Installing and Maintaining #Azure Kubernetes Cluster #AKS #ContainerInsights #AzureDevOps

Start Creating Azure Kubernetes Cluster for your Containers.

Managed Azure Kubernetes Service (AKS) makes deploying and managing containerized applications easy. It offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. As a hosted Kubernetes service, Azure handles critical tasks like health monitoring and maintenance for you. The Kubernetes masters are managed by Azure. You only manage and maintain the agent nodes. As a managed Kubernetes service, AKS is free – you only pay for the agent nodes within your clusters, not for the masters. In the following steps you can see the different ways for creating Azure Kubernetes Cluster via the Azure Portal, or via Azure Cloud Shell, or via Azure Resource Template. When the Microsoft Azure Kubernetes Cluster is running, then I will explain the different ways for deploying container workloads on AKS. When your workload is running on Azure Kubernetes Services, you also have to monitor your Container workloads with Azure Monitor Container Insights to keep in Controle. Let’s start with installing Azure Kubernetes Services (AKS)

Installing Azure Kubernetes Cluster via the Portal.

To begin you need of course a Microsoft Azure Subscription and you can start for free here

Basics information of the Azure Kubernetes Cluster

To Create the Azure Kubernetes Cluster, you have to follow these steps and type the right information in the Portal:

1. Basics
2. Scale
3. Authentication
4. Networking
5. Monitoring
6. Tags
7. Review + Create

At the basics screen you select the right Azure Subscription and the Resource Group. You can create a New Resource Group or one you already made.
At Cluster details, you give your Cluster a name and select the Kubernetes version.

Here you select the Kubernetes Node size for your Container workload and the number of nodes.
You can start a Cluster already with One node, but choose to start with the right size for your workloads.
When you click on Change size, you can choose your nodes to do the job. 😉

Select the right Size node

Then we go to step 2 and that is Scale.

2. Scale options in Azure Kubernetes Cluster

Here you have two options :

1. Virtual Nodes
2. VM Scale sets (Preview)

To quickly deploy workloads in an Azure Kubernetes Service (AKS) cluster, you can use virtual nodes. With virtual nodes, you have fast provisioning of pods, and only pay per second for their execution time. In a scaling scenario, you don’t need to wait for the Kubernetes cluster autoscaler to deploy VM compute nodes to run the additional pods. Virtual nodes are only supported with Linux pods and nodes. More information here about Virtual Nodes

To create an AKS cluster that can use multiple node pools, first enable two feature flags on your subscription. Multi-node pool clusters use a virtual machine scale set (VMSS) to manage the deployment and configuration of the Kubernetes nodes. With this Preview feature you can run Linux Containers and Windows Containers on the same Cluster. More information here about VM Scale sets (Preview)

3, Authentication

The service principal is needed to dynamically create and manage other Azure resources such as an Azure load balancer or container registry (ACR). To interact with Azure APIs, an AKS cluster requires an Azure Active Directory (AD) service principal. More information about the Service Principal can be found here

Azure Kubernetes Service (AKS) can be configured to use Azure Active Directory (Azure AD) for user authentication. In this configuration, you can sign in to an AKS cluster by using your Azure AD authentication token.
Cluster administrators can configure Kubernetes role-based access control (RBAC) based on a user’s identity or directory group membership. More information about RBAC for AKS

4. Networking

Configuring the virtual Networks for your Azure Kubernetes Cluster is important for the right IP range but later on also for the Network Security Groups (NSG).

Here you see an example of the Kubernetes NSG which is connected to the Internet by Default after installation, you can deep dive into security but be careful which settings you do here because Microsoft resources must have access to service the Azure Kubernetes Cluster.

NSG created after installation is finished

NSG Rule set Inbound and outbound

In a container-based microservices approach to application development, application components must work together to process their tasks. Kubernetes provides various resources that enable this application communication. You can connect to and expose applications internally or externally. To build highly available applications, you can load balance your applications. More complex applications may require configuration of ingress traffic for SSL/TLS termination or routing of multiple components. For security reasons, you may also need to restrict the flow of network traffic into or between pods and nodes.

Best practices for network connectivity and security in Azure Kubernetes Service (AKS):

Here is more information about networking and Security for AKS

5. Monitoring

Keep Azure Monitoring Enabled and Connect to your Log Analytics workspace or create a new workspace for Container monitoring of your Azure Kubernetes Cluster.

Azure Monitor for containers is a feature designed to monitor the performance of container workloads deployed to either Azure Container Instances or managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). Monitoring your containers is critical, especially when you’re running a production cluster, at scale, with multiple applications.

Azure Monitor for containers gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. After you enable monitoring from Kubernetes clusters, metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux. Metrics are written to the metrics store and log data is written to the logs store associated with your Log Analytics workspace.

6. Tags

When you build more Azure Kubernetes Clusters for different departments or teams you can TAG your Clusters for organizing your billing and security for example. Here you find more information about tagging.

After this you click on the last step Review and Create
The Azure portal will do a validation of your Azure Kubernetes Cluster settings, and when it’s validated you hit Create. But when you want more Automation, you can download the JSON ARM template first and use that.

Installing Azure Kubernetes Cluster via Cloud Shell

Azure Cloud Shell AKS CLI

Azure hosts Azure Cloud Shell, an interactive shell environment that you can use through your browser. Cloud Shell lets you use either bash or PowerShell to work with Azure services. You can use the Cloud Shell pre-installed commands to run the code in this article without having to install anything on your local environment.

Here you see an Example of AKS CLI with Auto Scaler with max count of nodes 😉

Installing Azure Kubernetes Cluster via Template

Create Azure Kubernetes Cluster via Template in the Portal

Here you find an Example at GitHub for a Template deployment

Now you have your Microsoft Azure Kubernetes Cluster (AKS) running in the Cloud, you want to deploy your Container workloads on the Cluster. In the following steps you see different deployments.

Deploy Container workload with Azure DevOps Project

Deployment Center

First you select your repository where your source code is of your workload.

Set the information right and click Next.

Simple example Click Next

Create a Container Registry.

Building Pipeline with Azure DevOps.

Here you see the Building in Microsoft Azure DevOps.

Build, test, and deploy in any language, to any cloud—or on-premises. Run in parallel on Linux, macOS, and Windows, and deploy containers to individual hosts or Kubernetes.

Here you find all the information about Microsoft Azure DevOps for your workloads, code and Deployments.

Deploying Container workload completed with Azure DevOps.

 

Deploy Container Workloads via Visual Studio Code

When you download and install Visual Studio Code on your computer, you can install the Azure Kubernetes extension for VSCode.

Install Kubernetes extension for VSCode

VSCode with Kubernetes Extension

Here you see Microsoft Visual Studio Code connected with my Azure subscription where my Azure Kubernetes Cluster is running. With the standard Helm Repository packages for deployment to your AKS Cluster. Here you see a WordPress yaml file which I deployed to the Kubernetes Cluster on Azure.

Just Select your Package and Install on Azure Kubernetes.

From here you can into the Container and read the logs.

I’m using Visual Studio Code a lot for Azure Kubernetes but also for Docker Containers and images.
Making Azure ARM JSON templates and this great for Infrastructure as Code.

 

Azure Monitoring with Container Insights

In One Dashboard you can see the Status of all your Clusters

 

Azure Monitor Container Insights Live View

Because we installed Azure Monitor for Containers on the Microsoft Azure Kubernetes Cluster, we can live see what is happening inside the Kubernetes Cluster with the containers. This is a great feature when you have a issue with a Container for troubleshooting fast and see what is happening.

Conclusion

Microsoft Azure Kubernetes Cluster is fast and easy to manage. You can upgrade your Cluster without downtime of your Container workload. With Azure Monitor for Containers you can see what’s happening inside the container and you can set alerts when something went wrong. This keeps you in Controle of the solution. With Deployment center alias Azure DevOps Projects you can deploy your workload via Azure DevOps Pipeline and work on versioning, testplans, Azure DevOps repo and work together with a Team on the following releases. Working with Azure Kubernetes Multi node pools with Linux and Windows on the same Cluster is possible. Try it yourself and start with a Proof of Concept for your Business.

JOIN Containers in the Cloud Community Group on LinkedIn

Categories: ARM, Azure, Azure Monitor, AzureDevOps, Containers, Linux, Microsoft Azure, Windows Containers, WindowsAzure | Tags: AKS, AzOps, Azure, AzureDevOps, Cloud, Code, ContainerInsights, Containers, DevOps, IaC, Kubernetes, Microservices, PipeLines, VSCode | Permalink.

Installing and Maintaining #Azure Kubernetes Cluster with Multi Pool Nodes (Preview) for #Linux #Winserv Containers

Install AKS-Preview extension via Azure Cloudshell

NOTE ! This is a Preview blogpost, do not use in production! (only for test environments)

To create an AKS cluster that can use multiple node pools and run Windows Server containers, first enable the WindowsPreview feature flags on your subscription. The WindowsPreview feature also uses multi-node pool clusters and virtual machine scale set to manage the deployment and configuration of the Kubernetes nodes. Register the WindowsPreview feature flag using the az feature register command as shown in the following example:

I Have registered the following Preview Features from the Azure CloudShell :

• az feature register –name WindowsPreview –namespace Microsoft.ContainerService
• az feature register –name MultiAgentpoolPreview –namespace Microsoft.ContainerService
• az feature register –name VMSSPreview –namespace Microsoft.ContainerService

This will take a few minutes and you can check the registration with the following command :

az feature list -o table –query “[?contains(name, ‘Microsoft.ContainerService/WindowsPreview’)].{Name:name,State:properties.state}”

When ready, refresh the registration of the Microsoft.ContainerService resource provider using the az provider register command:

 

Creating Azure Kubernetes Cluster

First you create a Resource Group in the right Azure Region for your AKS Cluster to run:

az group create –name myResourceGroup –location eastus

I created Resource Group KubeCon in location West-Europe.

Creating KubeCluster

With the following CLI command in Azure Cloudshell, I created the Kubernetes Cluster with a single node:

$PASSWORD_WIN=”P@ssw0rd1234″

az aks create –resource-group KubeCon –name KubeCluster –node-count 1 –enable-addons monitoring –kubernetes-version 1.14.0 –generate-ssh-keys –windows-admin-password $PASSWORD_WIN –windows-admin-username azureuser –enable-vmss –network-plugin azure

The Azure Kubernetes Cluster “KubeCluster” is created in the resource group “KubeCon” in a view minutes.

Adding a Windows Pool

Adding a Windows Server Node Pool

By default, an AKS cluster is created with a node pool that can run Linux containers. Use az aks nodepool add command to add an additional node pool that can run Windows Server containers.

az aks nodepool add –resource-group KubeCon –cluster-name KubeCluster –os-type Windows –name pool02 –node-count 1 –kubernetes-version 1.14.0

I added the Windows Server Pool via the Azure Portal.

When this has finished, we have an Azure Kubernetes Cluster with Multi node Pools for Linux and Windows Server Containers :

Pools for Linux and Windows Server Containers

The following will be created in Microsoft Azure too :

VNET, NSG and Virtual Machine Scale Set (VMSS)

Azure Monitor for containers is a feature designed to monitor the performance of container workloads deployed to either Azure Container Instances or managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). Monitoring your containers is critical, especially when you’re running a production cluster, at scale, with multiple applications.
Azure Monitor for containers gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. After you enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

Container Insights Monitoring of the Linux Node

Container Insights Monitoring of the Windows Server Node

Here you can read all about Azure Monitoring with Container Insights

Scaling Multi Pool Node AKS Cluster

To Scale your Multi Pool Node AKS Cluster, you need to do this via the Azure Cloudshell CLI.

Here you see the two pools ( Linux and Windows Server)

Scaling up the Windows Server Pool

You can do this with the following command :

az aks nodepool scale –resource-group KubeCon –cluster-name KubeCluster –name pool02 –node-count 2 –no-wait

Scaling

Scaling Succesful after a few minutes

Upgrading Windows Server Pool Instance

When I scaled the Cluster there was a update released by Microsoft.

Windows Server Pool Instances

Just Click on Upgrade

Upgrade is Done 😉

Categories: Azure, Azure Monitor, Containers, Linux, Microsoft Azure, Windows Containers, Windows Server 2019, WindowsAzure | Tags: AKS, AzOps, Azure, Cloud, Cluster, Containers, Developers, DevOps, Kubernetes, Linux, MVPBUZZ, Preview, WindowsContainers | Permalink.

Microsoft #Azure CloudShell for Management tasks #Bash #Powershell #CLI #KubeCtl #Terraform

https://shell.azure.com

Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work. Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.

In this quick overview you will see the possibilities of Microsoft Azure Cloudshell functionalities and tools.

Azure Cloudshell Editor

Azure Cloud Shell includes an integrated file editor built from the open-source Monaco Editor. The Cloud Shell editor supports features such as language highlighting, the command palette, and a file explorer.
This can be handy with JSON and YAML files.

 

When you have your App YAML file for your Azure Kubernetes Cluster on your Cloud drive, you can edit the file online with your browser and save it in the Azure Cloud. I like this editor in the Cloudshell, especially when you are not behind your own laptop or pc and you have to make a quick change.

I have a Kubernetes Cluster installed on Azure and with this editor I can explore my Azure logs, Cache, and config files for the information I need to work with in Bash, Powershell to do my CLI commands for example 😉

For the Powershell Gurus 

Azure PowerShell provides a set of cmdlets that use the Azure Resource Manager model for managing your Azure resources. Learn here more about Azure Powershell

Azure Kubernetes CLI Kubectl

Kubectl is a command line interface for running commands against Kubernetes clusters. kubectl looks for a file named config in the $HOME/.kube directory. You can specify other kubeconfig files by setting the KUBECONFIG environment variable or by setting the –kubeconfig flag.
Read here more about Kubectl

Terraform CLI is Available

What is Terraform?
Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.
Configuration files describe to Terraform the components needed to run a single application or your entire datacenter. Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied.
The infrastructure Terraform can manage includes low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc.

The key features of Terraform are:

Infrastructure as Code
Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used.

Execution Plans
Terraform has a “planning” step where it generates an execution plan. The execution plan shows what Terraform will do when you call apply. This lets you avoid any surprises when Terraform manipulates infrastructure.

Resource Graph
Terraform builds a graph of all your resources, and parallelizes the creation and modification of any non-dependent resources. Because of this, Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure.

Change Automation
Complex changesets can be applied to your infrastructure with minimal human interaction. With the previously mentioned execution plan and resource graph, you know exactly what Terraform will change and in what order, avoiding many possible human errors.

More information on Terraform

It’s really easy to Upload or Download your Files.

AzCopy is a command-line utility designed for copying data to/from Microsoft Azure Blob, File, and Table storage, using simple commands designed for optimal performance. You can copy data between a file system and a storage account, or between storage accounts.

More information about Features & tools for Azure Cloud Shell here

Conclusion :

Microsoft Azure Cloudshell is very powerful to work with, creating your infrastructure from the Command Line Interface (CLI) or with JSON / YAML scripts. Some features or commands are not available in the Azure portal and that’s where Azure Cloudshell can help you out. Try the different Azure Cloudshell Tools and look what you like most to use for your work. From here you can work on any device with a browser and do your work. #MVPBuzz

Categories: ARM, Azure, AzureDevOps, Containers, Microsoft Azure, PowerShell, WindowsAzure | Tags: AzOps, Azure, Bash, CLI, Cloud, CloudShell, DevOps, Kubectl, Linux, Microsoft, MVPBUZZ, PowerShell, Terraform | Permalink.

Don’t Miss this Awesome #Microsoft BUILD 2019 Event! #Azure #Cloud #MSBuild

Download the Mobile App here

Seattle May 6-8, 2019

Watch live as technology leaders from across industries share the latest breakthroughs and trends, and explore innovative ways to create solutions. After the keynotes, select Microsoft Build sessions will stream live—dive deep into what’s new and what’s next for developer tools and tech.

 

Watch the livestream here: https://www.microsoft.com/en-us/build

• Discover and experience new ways to build, modernize, and migrate your applications. Get hands-on experiences with tools like Azure Kubernetes Service (AKS) that can help you dynamically scale your application infrastructure.
• Quickly and easily build, train, and deploy your machine learning models using Azure Machine Learning, Azure Databricks, and ONNX. Uncover insights from all your content—documents, images, and media—with Azure Search and Cognitive Services.
• Join Microsoft for hands-on learning to discover how tools like Visual Studio live share can help you collaborate with your peers instantly.
• Come learn how to build an end-to-end continuous delivery pipeline that is fast and secure with Azure DevOps technologies. Spend less time maintaining your toolset and more time focusing on customer value.
• Understand how frameworks like Xamarin and .NET can help you reach customers on all platforms. Learn how to use the same languages, APIs, and data structures across all mobile development platforms.
• Learn how mixed reality helps you bring your work and data to life when you need it, and where you need it. Start building secure, collaborative mixed reality solutions today using intelligent services, best-in-class hardware, and cross-platform tools.
• Learn to connect your devices to the cloud using flexible IoT solutions that integrate with your existing infrastructure. Collect untapped data and form valuable insights that help you create better customer experiences and generate new streams of revenue.

Book your Microsoft Build 2019 sessions via the BUILD Scheduler

Vision Keynote by CEO Satya Nadella

 

 

Windows Insider Program

Azure DevOps

Azure Monitor

Containers

Have a good look which sessions to follow because there are 431 sessions 👍🚀

JOIN Azure DevOps Community

https://www.linkedin.com/groups/12139259/ …

JOIN Containers in the Cloud Community

https://www.linkedin.com/groups/13539967/ …

JOIN Azure Monitor and Security Community https://www.linkedin.com/groups/13517115/ …

Categories: Azure, Azure AI, Azure Monitor, Azure Security, Azure Stack, AzureDevOps, Containers, Docker, DSVM, Hololens, Linux, Microsoft Azure, SQL, VisualStudio, Windows Admin Center, Windows Containers, Windows Server 2019, WindowsAzure | Tags: AI, Analytics, AzOps, Azure, AzureDevOps, Azuremonitor, AzureStack, Cloud, Community, Containers, ContainersInsight, Developers, DevOps, IoT, MSBuild, MSBuild2019, MVPBUZZ, Security | Permalink.

#Azure Monitor in Action Investigating Production Issues Follow @Azuremonitor

Microsoft Azure Monitor in Action

In this episode, Isaac Levin (@isaac2004) joins us to share how the developer exception resolution experience can be better with Azure Monitor and Snapshot Debugger. The discussion talks about what Azure Monitor is and an introduction to Snapshot Debugger, and quickly goes into demos showcasing what developers can do with Snapshot Debugger.

More information about Azure Monitor on Microsoft Docs

What’s is Application Insights?

Application Insights is an extensible Application Performance Management (APM) service for web developers on multiple platforms. Use it to monitor your live web application. It will automatically detect performance anomalies. It includes powerful analytics tools to help you diagnose issues and to understand what users actually do with your app. It’s designed to help you continuously improve performance and usability. It works for apps on a wide variety of platforms including .NET, Node.js and Java EE, hosted on-premises, hybrid, or any public cloud. It integrates with your DevOps process, and has connection points to a variety of development tools. It can monitor and analyze telemetry from mobile apps by integrating with Visual Studio App Center.

Follow Azure Monitor on Twitter

JOIN the Azure Monitor & Security Community on LinkedIn

Categories: Azure, Azure AI, Azure Monitor, Azure Security, Azure Stack, AzureDevOps, Containers, DSVM, Microsoft Azure, Windows Containers, WindowsAzure | Tags: AnyLanguage, AppInsights, AzOps, Azure, AzureDevOps, Azuremonitor, Cloud, ContainerInsights, Developers, DevOps, Microsoft, MVPBUZZ | Permalink.

Learn Azure in a Month of Lunches Free E-book #Azure #Cloud #Education

Learn Azure in a Month of Lunches breaks down the most important Azure concepts into bite-sized lessons with exercises and labs—along with project files available in GitHub—to reinforce your skills. Learn how to:
Use core Azure infrastructure and platform services—including how to choose which service for which task.
Plan appropriately for availability, scale, and security while considering cost and performance.
Integrate key technologies, including containers and Kubernetes, artificial intelligence and machine learning, and the Internet of Things.

You can download the Free Learn Azure in a Month of Lunches E-book here

Categories: ARM, Azure, Azure AI, Azure Monitor, Azure Security, AzureDevOps, Containers, IoT, Microsoft Azure, OMS, SQL, Windows Containers, Windows Server 2016, Windows Server 2019, WindowsAzure | Tags: Apps, AzOps, Azure, AzureDevOps, Cloud, Developers, DevOps, Ebook, Education, Microsoft, Teachers | Permalink.

How to monitor your #Kubernetes clusters – Best Practices Series #AKS #AzureMonitor

Get best practices on how to monitor your Kubernetes clusters from field experts in this episode of the Kubernetes Best Practices Series. In this intermediate level deep dive, you will learn about monitoring and logging in Kubernetes from Dennis Zielke, Technology Solutions Professional in the Global Black Belts Cloud Native Applications team at Microsoft.

Multi-cluster view from Azure Monitor

Azure Monitor provides a multi-cluster view showing the health status of all monitored AKS clusters deployed across resource groups in your subscriptions. It shows AKS clusters discovered that are not monitored by the solution. Immediately you can understand cluster health, and from here you can drill down to the node and controller performance page, or navigate to see performance charts for the cluster. For AKS clusters discovered and identified as unmonitored, you can enable monitoring for that cluster at any time.

Understand AKS cluster performance with Azure Monitor for containers

Container Live Logs provides a real-time view into your Azure Kubernetes Service (AKS) container logs (stdout/stderr) without having to run kubectl commands. When you select this option, new pane appears below the containers performance data table on the Containers view, and it shows live logging generated by the container engine to further assist in troubleshooting issues in real time.
Live logs supports three different methods to control access to the logs:

AKS without Kubernetes RBAC authorization enabled
AKS enabled with Kubernetes RBAC authorization
AKS enabled with Azure Active Directory (AD) SAML based single-sign on

You even can search in the Container Live Logs for Troubleshooting and history.

View Container Live logs with Azure Monitoring for AKS | Kubernetes | Containers 

Categories: Azure, Azure Monitor, AzureDevOps, Containers, Docker, Linux, Microsoft Azure, OMS, Windows Containers, WindowsAzure | Tags: AKS, Analytics, Apps, Azure, AzureDevOps, Azuremonitor, Cloud, Containers, DevOps, Kubernetes, Linux, Monitoring, MVPBUZZ | Permalink.