Get started with a Kubernetes cluster in Container Service

The instructions in this article show how to use the Azure CLI 2.0 commands to create a Kubernetes cluster. Then you can use the kubectl command-line tool to start working with containers in the cluster.

The following image shows the architecture of a container service cluster with one master and two agents. The master serves the Kubernetes REST API. The agent nodes are grouped in an Azure availability set and run your containers. All VMs are in the same private virtual network and are fully accessible to each other.

Image of Kubernetes cluster on Azure


This walkthrough assumes that you have installed and set up the Azure CLI v. 2.0. You also must have an SSH RSA public key at ~/.ssh/ If you don't have one, see the steps for OS X and Linux or Windows.

Create your Kubernetes cluster

Here are brief shell commands using the Azure CLI 2.0 to create your cluster. For more information, see Use the Azure CLI 2.0 to create an Azure Container Service cluster.

Create a resource group

To create your cluster, you first need to create a resource group in a specific location. Run commands similar to the following:

az group create --name=$RESOURCE_GROUP --location=$LOCATION

Create a cluster

Once you have a resource group, you can create a cluster in that group:

az acs create --orchestrator-type=kubernetes --resource-group $RESOURCE_GROUP --name=$CLUSTER_NAME --dns-prefix=$DNS_PREFIX

During deployment, the CLI uploads ~/.ssh/ to the Linux VMs.

Once that command is complete, you should have a working Kubernetes cluster.

Connect to the cluster

Following are Azure CLI commands to connect to the Kubernetes cluster from your client computer by using kubectl, the Kubernetes command-line client. For more information, see Connect to an Azure Container Service cluster.

If you don't already have kubectl installed, you can install it with:

az acs kubernetes install-cli

Once kubectl is installed, run the following command to download the master Kubernetes cluster configuration to the ~/.kube/config file:

az acs kubernetes get-credentials --resource-group=$RESOURCE_GROUP --name=$CLUSTER_NAME

At this point you should be ready to access your cluster from your machine. Try running:

kubectl get nodes

Verify that you can see a list of the machines in your cluster.

Create your first Kubernetes service

After completing this walkthrough, you will know how to:

  • deploy a Docker application and expose it to the world
  • use kubectl exec to run commands in a container
  • access the Kubernetes dashboard

Start a simple container

You can run a simple container (in this case the Nginx web server) by running:

kubectl run nginx --image nginx

This command starts the Nginx Docker container in a pod on one of the nodes.

To see the running container, run:

kubectl get pods

Expose the service to the world

To expose the service to the world, create a Kubernetes Service of type LoadBalancer:

kubectl expose deployments nginx --port=80 --type=LoadBalancer

This causes Kubernetes to create an Azure load balancer rule with a public IP address. The change takes a few minutes to propagate to the load balancer. For more information, see Load balance containers in a Kubernetes cluster in Azure Container Service.

Run the following command to watch the service change from pending to display an external IP address:

watch 'kubectl get svc'

Image of watching the transition from pending to external IP address

Once you see the external IP address, you can browse to it in your browser:

Image of browsing to Nginx

Browse the Kubernetes UI

To see the Kubernetes web interface, you can use:

kubectl proxy

This runs a simple authenticated proxy on localhost, which you can use to view the Kubernetes web UI running on http://localhost:8001/ui. For more information, see Using the Kubernetes web UI with Azure Container Service.

Image of Kubernetes dashboard

Remote sessions inside your containers

Kubernetes allows you to run commands in a remote Docker container running in your cluster.

# Get the name of your nginx pods
kubectl get pods

Using your pod name, you can run a remote command on your pod. For example:

kubectl exec <pod name> date

You can also get a fully interactive session using the -it flags:

kubectl exec <pod name> -it bash

Remote session inside a container

Next steps

To do more with your Kubernetes cluster, see the following resources: