Several tools and services have to be installed/provisioned and configured. Your Azure subscription should have the following services provisioned:
- An instance of Azure Container Registry (ACR)
- An instance of Azure Kubernetes Service (AKS)
- The ACRinstance should be attached to the AKS instance (see 3 ways to attach ACR to AKS for further details on how to achieve that)
On your local development system(Linux or Windows), you should have installed and configured the following:
- Azure CLI installed
- Helm v3 installed
- The Kubernetes CLI kubectl with a proper context configuration pointing to the previously mentioned AKS instance
Connect your development system to Azure subscription using:
If you are using Tenant subscription then use the below command and then follow the command output.
az login --tenant <tenant id>
Create resource group:
az group create --name MyResourceGroup --location eastus
Create an AKS cluster:
az aks create --resource-group MyResourceGroup --name MYAKS
Connect to your AKS cluster
To connect a Kubernetes cluster locally, use the Kubernetes command-line client, kubectl. kubectl is already installed if you use Azure Cloud Shell.
- Install kubectl locally using the az aks install-cli command:
az aks install-cli
- Configure kubectl to connect to your Kubernetes cluster using the command, az aks get-credentials. The following command example gets credentials for the AKS cluster named MyAKS in the MyResourceGroup:
az aks get-credentials --name MYAKS --overwrite-existing --resource-group MyResourceGroup
- Generate secret key on Azure to pull container images from ACR
kubectl create secret docker-registry navpullsecret \
--namespace default \
Pull and Install Navigator Helm chart from ACR
To enable OCI support in the Helm 3 client, set environment variable with command:
Before, to pull or push Helm charts to ACR, your local installation of helm has to establish an authenticated connection to ACR. In contrast to other Command-Line Interfaces, helm is not able to re-use the existing authentication token from Azure CLI. That said, you have to create a dedicated service principal with pull and push permissions (see section, Create a service principal) and assign the role AcrPush/AcrPull.
echo $spPassword | helm registry login mynavcontainer.azurecr.io \
> --username <Service principal ID> \
> --password < Service principal password>
Pull navigator container image using helm pull command.
helm chart pull mynavcontainer.azurecr.io/nasteltechnologiesinc1596218152202/helm/navigatorpro:latest
Export Helm Chart Once Pulled
Since we pulled the Helm chart as OCI artifact, we have to extract or export it for further usage. To export a chart, use helm chart export command as shown here:
# export helm chart
helm chart export mynavcontainer.azurecr.io/nasteltechnologiesinc1596218152202/helm/navigatorpro:latest --destination chart-export
Run your Helm chart
# navigate into the export folder of the chart that used as destination when exported
Install your application using your Helm chart using the helm install command.
# install helm chart
helm install navigator navigator
# verify release using Helm CLI
It takes a few minutes for the service to return a public IP address.
Check POD deployment status
Kubectl get pods
Monitor serviceprogress using the kubectl get service command with the --watch argument.
# Check services for external IP
Kubectl get service --watch
Navigate application load balancer in a browser using the <EXTERNAL-IP> to see the sample application.
Use the following:
Example: http://220.127.116.11:8080/navigator/ (Replace 18.104.22.168 with EXTERNAL-IP)