In this article, we will look at the detailed steps to install Alibaba Cloud Container Service for Kubernetes (ACK). We’ll cover the Azure DevOps release path and service connection configuration for a Kubernetes cluster using temporary kubeconfig. Next, we will expose the application in Alibaba Cloud Kubernetes using Ingress.
- Create a Kubernetes Group in Alibaba Cloud
- Create Azure DevOps release path
- Create temporary kubeconfig and configure service connection
- Deploy the sample application using the pipeline
- Presentation of the application to the public in Alicloud Kubernetes
Create a Kubernetes Cluster in Alibaba Cloud
First, we need to login to Alibaba Cloud Console:
To find Alibaba Cloud Container Service for Kubernetes, click on the upper left corner and search for
Click Create Kubernetes Group.
If this is the first group that you create in your account, you will be asked for permission to access the required cloud resources.
Select the name, region, and type of your group.
If you are not sure which option to choose, you can click the docs link such as “How to select a network plug-in for a Kubernetes suite.” A nice little document window will open with an explanation:
If you do not plan to use network policies, you can use the “Flannel” network plug-in. Otherwise, I would suggest Terway.
As a prerequisite, create a VPC and vswitch if you don’t have one already deployed in this area.
Noticeable: Although it is not required that all cloud resources be in resource groups (as in Azure), it is still a good idea to add resources to a particular resource group whenever possible. Later, when you clean up, it can be really helpful to list all the parts of your cloud infrastructure.
Check the “Create a rendering API server using EIP” checkbox to display the Kubernetes cluster to the public.
Next, you need to provide a Node Pool Name and specify a node configuration for your workers.
When it comes to the size and a certain amount of worker virtual machines, you should consider how much CPU and RAM your app requires, how much traffic will be used, and how much disk your apps will consume.
Select the K8s worker operating system. In Alibaba Cloud, the default option for Linux virtual machines is “Alibaba Cloud Linux 2.”
Next, you need to define an ssh key pair or create a new one.
Select the entry type and server load balancer size. Since the Nginx Ingress console is the most popular and most used one, I will use it.
On the last page, you will see “Check Dependency”.
To confirm your request and rotate a group, you need to resolve the dependencies, such as activating the ACK service.
Once all dependencies are resolved, you can review and confirm the command:
It usually takes a few minutes for the block to spin.
note: If you encounter an error such as “Failed to allocate EIP resources”, go to the VPC/EIP console, manually create an elastic IP, and solve any potential issues that may arise (such as activating the service or confirming the billing method).
Once the group is “ready” you can click on it and you will see a nice dashboard with an overview of the node and the state of the application.
Create a temporary kubeconfig
In this tutorial we will be using temp kubeconfig , which will automatically expire in a few days.
To do this, you need to go to the Kubernetes cluster overview. Go to the “Contact Information” tab, and click “Create a temporary kubeconfig”.
Select Public Access. Choose the validity period and copy the temporary configuration, which we will use in the Azure service connection later.
By the way, you can access the Kubernetes cluster using the kubectl CLI from a browser by just clicking on “More / Open Cloud Shell”.
Create an Azure DevOps release pipeline
We are now ready to create a continuous delivery pipeline!
Go to the Azure DevOps console and select the “Project” you want to use in our exercise.
In the left panel, select “Pipelines” and then “Versions”.
On the right side of the list, find Kubernetes, and choose the “Publish to Kubernetes cluster” template. In this tutorial, one stage will be more than enough.
Go to the stage 1 task list.
Create a service connection for Alibaba Cloud K8s
Here is the default 2-step “deploy to Kubernetes cluster” phase: “agent function” and “Kubectl”.
In the “agent job” we just need to configure the set of workers where our pipeline will run. All of our pipeline logic will be defined in the “Kubectl” step.
First of all, let’s add a Kubernetes service connection. Select the “+ New” button on the right side.
Select kubeconfig, and paste the temporary kubeconfig that was created in the “Create temporary Kubeconfig” section. You may want to select “Accept untrusted certificates” if you are not providing the appropriate certificates for the group. By clicking Verify, Azure DevOps will verify access to the group.
Create a new version
At this point, the connection to the Alicloud Kubernetes cluster has already been established and we can proceed with the configuration of the kubectl task.
We will be using the default namespace in this tutorial.
To publish the Nginx container in the ACK group, we need to run the following command:
kubectl apply -f https://k8s.io/examples/application/deployment.yaml
To do this, we need to select
apply In the “Commands” section, provide the following argument in the “Arguments” section.
Don’t forget to save your changes!
Once you’re ready, click the Create Release button. It will create a new instance of the pipeline called ‘release’.
In the newly created version, click the “Publish” button to start the execution of the stage.
Noticeable: If an error occurs, you can make changes to the pipeline or a specific version. Changes made to the pipeline will be implemented in all new releases. Version changes will only be saved in a specific version.
You can follow the publishing process in the “Logs” section.
Kubectl has succeeded!
Now we have a running Nginx container in our ACK group.
Uncover the application to the public
If you want to showcase your app to the rest of the world, you need to start building a service. In the Alibaba Cloud console, on the left panel, select “Services” and then the “Create” button.
In the pop-up menu, select the type of service and fill in the Port Mapping section.
To expose the new service, we will be using the Nginx ingress console that we selected during the K8s cluster installation process.
On the right panel, click “Enter” and then “Create”.
In the pop-up menu, enter a name for your login. Choose the service you created in the previous steps and specify the domain URL.
You can use the temporary domain provided by Alicloud and add a custom name on the left side.
Follow the login link and the standard Nginx page will open!
In this tutorial, we covered the steps of installing Alibaba Cloud Kubernetes (ACK), creating an Azure DevOps release pipeline, a configured service connection to Alicloud Kubernetes using a temporary kubeconfig, deploying the sample Nginx container to the Alicloud Kubernetes, and rendering the application online using Ingress.