Azure Acs-engine Deployment

Kubernetes deployment into a VNET cluster on Azure with ACS Engine

ACS Engine is Microsoft maintained open source project . It takes specification in JSON and produces it to deployable Azure Resource Manager (ARM) templates that will create the Kubernetes cluster specified.

This is the working template. It will not throw any issues if you follow this document clearly. You’ll also need the Azure CLI if you haven’t installed that already.

Step 1:

First of all, download the latest acs-engine binary and place it into your path.

You can then verify by checking with this command:

Step 2:

This is the ACS Engine template to deploy our Kubernetes cluster is in cluster/app.json. Click to download.

Three Points to be discussed:

  1. I have used azure network policy in the app.json file.
  2. The instance types and virtual network details for both the masters and agents in our Kubernetes cluster are defined. We can also define windows instance also.
  3. Authentication details has been added. First for virtual machine instances, and second for Azure through servicePrincipalProfile.

Step 3:

Once you install the azure command line in the cmd, Type command:

az account list


Step 4:

The id above is your subscription id. Enter your subscription id below in command line. And also update it in app.json file by giving your <dns-prefix-name> in app.json.

az account set --subscription "<subscription-id>"

Step 5:

az group create --name "<resource-group-name>" --location "<your-location-name>"

For example:

az group create --name "kubernetes-cluster-group" --location "eastus"
Above is how you need to type in cmdline. Also enter these values in app.json file.

Step 6:

we need to create a virtual network and subnet. Update <enter vnet-name> and <subnet-name> in command line as well as in the app.json with the names of the virtual network and subnet respectively.

az network vnet create -n "<enter vnet-name>" -g "<your resource group name>" --address-prefixes "10.3.0.0/16" -l "eastus"
--subnet-name "<subnet-name>" --subnet-prefix "10.3.0.0/16"

Step 7:

we need to provide the authentication details. First, copy the entire text of your public SSH key (located at ~/.ssh/id_rsa.pub). Update <SSH PUBLIC KEY> with this public key and place that key in the app.json file .

Step 8:

we need to create a service principal that this cluster enter your subscription id.

az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/<SUBSCRIPTION ID>"

this command will output some credentials.

Step 9:

Substitute the value appId for <CLIENT_ID> and password for <SECRET>in app.json.

I have acs-engine binary in this folder and app.json inside the cluster folder as you see below.

Step 10:

Type the command to generate output.
acs-engine generate cluster/app.json

Have a look the ARM template files generated at _output/app-cluster-dns-prefix as seen in below image. You will have your files created under your given name of dns-prefix.

Step 11:

Deploy the cluster with this command

az group deployment create --name "<deployment-name>" --resource-group "<resource-group-name>" --template-file "./_output/app-cluster-dns-prefix/azuredeploy.json" --parameters "./_output/app-cluster-dns-prefix/azuredeploy.parameters.json"

Enter your <deployment-name> and <resource-group-name> and provide path of the azuredeploy/json and azuredeploy.parameters.json in the template-file as above.

Now go to azure dashboard and see that deployment is getting created and nodes in vm are getting deployed.

Now you can do export KUBECONFIG and kubectl get nodes command.