I have setup a Kubernetes Cluster using aks-engine to deploy a kubernetes configuration enabling feature-gates(github aks-engine) in this case --feature-gates=WindowsGMSA=true.
The installation is successful, the cluster is created with 2 nodes(windows agent, linux master) now i am trying to domain join and create GSMA to enable Authentication.
I am unclear on the process as i am new in AKS and Azure/Active Directory. Any help would be appreciated.
I created an AD DS in Azure and tried to domain joined to the windows node and it is not working, maybe i am doing this wrong.
Related
I am using Azure DevOps on cloud for my test microservice app. So I am using my own machine as an agent to build operations. And I created a kubernetes cluster on minikube with a hyperv driver. So I want to create a release pipeline and deploy to my local kubernetes. Is this possible?
As per your question, it is possible to create a release pipeline and you can deploy to your local kubernetes by referring to link1 and link2 .
According to your description, you can try to create a new Kubernetes service connection in your project with the "KubeConfig" or "Service Account" option. It should be from your Kubernetes cluster.
After the service connection created, you can use the "Kubectl" task in the release pipeline to deploy your local kubernetes.
For more information, you could refer to: Kubernetes service connection.
Deploying a multi-container application to Azure Kubernetes Services without using Azure DevOps
We have use case with Java Application (Spring ) with oracle Database as two containers .
We have to try the same in AKS ( Not using Azure DevOps).
Both App (8080) and DB (1521) runs on different Ports
Let me know if you have similar use case implemented.
The point of discussion here might be that whether you want to use a CI/CD Tool other than Azure Devops or not?
If yes, you'll need to setup a pipeline, write some Kubernetes Templates, Build Code, Push Image, and then deploy.
You can always refer Kubernetes Official Docs for more in depth knowledge of Multi-Container Pods, and Jenkins Official Docs for understanding CI/CD Process
I have “.Net Core Web Api” and “Angular 8” projects. I am manually deploying these two application on Azure Virtual Machine.
Now I want to use Azure CI/CD pipeline process and deployed above application on IIS present on above Azure Virtual Machine.
Can I achieve above tasks by using Azure Deployment Groups? I am not able to find proper solutions on internet.
Any help will be really appreciated.
I have this link: https://learn.microsoft.com/en-us/azure/devops/pipelines/apps/cd/deploy-webdeploy-iis-deploygroups?view=azure-devops but no use.
Can I achieve above tasks by using Azure Deployment Groups?
Of course sure. Azure virtual machine just the VM which hosted by Azure, there's no more difference with the normal VM.
To deploy application to Azure VMs through IIS tasks and azure devops deployment group, you must pay attention to below 2 prerequisites:
1) As normal, VM is a separated machine. In order to combine them into Azure Devops and use them with CI/CD, to be precise, let the Deployment group manage to these virtual machine, you need to run script to register these VMs to VSTS deployment group.
2) Also, to deploy application to VMs via IIS, you need also ensure that these VMs web servers configured with IIS.
Above 2 is what mentioned in the doc you shared.
Our lab published a blog which describe the very detailed steps on how to Deploying to Azure VM using Deployment Groups. You can follow it to continue your configuration in VSTS pipeline.
Since it is very detailed, I would only point some key to you:
1 To configure Deployment Group agent on each of the virtual machines, firstly, please use Azure Resource Group Deployment task with Configure virtual machine deployment options action and enable prerequisites as Configure with Deployment Group agent:
2 For the configuration of IIS manage and deploy task, including physical path and etc, you can follow this(just ignore its task of start) to finish your configuration.
Note:
Here you must add 2 phases since Azure Resource Group Deployment task need run with agent job, and IIS web app manage/deploy task run with deployment group job
These are the basic steps which could help you achieve what you want.
I'm trying to figure out the steps to setup CI/CD for an Asp.Net Core web application using AKS with VSTS. Are the steps described in https://learn.microsoft.com/en-us/vsts/build-release/apps/cd/azure/deploy-container-kubernetes valid for what I'm trying to do? Are windows container supported in AKS?
If your application is in ASP.Net Core, then you can host it in Linux as your code is platform independent. I have done this using Docker-file where your container is a self hosted app running on AKS.
VSTS provides a Inbuilt task to deploy to your AKS cluster in your build pipeline.
Windows support on k8s is better with Windows Server version 1709 which needs Kubernetes v1.9 (bleeding edge stable). See https://kubernetes.io/docs/getting-started-guides/windows/
Unfortunately, at this time, AKS preview only supports up to 1.8.2.
Frosty, if you can create a docker image out of your Windows machine, it can be pushed to the container registry and then deployed to Kubernetes cluster. Here are some links for reference:
Building and Pushing Windows container images: https://blog.docker.com/2016/09/build-your-first-docker-windows-server-container/
Install Azure CLI: https://learn.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest
Create Kubernetes cluster in AKS: https://coderise.io/kubernetes-cluster-on-azure-container-service/
Windows containers are in private preview in AKS (reference); you can sign up using this form.. You can run hybrid clusters (Linux+Windows, up to 1803) using acs-engine today.
The VSTS walkthrough you linked is valid; check also this one and this one.
Update: Windows support for AKS is still a work in progress.
Currently Windows container are only in private preview, and you need to enable it using Azure CLI do some steps, please refer this official docs: https://learn.microsoft.com/en-us/azure/aks/windows-container-cli. After you enable it, then you can check the 'Windows Container' option when you create node pool in your azure kubernete service account.
I'm trying to enable RBAC on my k8s cluster on azure. I ssh'ed into my master node and edited the kube-apiserver.yaml with the --authorization-mode=RBAC flag. Then I delete the kube-apiserver pod in order to restart the api server. However, when upon restart the --authorization-mode=RBAC config is ignored. Anybody have any advice?
Also the api server configuration is set to --v=10 and the image is v1.6.6
Deleting the pod is not enough. You need to restart kubelet in order for the new options to be applied.
systemctl restart kubelet
I was finally able to generate a cluster that would allow me to enable RBAC on azure by generating an arm template using Azure Container Service Engine:
https://github.com/Azure/acs-engine
By using the above library I could create a new arm template with RBAC enabled and then use the Azure CLI to create a RBAC, configurable Kubernetes cluster.