The Windows Container team announced an update to the Container extension for Windows Admin Center with a couple of new features like pushing Container images to an Azure Container Registry. In this blog post, I want to provide you with a walkthrough on how you can deploy a Windows Server container image with a web application on Azure Kubernetes Service (AKS) from the Azure Container Registry (ACR).
The main focus of this blog is to provide you with a quick walkthrough to try out your containerized Windows application on Azure Kubernetes Service (AKS).
In my example, I will use Azure PowerShell. However, you can also use the Azure CLI if you want to. We will simply walk through the following steps.
- Create an Azure Kubernetes Service (AKS) cluster including the prerequisites
- Add a Windows Server node pool.
- Connect to the Cluster
- Integrate Azure Container Registry (ACR) with AKS
- Deploy a service using your Windows Container stored in ACR
Create an Azure Kubernetes Service (AKS) cluster including the prerequisites
You can run the PowerShell commands directly from your machine using Azure PowerShell or as I do directly from Azure Cloud Shell. In Azure Cloud Shell, we already have the tools and PowerShell modules we need available.
First, we will create a resource group for our deployment.
New-AzResourceGroup -Name tt-akswin-rg -Location eastus
Since Azure Kubernetes Service also needs a couple of Linux machines in the background, we need to generate an SSH key pair (if you don't have that already). For more details, see Quick steps: Create and use an SSH public-private key pair for Linux VMs in Azure.
ssh-keygen -m PEM -t rsa -b 4096
Now we can create an AKS cluster. Make sure you select a supported version of Kubernetes within your Azure region. To check the available versions within your region you can use the following command:
Get-AzAksVersion -Location eastus
To create the cluster, you can run the following command:
$Password = Read-Host -Prompt 'Please enter your password' -AsSecureString
New-AzAKS -ResourceGroupName tt-akswin-rg -Name myAKSCluster -NodeCount 2 -KubernetesVersion 1.18.2 -NetworkPlugin azure -NodeVmSetType VirtualMachineScaleSets -WindowsProfileAdminUserName akswinuser -WindowsProfileAdminUserPassword $Password
After a few minutes, the command completes and returns information about the cluster.
Add a Windows Server node pool
After we have created the cluster, we can create a Windows Server node pool. By default, an AKS cluster is created with a node pool that can run Linux containers.
New-AzAksNodePool -ResourceGroupName tt-akswin-rg -ClusterName myAKSCluster -OsType Windows -Name npwin -KubernetesVersion 1.18.2 -VmSetType VirtualMachineScaleSets
Connect to the cluster
To manage the Kubernetes cluster, we use the Kubernetes command-line client (kubectl). Since we are running this in Azure Cloud Shell, kubectl is already installed. To configure kubectl to connect to our AKS cluster, we can simply use the Import-AZAksCrendetial PowerShell cmdlet.
Import-AzAksCredential -ResourceGroupName tt-akswin-rg -Name myAKSCluster
To verify the connection, we can run the kubectl get command to list all the cluster nodes.
kubectl get nodes
Integrate Azure Container Registry (ACR) with AKS
Before we can run the application from our existing Azure Container Registry (ACR), we need to integrate into our AKS cluster. We can use the following Azure CLI command.
az aks update -n myAKSCluster -g tt-akswin-rg --attach-acr ttacr01
If you don't have an Azure Container Registry, you can already add it during the AKS cluster creation. You can find more information on Microsoft Docs. If you want to create an ACR, check out the following documentation.
Deploy a service using your Windows Container stored in ACR
Now we can edit our YAML file to include the container image from the Azure Container registry. In Azure Cloud Shell, you can simply use the code command to edit or create a new file.
code ttwebsite.yaml
This is an example file for my specific container image form my ARC (ttacr01.azurecr.io/ttwebsite:v1).
apiVersion: apps/v1
kind: Deployment
metadata:
name: ttwebsite
labels:
app: ttwebsite
spec:
replicas: 1
template:
metadata:
name: ttwebsite
labels:
app: ttwebsite
spec:
nodeSelector:
"beta.kubernetes.io/os": windows
containers:
- name: ttwebsite
image: ttacr01.azurecr.io/ttwebsite:v1
resources:
limits:
cpu: 1
memory: 800M
requests:
cpu: .1
memory: 300M
ports:
- containerPort: 80
selector:
matchLabels:
app: ttwebsite
---
apiVersion: v1
kind: Service
metadata:
name: ttwebsite
spec:
type: LoadBalancer
ports:
- protocol: TCP
port: 80
selector:
app: ttwebsite
Deploy the application using the kubectl apply command and specify the name of your YAML file:
kubectl apply -f ttwebsite.yaml
To monitor the process and get the public IP address from the load balancer for our web application, we can run the following command:
kubectl get service sample --watch
After the service is deployed, we will see the public IP address from the load balancer of the location, where we can access our web application.
If you open up the public IP address you will find our web application:
Conclusion
I hope this blog post gives a short overview of how you can deploy a Windows Container from the Azure Container Registry to Azure Kubernetes Service (AKS). You can find more documentation on Microsoft Docs. If you have any questions, let me know in the comments.