CI/CD pipeline between Github, Microsoft's Visual Studio for Teams (VSTS) and Kubernetes.
The target audience for this tutorial is anyone looking for a Continuous Integration/Continuous Delivery pipeline solution using Github, VSTS and Kubernetes as the deployment platform. This
is a step-by-step approach with many details on how things get connected together.
For this pipeline, you will need:
- A Github account
- An Azure account
- A Visual Studio for Teams (VSTS) account at visualstudio.com
This guide will walk you through the process of creating a Continuous Integration/Continuous Delivery pipeline (CI/CD pipeline).
| Components | Role | Notes |
|---|---|---|
| Github | Source code Version Control System | Our Dockerfile and the Kubernetes services and deployment file will also be hosted here. |
| VSTS | Build docker images, Push docker images to the repo and deploy to Kubernetes | Azure Container Registry will the the repository for the images. You could also change this here and use dockerhub. |
| Kubernetes | Run the application | Kubernetes will run on Azure Container Services (AKS) |
Our flow will be:
- Code is pushed to Github
- A Webhook is sent from Github to VSTS.
- Based on the reception of the Webhook, VSTS will fetch the
Dockerfilefrom the repository on Github and run a build image action. - A new Docker image of our code will be pushed to our Azure Container Registry repository.
- VSTS will deploy the our workload based on the instruction from the
azure_visualizer-deployment.ymlfile found under our repository. - Finaly, VSTS will will deploy a services object following the
azure_visualizer-svc.ymlfile.
In order to deploy the pipeline, we need to have in place a few components. The following steps will setup Kubernetes and the Azure Container Registry.
The first thing you should do is to clone this repo as most of the examples here will do relative reference to files.
git clone https://github.com/dcasati/k8s-training.gitWith that out of the way, we let's define some global variables. They will be used throughout the labs.
-
Create the variables file
# The name of our demo export demoname=k8s-demo cat << EOF > variables.rc # Enter here the email attached to your Azure subscription export myEmail=YOUR_EMAIL_HERE # The data center and resource name for your resources export resourcegroupname=${demoname}-rg # select a region to deploy your resources export location=eastus # Azure Container Registry export acrname=${demoname/-/}acr${RANDOM} # Kubernetes export clustername=$demoname-cluster EOF
-
source it to load the values
source variables.rc -
With these values, we can now create a Resource Group that will be used during our exercises.
az group create \ --name $demoname \ --resource-group $resourcegroupname \ --location $location
Here we will see the steps needed to setup a Kubernetes cluster on Azure.
NOTE: At the time of this writing, Azure Container Services is in preview so before you can use it you will have to add that feature to your subscription with the following command:
az provider register -n Microsoft.ContainerService-
Create an AKS instance
az aks create \ --resource-group $resourcegroupname \ --name $clustername \ --node-count 2 \ --generate-ssh-keys \ --kubernetes-version 1.8.1After a few minutes you should have you cluster up and running.
-
To install kubectl
az aks install-cli
NOTE: This procedure will work on MacOS, Linux and Windows.
-
Run the following az command:
az aks get-credentials \ --resource-group $resourcegroupname \ --name $clustername
This will get the
KUBECONFIGso you can later use with kubectl -
To test your new setup, let's get the information about the PODs and Nodes.
kubectl get nodes
In this section, we will setup our private registry on Azure Container Registry.
-
Create an ACR instance
az acr create \ --resource-group $resourcegroupname \ --name $acrname \ --sku Basic -
Save the value of the
loginServerto a variable of the same name ($loginServer).loginServer=$(az acr list --resource-group $resourcegroupname --query "[].{acrLoginServer:loginServer}" --output tsv) -
Enable admin access to ACR
az acr update --name $acrname --admin-enabled true
-
Retrieve the credentials for the registry
acrUsername=$(az acr credential show --resource-group $resourcegroupname --name $acrname --query username -o tsv) acrPassword=$(az acr credential show --resource-group $resourcegroupname --name $acrname --query passwords -o tsv | awk '/password\t/{print $2}')
-
Create the Secret to hold the ACR credentials
kubectl create secret docker-registry myregistrykey \ --docker-server $loginServer \ --docker-username $acrUsername \ --docker-password $acrPassword \ --docker-email $myEmail
In the first part of this tutorial, we will create the mechanism for the Continuous Integration. Essentially, our code will live on Github and whenever there's a change to this code (e.g.: a developer commits changes to the repo) we will setup a Webhook that will trigger an action, informing VSTS of these changes. Once informed by Github, VSTS will act based on the rules we will setup soon.
For this example, fork the code available at: https://github.com/dcasati/azure_visualizer.git
- Visit VSTS
- Sign in or create an account
- Click an account (or use an existing one) and then create a new project
-
Click on the Build button then on +New definition
-
Next, on the
Select a templatescreen, choose start with an Empty process.
-
Click on
Get sourcesthen select Github from the sources available on the right side.
-
Authorize the Github connection, then select the repository where you've forked the
azure_visualizercode and the branch that will be used. Finally, under theCleanoption, select false.
-
Click on the
Save and queueicon and then selectSave. -
Click on the
Triggerstab, then select your Github repository on the left side of the screen. Finally, click on theEnable Continuos Integrationbox on the right side.
-
Click on the
Save and queueicon and then selectSave.
With the initial connection to Github in place we will now configure the components that will build and publish the Docker image.
-
Next, on the left side of the screen, click on
Process. Name the Process with something meaningful such asazure_visualizer_pipeline-CI. Under theAgent queue, select Hosted Linux Preview.
-
Add a task to the phase by clicking on the plus sign.
-
On the
Add tasks bladesearch fordockerthen click onAdd. While here, go ahead and click onAddone more time. We will use the Docker integration when building and then when pushing the image to the repository.
-
Name the first docker task as
Build an image. Select Azure Container Registry as theContainer Registry Typeand then select an appropriate Azure subscription.
In my case, you can see that the registry
casatixwas choosen and that theDocker Filewas set to/**Dockerfile. Click onSave and queuethen onSave. Select Build image under theActionsection.Note:
/**Dockerfileshould correspond to the Dockerfile on your Github repo. If you have forked our code example, than you are good to go. If you are adapting this tutorial to your use case, make sure that you map this option correctly otherwise you will not be able to build an image.
-
Click on the second Docker task and name that
Push images. Like the previous step, choose the appropriateContainer Registry Type,Azure subscriptionand theAzure Container Registry.
-
Finaly, select Push images under the
Actionsection.
-
Select
Include Latest Tag
-
Click on
Save and queuethen onSave.
Name this as Phase 2 - Continuous Delivery
-
Click on the plus sign in front of the
Phase 2and select to add a new task. Filter the task forkubernetesthen click onAdd. Do this step one more time as we will need two Kubernetes tasks, one for the deployment and another for the sevice.
-
Name this first task
Create Kubernetes Deployment,
| Item | Value |
|---|---|
| Display name | Create Kubernetes Deployment |
| Kubernetes Service Connection | Paste your KUBECONFIG here* |
| Container Registry type | Azure Container Registry |
You will need to retrieve your KUBECONFIG for the Kubernetes Services Connection. To get this file, execute the following:
az aks get-credentials \
-g $resourcegroupname \
-n $clustername \
-f myk8s_cluster.conf
Scroll down the Commands section and select create under Command dropdown menu. Select the Use Configuration files option. Then under the Configuration File click on the button button to select the deployment file (azure_visualizer-deployment.yml in the picture).
Note: This file is hosted on your Github repository.
Click on Save and Queue then on Save.
Repeat the previous step for the the next Kubernetes task with the following values:
| Item | Value |
|---|---|
| Display name | Create Kubernetes Service |
| Kubernetes Service Connection | Select the Kubernetes connection from the dropdown menu |
| Container Registry type | Azure Container Registry |
| Azure Container Registry | casatix* |
* Modify this value to reflect your setup.
Commands
| Item | Value |
|---|---|
| Command | create |
| Configuration File | azure_visualizer-svc.yml |
Click on Save and Queue then on Save.
You can verify if the deployment was successful by running the following:
$ kubectl get pods -l k8s-app=azure-visualizer
NAME READY STATUS RESTARTS AGE
azure-visualizer-1640327816-t8f3g 1/1 Running 0 10d