Azure Hands-On - Scaling Apps, AutoScaling Cluster, HPA, and Config Network Policies on AKS
Azure Learning Path for Cloud and DevOps Engineers
Table of contents
- 📝Introduction
- 📝Log in to the Azure Management Console
- 📝Prerequisites:
- 📝Setting an Azure Storage Account to Load Bash or PowerShell
- 📝Set up your Azure AKS environment
- 📝Create a Resource Group
- 📝Create an Azure Container Registry (ACR)
- 📝 Build and Push Docker Image to ACR
- 📝Create an AKS Cluster
- 📝 Connect to AKS Cluster
- 📝Deploy the Application to AKS
- 📝Scale the App Deployment
- 📝View Logs from the PODs
- 📝Configuring Autoscaling
- 📝Configuring Network Policies
📝Introduction
In this hands-on lab, we walked through setting the Scaling of the App deployment, enabling an AutoScaler on the Cluster, enabling HPA(Horizontal Pod AutoScaler), and configuring Network Policies on Azure AKS.
📝Log in to the Azure Management Console
Using your credentials, make sure you're using the right Region. In my case, I am using the region France Central
in my Cloud Playground Sandbox.
📌Note: You can also use the VSCode tool or from your local Terminal to connect to Azure CLI
More information on how to set it up is at the link.
📝Prerequisites:
Update to PowerShell 5.1, if needed.
Install .NET Framework 4.7.2 or later.
Visual Code
Web Browser (Chrome, Edge)
Azure CLI installed
Azure subscription
Docker installed
📝Setting an Azure Storage Account to Load Bash or PowerShell
- Click the Cloud Shell icon
(>_)
at the top of the page.
- Click PowerShell.
- Click Show Advanced Settings. Use the combo box under Cloud Shell region to select the Region. Under Resource Group and Storage account(It's a globally unique name), enter a name for both. In the box under File Share, enter a name. Click ***Create storage (***if you don't have any yet).
📝Set up your Azure AKS environment
Login to Azure:
az login
Set the subscription (if you have multiple):
az account set subscription <your-subscription-id>
📝Create a Resource Group
az group create --resource-group <nameResourceGroup> --location <region>
📝Create an Azure Container Registry (ACR)
az acr create --resource-group <nameResourceGroup> --name <nameContainerRegistry>
📝 Build and Push Docker Image to ACR
Login to ACR:
az acr login --name <nameContainerRegistry>
Create a Dockerfile
Create an
Dockerfile
in-your-project directory. Here’s an exampleDockerfile
for a simple Nginx HTML webpage:FROM nginx:alpine COPY index.html /usr/share/nginx/html
Build Docker image:
docker build -t <nameapp>:v1 .
- Tag the Docker image:
docker tag <nameapp>:v1 <nameContainerRegistry>.azurecr.io/<nameapp>:v1
Push the Docker image to ACR:
docker push <nameContainerRegistry>.azurecr.io/<nameapp>:v1
📝Create an AKS Cluster
az aks create --resource-group <nameResourceGroup> --name <nameAKSCluster> --node-count 2 --generate-ssh-keys --vm-set-type VirtualMachineScaleSets --node-vm-size Standard_B2s_v2 --attach-acr <nameContainerRegistry>
📝 Connect to AKS Cluster
Use the Azure Cloud Shell to check your AKS Cluster resources, by following the steps below:
Go to Azure Dashboard, and click on the Resource Group created for this Lab, looking for your AKS Cluster resource.
On the Overview tab, click on Connect to your AKS Cluster.
A new window will be opened, so you only need to open the Azure CLI and run the following commands.
After that, you can run some Kubectl commands to check the default AKS Cluster resources.
📝Deploy the Application to AKS
Create a Kubernetes deployment yaml file (
deployment.yaml
):apiVersion: apps/v1 kind: Deployment metadata: name: <nameapp> spec: replicas: 2 selector: matchLabels: app: <nameapp> template: metadata: labels: app: <nameapp> spec: containers: - name: <nameapp> image: <nameContainerRegistry>.azurecr.io/<nameapp>:v1 ports: - containerPort: 8080 --- apiVersion: v1 kind: Service metadata: name: <nameapp> spec: type: LoadBalancer ports: - port: 80 targetPort: 8080 selector: app: <nameapp>
Apply the deployment and create a namespace to separate the resources:
kubectl apply -f deployment.yaml --namespace <name_namespace>
Checking the resources created and running into the AKS Cluster:
kubectl get pods --namespace <name_namespace> kubectl get svc --namespace <name_namespace> kubectl get deployment --namespace <name_namespace> kubectl describe pod <namepod> --namespace <name_namespace>
Check if you can access your App via your browser.
📝Scale the App Deployment
We will Scale the App previously deployed in 2 replicas to 4 replicas.
kubectl scale deployment <nameapp> --replicas=4 --namespace <name_namespace>
Check the new resources scaling:
📝View Logs from the PODs
View the logs of a specific pod.
kubectl logs <namepod> --namespace <name_namespace>
📝Configuring Autoscaling
Enable Cluster Autoscaler
Enable the cluster AutoScaler option for the AKS cluster.
az aks update --resource-group <namerg> --name <nameAKSCluster> --enable-cluster-autoscaler --min-count 1 --max-count 4
nable Horizontal Pod Autoscaler
Apply a Horizontal Pod Autoscaler(HPA) to the App deployment
Create a hpa.yaml
file.
kubectl apply -f hpa.yaml
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: <nameapp>
namespace: <nameapp>
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: <nameapp>
minReplicas: 1
maxReplicas: 6
targetCPUUtilizationPercentage: 50
📝Configuring Network Policies
Create a Network Policy
Define a network policy to restrict traffic to the App .pods.
Create a network-policy.yaml
file.
kubectl apply -f network-policy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: <name>-network-policy
namespace: <nameapp>
spec:
podSelector:
matchLabels:
app: <nameapp>
policyTypes:
- Ingress
- Egress
ingress:
- from:
- podSelector:
matchLabels:
app: <nameapp>
ports:
- protocol: TCP
port: 80
egress:
- to:
- podSelector:
matchLabels:
app: <nameapp>
ports:
- protocol: TCP
port: 80
📌Note - At the end of each hands-on Lab, always clean up all resources previously created to avoid being charged.
Congratulations — you have completed this hands-on lab covering the basics of setting the Scaling of the App deployment, enabling an AutoScaler on the Cluster, enabling HPA(Horizontal Pod AutoScaler), and configuring Network Policies on Azure AKS.
Thank you for reading. I hope you understood and learned something helpful from my blog.
Please follow me on Cloud&DevOpsLearn and LinkedIn, franciscojblsouza