>>Azure Kubernetes Service makes it easy for you to deploy and manage your containerized
workloads without requiring a lot of container
orchestration expertise. In this episode, Jay will
demonstrate and explain just how easy it is to take a simple
application and deploy it into Azure, today, on Azure Friday. [MUSIC]>>Hey everyone,
Donovan Brown here with another episode of Azure Friday. I’m here with Jay and
we’re going to be talking about Azure Kubernetes Service. So we’ve done some other shows
an Azure Kubernetes Service, but what I think is
really cool and unique about what we’re about
to do is this is like a quick primer on how to get
going really, really quickly.>>I really love
helping people and take those first steps into services
that we have at Azure. It’s just one of the things
that I really enjoy.>>Cool.>>So one of the things
I want to do today is to show you and the rest
of the folks just how simple it is you could
start working with Azure Kubernetes Service without
a whole ton of experience.>>Okay.>>Kubernetes, it’s a pretty
big software to deal with.>>It can be intimidating too, but what’s really nice is
how we’ve streamline that.>>Yes. So one of the things that I’ve done here, and
I’m going to show you, is I’ve created a cluster already and the command
is fairly simple. Let’s talk about it real
quick, az aks create. So we’re working with the
Azure CLI, basic tools. We’re telling we’re
going to invoke in AKS command, and we’re
going to create. We’re going to do it
under our resource group which I’ve already created, and we’re going to name
it “Azure Friday AKS.” Within there, as you can see, I’ve enabled us some additional tools like monitoring, HTTP routing, I can specify what
version I want to create, SSH Keys, a service principle,
why are we doing this? Just so we can create, and way for our Azure
Container Registry where our images are going to live to trust the cluster that we’ve created.>>Right.>>Because we need to make sure that things are deployed
from where we expect them to and that there’s a
trust created and we don’t have to always work
with our credentials.>>Right. Because we
don’t want random people pulling our images down. We want that to be secure. What we’re doing now
is basically assigning an identity that we can say, “Hey, this is the person that I allow to be pulling from
my particular registry.”>>Even more importantly, what we’re doing is reducing the need for manual
rotation of credentials. You’re just getting
everything and saying, “This is the user and password
that we have for this specific, so that’s what we’ve got here.” Then what you can see
I’ve also done is I’m going to give us a scale set based virtual machines on the back-end
to handle auto-scaling.>>Okay.>>So now, we are not just
building it with one node. We’re building it with three
nodes for that large amount of redundancy and then we can have
our max counter, one and five. So one of the things
I’ve already done is I’ve built the cluster.
Takes a few minutes. I want to make sure the cake is
ready because I wanted to see it. So let’s go ahead and get our
credentials. We need that. To get our credentials,
I’ll just run this command. What it does is it takes
the credentials that you’re going to need to run
kubectl or kube-control, whichever you’re saying is, and make sure that you’re
able to make changes. So one of the things
we need to do next is create a Container
Registry and that’s where, like you said, that’s where all of our stuff is going to be stored. It’s really important
that it’s private. It’s got all the required redundancy so that every single time
you do a pull from that ACR, the image is always there.>>Another thing that
I really like about creating a Container
Registry inside of Azure, is our clusters inside of Azure. Now our registry where
we’re storing our images is network close to our infrastructure, so downloading those images is
going to be extremely fast.>>Exactly.>>So let’s go ahead
and build our ACR. So it’s as simple as a one liner. You can do it within the portal, but I think this is pretty quick.>>I script that a lot
of my commands using the Azure CLI because it allows me to then later automate that stuff through like scripts like
the ones you’re running now, even through CI/CD pipelines, being able to script it out here
gives you a lot of flexibility.>>Cool. As you can see, we’ve got a fully qualified domain name that’s associated with
the login server. It’s fully redundant,
it’s all over the world. You can put it in different
places based on the skew. So lots of stuff we’re able to do. So now, we’ve got our credentials, we’ve got our ACR, and now, it’s time to
build a container.>>Right.>>So what am I going to build today? I’ve got this really simple clock that all of you are
going to get access to, no matter who you are. I’ve got all the stuff online. It’s a very basic
clock. It’s stateless. It’s just to be able to
give you something to work with [inaudible] just to react. So I’ve also provided a
couple other extra things, and one of them is going
to be really helpful. This script acr.sh. What this is doing is taking the service principle that we created and then created
it for our AKS cluster. We’re going to create
a trust that says. “You can talk to me,
you can do a pull,” and that’s what this last
line right here says. We’re going to take an acrpull role and attach it to that
service principle. So now, we make sure that we
have that r-back configured, role-based authentication
between the AKS cluster and the Azure Container Registry.>>Got it.>>So let’s run that
script real simple. So you know the trust we
created just a minute ago, I went ahead and run that script, and now, we’ve got an AKS to ACR role pull created.
So there’s a trust->>Got it.>>- and now we’re allowed
to pull images from it. So now what we’re going
to do is actually create our image from the registry. So what I have to do is go
into where our Dockerfile is. Because you’re basically the context folder where you’re
going to be doing this. If we look at the Dockerfile, very simple, we’re just
building MPM install.>>Sure.>>That’s it. So let’s go
ahead and run our acr build. In the background, now, we’ve got a container image
that Azure’s provisioning. So you don’t have to install
Docker on your local computer. I remember the days
of building images.>>It was.>>Because my laptop would sound like it was trying to
take off into space. I’ll be honest with you,
I don’t need to do that. I can use a lot of the tools
that’s built into Azure. So right now, what’s going on is each individual layer is being
built of part of the ACR. Then at one point, we’re going to have an image
with our version number built.>>Yeah. One of the things I
really like about using ACR, as my actual building mechanism, is when you’re doing CI/CD. If you’re building that
image on a fresh machine, you have to download all those layers every single time you build it. But ACR, actually, caches those layers so that the
second, third, fourth builder, that same image, you
don’t have to pull down all those cast images and you
build those much, much faster. Since I want to store my
images inside ACR, anyway, the fact that I’m able to
use ACR to build, to tag, and the storm images makes
it this really one liner, almost like this great atomic
execution of my build statement.>>We’re just about done
and what does that mean? Because now it’s running NPM install, which means it’s going to then
provide the image a output, what actually our app is going to do? So that’s all going on now. What’s next? What do
we have to do next? Well, we have to run
some manifests that are in Kubernetes to actually
deploy our application. So I’ve got two ready to go. The first one right here. What we have here is a
notice of where our ACR is, we have to actually just modify that one little portion
of our manifest. As you can see, we’ve
got all the information about how it’s going to get started, how much memory we want to associate, how much CPU, just so
we have level sets. So we’ll go here. As you can see, still building, just a few more minutes
or few seconds left. Then what we’ve got also within
here is a load balancer. A load balancer here, a classic load balancer
is just going to go ahead and forward 8080 to 80, so it’s provided a standard web. Now, we can do more things
like ensure that we are all those nodes that
we want to be available, load balanced and in front.>>Sure. These YAML files are the ones that you’re
going to basically pass to kube-control to make sure
that it knows how to then deploy the application
inside of my cluster.>>Let’s do that now.
So our image is built.>>Got it.>>Let’s go ahead and let’s back up. Actually, no, we don’t even have to backup.
We’ll just go into k8s. So anyone that’s watching this, they’ll be able to just do the same
exact thing that we are doing. Kubectl, apply minus f specifying
the file and then deployment. So what’s happening there? Now, we’re actually
creating the application. I’ve already run it before, so you’re just getting an unchanged. Then the next portion is running
our load balancer creation, same kind of situation apply. So while we can go ahead and
do a kubectl, get services. We can see you’ve got
this load balancer, and let me close this so
we can see it in full. But we’ve got an external IP created, and that’s all it took. To create that external IP
address was just to run that manifest right out
of our command line. So now, all we have to do, “Copy.” Wait a second and our really super-duper
stateless application running on a Azure Kubernetes
cluster will come up. The one thing that really is the
benefit to everyone that I think, is just being able to go
to a place like GitHub, grab all this code and just start
building something right away.>>Because it shows just how, again, I think you laid out really
well the steps that are required and how easy it is
just from the command line and they can just take
the commands that you ran and run them again to get started when it comes to actually producing your first
containerized application. Now one of the things, while
this is still loading, is like It’s about below now, is that we did all of
this stuff manually and my claim to fame is DevOps.>>You’re DevOps man.>>Exactly right.>>The man in the black shirt?>>Exactly. So part of this
is like, “Like this is cool. But there has to be a way for me
to automate this deployment.” We touched on it a little bit when we showed the scripting and I knew, well, if I can script
it, I can automate this.>>Donovan, I would not come here without something make you happy, and what did I make happy? Well, Azure Kubernetes Service, which we can go ahead and click
on our AKS cluster right here, has all these additional features.>>Sure.>>So everything I did
already was pretty much on Cloud Shell because I
wanted to show you this feed.>>Sure.>>But now, it’s time to
show you what you can do, and so we’ve got deployment center. I think that this is the part
that’s going to make you happy.>>Exactly.>>So now we can go in
here, go to GitHub, start creating a way to launch the application directly from Azure, I should say Azure DevOps. DevOps [inaudible] or whatever
you want to do in the future, but this is going to
allow us to then, now that we’ve learned how to do it, thanks to the scripts
that you’ve given us, I can automate the execution of those scripts on a repeatable basis. So as a developer, all I do is commit code to repository and the next version is
just going to roll out.>>It’s important that we
always understand the concepts. Sometimes the concepts means a couple manual steps
and that’s how you learn. At least that’s how I learn. I like to go through each step one at a time and learn about
all the different parts, then take those parts,
put them together, and then understand how I can then repeat it quickly,
vastly, and reliant.>>No, I agree. It’s inevitable at some point your pipeline
is going to break, and because you understand
it at this level, you’re going to be able to
troubleshoot your pipeline. Yeah. That’s the thing is that
we look at our arm templates is that basis for us to be able
to create all that automation. But we need to understand
what goes into them and the same thing can
be said about Kubernetes.>>Awesome.>>So Containers,
Kubernetes, you name it. All we have to do is just understand the concepts and we can
deploy things much easier.>>That’s awesome. We’re
learning all about Azure Kubernetes Service
here on Azure Friday. [MUSIC]