CI/CD with Azure DevOps and ACK

In this article, we will look at the detailed steps to install Alibaba Cloud Container Service for Kubernetes (ACK). We’ll cover the Azure DevOps release path and service connection configuration for a Kubernetes cluster using temporary kubeconfig. Next, we will expose the application in Alibaba Cloud Kubernetes using Ingress.

High-level steps:

  • Create a Kubernetes Group in Alibaba Cloud
  • Create Azure DevOps release path
  • Create temporary kubeconfig and configure service connection
  • Deploy the sample application using the pipeline
  • Presentation of the application to the public in Alicloud Kubernetes

Create a Kubernetes Cluster in Alibaba Cloud

First, we need to login to Alibaba Cloud Console:

Log in to Alibaba Cloud Console

To find Alibaba Cloud Container Service for Kubernetes, click on the upper left corner and search for kubernetes.

Find Alibaba Cloud Container Service for Kubernetes

Click Create Kubernetes Group.

Kubernetes block

If this is the first group that you create in your account, you will be asked for permission to access the required cloud resources.Permission to access cloud resources

Select the name, region, and type of your group.Select the name, region and type of your group

If you are not sure which option to choose, you can click the docs link such as “How to select a network plug-in for a Kubernetes suite.” A nice little document window will open with an explanation:

How to define a network plug-in for a Kubernetes suite

If you do not plan to use network policies, you can use the “Flannel” network plug-in. Otherwise, I would suggest Terway.

As a prerequisite, create a VPC and vswitch if you don’t have one already deployed in this area.

Create a VPC and vswitch

Noticeable: Although it is not required that all cloud resources be in resource groups (as in Azure), it is still a good idea to add resources to a particular resource group whenever possible. Later, when you clean up, it can be really helpful to list all the parts of your cloud infrastructure.

Check the “Create a rendering API server using EIP” checkbox to display the Kubernetes cluster to the public.

Create API Server List with EIP

Next, you need to provide a Node Pool Name and specify a node configuration for your workers.
When it comes to the size and a certain amount of worker virtual machines, you should consider how much CPU and RAM your app requires, how much traffic will be used, and how much disk your apps will consume.

Select node configuration

Select the K8s worker operating system. In Alibaba Cloud, the default option for Linux virtual machines is “Alibaba Cloud Linux 2.”

Select K8s worker operating system

Next, you need to define an ssh key pair or create a new one.

Select ssh key-pair

Select the entry type and server load balancer size. Since the Nginx Ingress console is the most popular and most used one, I will use it.

Select entry type

On the last page, you will see “Check Dependency”.

Dependency Check

To confirm your request and rotate a group, you need to resolve the dependencies, such as activating the ACK service.

Resolving dependencies

Once all dependencies are resolved, you can review and confirm the command:

Review and confirm order

It usually takes a few minutes for the block to spin.

note: If you encounter an error such as “Failed to allocate EIP resources”, go to the VPC/EIP console, manually create an elastic IP, and solve any potential issues that may arise (such as activating the service or confirming the billing method).

Once the group is “ready” you can click on it and you will see a nice dashboard with an overview of the node and the state of the application.

Dashboard with node overview and application status

Create a temporary kubeconfig

In this tutorial we will be using temp kubeconfig , which will automatically expire in a few days.

To do this, you need to go to the Kubernetes cluster overview. Go to the “Contact Information” tab, and click “Create a temporary kubeconfig”.

Create a temporary kubeconfig

Select Public Access. Choose the validity period and copy the temporary configuration, which we will use in the Azure service connection later.

Create a temporary kubeconfig

By the way, you can access the Kubernetes cluster using the kubectl CLI from a browser by just clicking on “More / Open Cloud Shell”.

Kubernetes cluster with kubectl CLI

Create an Azure DevOps release pipeline

We are now ready to create a continuous delivery pipeline!

Go to the Azure DevOps console and select the “Project” you want to use in our exercise.

Azure DevOps Console

In the left panel, select “Pipelines” and then “Versions”.

Pipelines and releases

On the right side of the list, find Kubernetes, and choose the “Publish to Kubernetes cluster” template. In this tutorial, one stage will be more than enough.

Post to a Kubernetes group

Go to the stage 1 task list.

Phase 1 task list

Create a service connection for Alibaba Cloud K8s

Here is the default 2-step “deploy to Kubernetes cluster” phase: “agent function” and “Kubectl”.
In the “agent job” we just need to configure the set of workers where our pipeline will run. All of our pipeline logic will be defined in the “Kubectl” step.

First of all, let’s add a Kubernetes service connection. Select the “+ New” button on the right side.

Add a Kubernetes service connection

Select kubeconfig, and paste the temporary kubeconfig that was created in the “Create temporary Kubeconfig” section. You may want to select “Accept untrusted certificates” if you are not providing the appropriate certificates for the group. By clicking Verify, Azure DevOps will verify access to the group.

New service connection

Create a new version

At this point, the connection to the Alicloud Kubernetes cluster has already been established and we can proceed with the configuration of the kubectl task.

We will be using the default namespace in this tutorial.

To publish the Nginx container in the ACK group, we need to run the following command:

kubectl apply -f https://k8s.io/examples/application/deployment.yaml

To do this, we need to select apply In the “Commands” section, provide the following argument in the “Arguments” section.

-f https://k8s.io/examples/application/deployment.yaml

Don’t forget to save your changes!

Save Changes

Once you’re ready, click the Create Release button. It will create a new instance of the pipeline called ‘release’.

Create versionIn the newly created version, click the “Publish” button to start the execution of the stage.

Spread

Noticeable: If an error occurs, you can make changes to the pipeline or a specific version. Changes made to the pipeline will be implemented in all new releases. Version changes will only be saved in a specific version.

Edit version

You can follow the publishing process in the “Logs” section.

Records Section

Kubectl has succeeded!

Kubectl . application

Now we have a running Nginx container in our ACK group.

Uncover the application to the public

If you want to showcase your app to the rest of the world, you need to start building a service. In the Alibaba Cloud console, on the left panel, select “Services” and then the “Create” button.

Alibaba Console - Create

In the pop-up menu, select the type of service and fill in the Port Mapping section.

port set

To expose the new service, we will be using the Nginx ingress console that we selected during the K8s cluster installation process.

On the right panel, click “Enter” and then “Create”.

Login / Create

In the pop-up menu, enter a name for your login. Choose the service you created in the previous steps and specify the domain URL.

You can use the temporary domain provided by Alicloud and add a custom name on the left side.

http://mynginx.c622cf1704c03403399c7892b09f539c.eu-central-1.alicontainer.com/?spm=5176.2020520152.218.19.4f5e61b1m0CUau

Add a custom name

Follow the login link and the standard Nginx page will open!

Welcome to nginx

Abstract

In this tutorial, we covered the steps of installing Alibaba Cloud Kubernetes (ACK), creating an Azure DevOps release pipeline, a configured service connection to Alicloud Kubernetes using a temporary kubeconfig, deploying the sample Nginx container to the Alicloud Kubernetes, and rendering the application online using Ingress.

.

Leave a Comment