Daniel Neumann Technology Solutions Professional Microsoft Daniel.Neumann@microsoft.com @neumanndaniel Kubernetes on Azure Build, run and monitor your container applications
Session objectives Learn how to build, run and monitor container applications with Microsoft Azure Learn how to build a CI/CD pipeline with VSTS for Kubernetes
Overview
Azure container strategy Embrace containers as ubiquitous Support containers across the compute portfolio Democratize container technology
Azure container ecosystem Service Broker Partner services Azure services App Service Azure Container Registry (ACR) PaaS OpenShift SQL Database Azure Kubernetes Service (AKS) Service Fabric Batch Pivotal Cloud Foundry Redis Cache ACS Engine Docker Enterprise Edition CosmosDB Virtual kubelet Mesosphere DC/OS And more! Azure Container Instances (ACI) Azure Virtual Machines Virtual Machine Scale Sets (VMSS) Azure IaaS
ACS Engine
Azure Container Service Engine Creates a custom container hosting solution You select the size, number of hosts, and choice of orchestrator tools 22 NAT public IP LB 443 Azure LB (dynamically added to service) Private VNET 10.0.0.0/8 Availability set Master-0 Host addr: 10.240.255.5 Pod CIDR: 10.244.0.0/24 scheduler 443 apiserver Node-0 Host addr: 10.240.0.4 Pod CIDR: 10.244.1.0/24 Node-1 Host addr: 10.240.0.5 Pod CIDR: 10.244.2.0/24 etcd controller-manager Proxy Implements service network: 10.0.0.0/16 Proxy Implements service network: 10.0.0.0/16 Proxy Implements service network: 10.0.0.0/16 kubelet Docker kubelet Docker kubelet Docker Virtual Network
Azure Container Service Engine Multiple agent pools where each agent pool can specify: Standard or premium VM sizes Node count VM Scale Sets or Availability Sets Unmanaged Disks or Managed Disks Custom VNET Support non-public Internet cluster deployments https://github.com/azure/acs-engine
Azure Kubernetes Service
Azure Kubernetes Service 443 Azure LB (dynamically added to service) Private VNET 10.0.0.0/8 Availability set Node-0 Host addr: 10.240.0.4 Pod CIDR: 10.244.0.0/24 Node-1 Host addr: 10.240.0.5 Pod CIDR: 10.244.1.0/24 Proxy Implements service network: 10.0.0.0/16 Proxy Implements service network: 10.0.0.0/16 AKS Master API server address: xxx.hcp.westeurope.azmk8s.io kubelet Docker kubelet Docker Virtual Network
Azure Kubernetes Service Automated Kubernetes version upgrades and patching Automated reboot: https://github.com/weaveworks/kured Easy cluster scaling Self-healing hosted control plane (masters) Cost savings pay only for running agent pool nodes
Azure Kubernetes Service Custom VNET with Azure CNI Integration with Azure Monitor HTTP application routing Azure-integrated Kubernetes ingress controller Supports DNS endpoints for Kubernetes ingress resources Private preview of Windows containers Dev Spaces for AKS
Azure Kubernetes Service Preview regions Canada Central Canada East Central US East US West Europe
Azure Kubernetes Service Resource Max nodes per cluster 100 Max pods per node (basic networking with Kubenet) Max pods per node (advanced networking with Azure CNI) Default Limit 110 Max cluster per subscription 20* * Azure support request for limit increase required 30
Azure Kubernetes Service Azure Container Service (AKS) on Azure Stack (Development) Managed Kubernetes with Azure Container Service (AKS) on Azure Stack will make it even easier for Azure Stack users to manage and operate Kubernetes environments in the same ways as they do in Azure, without sacrificing portability. https://azure.microsoft.com/en-us/roadmap/azurecontainer-service-aks-on-azure-stack/
Create Azure Kubernetes Service 1. az group create --name aks-demo-rg --location westeurope 2. az aks create --resource-group aks-demo-rg --name aks-demo-cluster --node-count 3 --node-vm-size Standard_A2_v2 --generate-ssh-keys 3. az aks get-credentials --resource-group aks-demo-rg --name aks-demo-cluster
Azure Container Instances
Azure Container Instances Fast startup times Hypervisor-level security Custom sizes Public IP connectivity and DNS name Persistent storage Azure Files Linux and Windows containers Co-scheduled groups
Azure Container Instances Azure Cloud Shell Task automation CI/CD agents Small-scale batch processing Simple web apps
Azure Container Instances Location OS CPU Memory (GB) West Europe, North Europe, West US, East US Linux 4 14 West US2, Southeast Asia Linux 2 7 West Europe, North Europe, West US, East US Windows 4 14 West US2, Southeast Asia Windows 2 3.5
Azure Container Instances Resource Default Limit Container groups per subscription 20* Number of containers per container group 60 Number of volumes per container group 20 Ports per IP 5 Container creates per hour 60* Container creates per 5 minutes 20* Container deletes per hour 150* Container deletes per 5 minutes 50* Multiple containers per container group Linux only** Azure Files, GitRepo, and Secret volumes Linux only** * Azure support request for limit increase required / ** Windows support for this feature is planned
ACI Connector for Kubernetes Kubernetes provides rich orchestration capabilities ACI provides infinite container-based scale The ACI Connector for K8s brings them together
Azure Container Instances VM VM Pod Waste Pod Pod Waste Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Application architect Deployment/ tasks Kubernetes control pane ACI Connector Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Infrastructure architect Azure Container Instances (ACI) Pod Waste Pod Pod Waste Pod Pod Pod Pod Pod VM VM
Create Azure Container Instances 1. az group create --name aci-demo-rg --location westeurope 2. az container create --resource-group aci-demo-rg --name acidemocontainer --image microsoft/aci-helloworld --dnsname-label aci-demo-container --ports 80 3. az container exec --resource-group aci-demo-rg --name acidemocontainer --exec-command "/bin/sh 4. http://aci-demo-container.westeurope.azurecontainer.io/
Azure Container Registry
Azure Container Registry Docker private registry Maintain Windows and Linux container images in a single registry Use familiar, open-source Docker command line interface (CLI) tools Simplify registry access management with Azure Active Directory
Azure Container Registry Encryption-at-rest Geo-redundant storage Geo-replication support ACR Build - Lifecycle Management, OS & Framework Patching Secure by default Container Registries
Azure Container Registry Resource Basic Standard Premium Storage 10 GB 100 GB 500 GB ReadOps per minute 1,000 3,000 10,000 WriteOps per minute 100 500 2,000 Download bandwidth MBps Upload bandwidth MBps 30 60 100 10 20 50 Webhooks 2 10 100 Geo-replication - - Supported
Create Azure Container Registry 1. az group create --name acr-demo-rg --location westeurope 2. az acr create --resource-group acr-demo-rg -- name aksdemoacr --sku Basic --admin-enabled $true
Azure Monitor container health Container monitoring solution
Azure Monitor container health Requirements Azure Log Analytics workspace Container Insights solution Supports Azure Kubernetes Service
Container monitoring solution Supports Docker Swarm, DC/OS, Kubernetes, Service Fabric & Red Hat OpenShift Windows Server & Linux Azure Service Fabric Azure Container Service (AKS) Other clouds VM with Agent OMS Azure Container Monitoring Solution On-premises VM with Agent VM with Agent Microsoft Azure
Visual Studio Team Services
Visual Studio Team Services Unlimited free private code repositories Git or TFVC Track bugs, work items, feedback, and more Cloud-powered continuous integration and deployment Enterprise-grade services scale to any team size Free for up to five users
Big Picture
Source Code Control Build / CI, Integrate, Test CD, Deploy Run, Manage, Integrate Inner loop Run Azure Container Registry Code Debug Validate Analyze, Understand, Improve
Demo
Demo steps Kickoff the deployment script in Azure Cloud Shell https://github.com/neumanndaniel/kubernetes/tree/master/on -azure Create a new project in VSTS Clone / import the Azure Voting App repository in VSTS https://github.com/azure-samples/azure-voting-app-redis.git Modify azure-vote-all-in-one-redis.yaml Change image: to aksdemoacr.azurecr.io/azure-votefront:latest
Demo steps Create build definition https://docs.microsoft.com/en-us/vsts/buildrelease/apps/containers/build?view=vsts&tabs=web#adapt-your-ci-pipeline Agent queue: Hosted Linux Preview Create release definition https://docs.microsoft.com/en-us/vsts/build-release/apps/cd/azure/deploy-containerkubernetes?view=vsts Agent queue: Hosted Linux Preview Create Kubernetes Service Connection kubectl config view -o yaml --raw=true Kickoff CI/CD pipeline
Summary
Take aways Azure Kubernetes Service is the future Simplified management Focus on your container workloads Azure Container Registry Managed Docker private registry with geo-replication support for simplified management and operations Azure Monitor container health / container monitoring solution Azure Kubernetes Service / hybrid container monitoring Visual Studio Team Services The swiss army knife
Many thanks to all volunteers! Rafael Dabrowski Alexander Klein Volker Bachmann Ben Kettner Tobias Blödt Dirk Hondong Christian Gräfe Cornelia Matthesius Gabi Münster Dominik Petri Kai Michael Poppe Kai Gerlach Björn Peters Henrik Schütze Christa Kurschat Klaus Betzing Nadine Witthöft Tanja Salwiczek
SQLSaturday #772 - Munich 27.10.2018 http://www.sqlsaturday.com/772
PASS Deutschland e.v. For further information about future events, visit our PASS Deutschland e.v. booth in the exhibitor area.
Sponsors Many thanks to our sponsors, without whom such an event would not be possible.
Sponsors Many thanks to our sponsors, without whom such an event would not be possible.
Copyright Microsoft Corporation. All rights reserved.