visualizing the data from Log Analytics workspace.

Watch steps in YouTube channel:

Different ways of Monitoring AKS Cluster

• Monitoring AKS cluster using Azure Log Analytics Workspace and Grafana
• Monitoring AKS cluster using Prometheus/Grafana
• Monitoring AKS cluster using Azure Monitor

What is Azure Log Analytics Workspace?

Azure Log Analytics workspace is a logical storage unit in Azure where all log data generated by Azure Monitors are stored.  Log Analytics workspace collects log data from various Azure resources such as Azure Virtual machine or Azure Kubernetes Service. You can think of the workspace as a folder where all your monitoring data is stored and managed.

What is Grafana?

• Grafana is an open source visualization and analytics tool. 
• It allows you to query, visualize, alert on, and explore your metrics no matter where they are stored.

Pre-requisites:

• Azure subscription, click here if you don't have one.
• Install Azure CLI on your local machine
• Install Helm
• Install kubectl

You can also monitor existing AKS cluster as well, but make sure monitoring is enabled. once enabled, you can associate default workspace to AKS cluster or create a new workspace, associate it to cluster.

But we will try creating a new AKS cluster and monitor.

Create AKS Cluster with Monitoring Enabled

Make sure you are login to Azure portal first.

az login

enter your Microsoft credentials.

Create a resource group first

az group create --name myResourceGroup --location southcentralus

Create Log Analytics workspace

az monitor log-analytics workspace create --resource-group myResourceGroup \
                                           --workspace-name my-loganalytics-workspace \
                                           --query id \
                                           -o tsv

Output of the above command will display log analytics Id which is needed for next command while creating AKS cluster. we will be associating Log Analytics Workspace ID with AKS Cluster during creation.

Create AKS cluster with 2 worker nodes with Monitoring Enabled

az aks create --resource-group myResourceGroup --name myAKSCluster --node-count 2 --enable-addons monitoring --workspace-resource-id /subscriptions/XXXXX/resourceGroups/myResourceGroup/providers/Microsoft.OperationalInsights/workspaces/aks-loganalytics-workspace

Verify all the resources are created in Azure Portal

Click on resource group name, you will see AKS cluster, log analytics workspace

Display Details of Cluster

az aks show --name myAKSCluster --resource-group myResourceGroup

The above command will display AKS Cluster details.

Connect to the cluster

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster --overwrite-existing

To verify the connection to your cluster, use the kubectl get command to return a list of the cluster nodes.

kubectl get nodes

 

 

Permission needed (SPN) to pull metrics Data from Azure Log Analytics 

We need to create Service principal(SPN) and assign Log Analytics Reader Role on the AKS Cluster ResourceGroup. Execute below command to first get resource group ID where AKS cluster is running.

First Let's get Resource Group ID 

az group show --name  myResourceGroup --query id --output tsv

output of the above command will be resource group ID. 

Create a Service Principal and Assign Role

az ad sp create-for-rbac --role="Log Analytics Reader" --scopes="/subscriptions/xxxxxx-xxxx-xxxx-xxxxx/resourceGroups/myResourceGroup"

Creating 'Log Analytics Reader' role assignment under scope '/subscriptions/XXX/resourceGroups/myResourceGroup'

{
  "appId": "xxx",
  "displayName": "azure-cli-2023-04-12-22-06-28",
  "password": "xxx",
  "tenant": "xxx"
}

Note all the information above and save it.

Grafana Installation steps on AKS cluster using Helm

Install Grafana

Once Helm is set up properly, add the repo as follows:

helm repo add grafana https://grafana.github.io/helm-charts

helm search repo grafana

Create Monitoring namespace

kubectl create namespace monitoring

Install Grafana alone(NOT kube-prometheus-stack)

helm install stable grafana/grafana -n monitoring

Lets check if grafana pods are running

kubectl get pods -n monitoring

Expose Grafana

# Port forward the Grafana service

kubectl port-forward  -n monitoring stable-grafana-XXX 3000

How to get Grafana admin password by querying pod

kubectl get secret --namespace monitoring stable-grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo

Login to Grafana

Now Open localhost:3000 in browser to access Grafana

UserName: admin

Password: <from the above command>

Create Data Source in Grafana

Go to Grafana, configuration and click Data Sources. Click on Add Data Source and search for Azure Monitor.

Enter tenant id, app id and secret information. click on Load subscriptions. Click on Save and Test.

Create Dashboard in Grafana

In Grafana, we can create various kinds of dashboards as per our needs.

How to Create Azure Monitor For Containers Dashboard?

Click '+' button on left panel and select ‘Import’.

Enter 10956 dashboard id under Grafana.com Dashboard.

Click ‘Load’.

Click ‘Import’.

This will show monitoring dashboard for all cluster nodes

How to Create POD Metrics for AKS Dashboard?

Click '+' button on left panel and select ‘Import’.

Enter 14891 dashboard id under Grafana.com Dashboard.

Click ‘Load’.

This will show monitoring dashboard for all pods, you can also select namespaces as well.

Clean up Resources

Let's see how to clean up the resources that were created. We can use the az group delete command to remove the resource group, AKS cluster, and all related resources. 

az group delete --name myResourceGroup --yes --no-wait

Click here for Script for Creating AKS cluster with Monitoring Enabled.