This walkthrough shows you how to use the Azure CLI 2.0 commands to create a Kubernetes cluster in Azure Container Service. Then, you can use the
kubectl command-line tool to start working with containers in the cluster.
The following image shows the architecture of a Container Service cluster with one master and two agents. The master serves the Kubernetes REST API. The agent nodes are grouped in an Azure availability set and run your containers. All VMs are in the same private virtual network and are fully accessible to each other.
This walkthrough assumes that you have installed and set up the Azure CLI 2.0.
The command examples assume that you run the Azure CLI in a bash shell, common on Linux and macOS. If you run the Azure CLI on a Windows client, some scripting and file syntax may differ, depending on your command shell.
Create your Kubernetes cluster
Here are brief shell commands that use the Azure CLI 2.0 to create your cluster.
Create a resource group
To create your cluster, you first need to create a resource group in a specific location. Run commands similar to the following:
RESOURCE_GROUP=my-resource-group LOCATION=westus az group create --name=$RESOURCE_GROUP --location=$LOCATION
Create a cluster
Once you have a resource group, you can create a cluster in that group. The following example uses the
--generate-ssh-keys option, which generates the necessary SSH public and private key files for the deployment if they don't exist already in the default
This command also automatically generates the Azure Active Directory service principal that a Kubernetes cluster in Azure uses.
DNS_PREFIX=some-unique-value CLUSTER_NAME=any-acs-cluster-name az acs create --orchestrator-type=kubernetes --resource-group $RESOURCE_GROUP --name=$CLUSTER_NAME --dns-prefix=$DNS_PREFIX --generate-ssh-keys
After several minutes, the command completes, and you should have a working Kubernetes cluster.
Connect to the cluster
To connect to the Kubernetes cluster from your client computer, you use
kubectl, the Kubernetes command-line client.
If you don't already have
kubectl installed, you can install it with:
sudo az acs kubernetes install-cli
By default, this command installs the
kubectl binary to
/usr/local/bin/kubectl on a Linux or macOS system, or to
C:\Program Files (x86)\kubectl.exe on Windows. To specify a different installation path, use the
kubectl is installed, ensure that its directory in your system path, or add it to the path.
Then, run the following command to download the master Kubernetes cluster configuration to the
az acs kubernetes get-credentials --resource-group=$RESOURCE_GROUP --name=$CLUSTER_NAME
For more options to install and configure
kubectl, see Connect to an Azure Container Service cluster.
At this point you should be ready to access your cluster from your machine. Try running:
kubectl get nodes
Verify that you can see a list of the machines in your cluster.
Create your first Kubernetes service
After completing this walkthrough, you will know how to:
- deploy a Docker application and expose it to the world
kubectl execto run commands in a container
- access the Kubernetes dashboard
Start a simple container
You can run a simple container (in this case the Nginx web server) by running:
kubectl run nginx --image nginx
This command starts the Nginx Docker container in a pod on one of the nodes.
To see the running container, run:
kubectl get pods
Expose the service to the world
To expose the service to the world, create a Kubernetes
Service of type
kubectl expose deployments nginx --port=80 --type=LoadBalancer
This command causes Kubernetes to create an Azure load balancer rule with a public IP address. The change takes a few minutes to propagate to the load balancer. For more information, see Load balance containers in a Kubernetes cluster in Azure Container Service.
Run the following command to watch the service change from
pending to display an external IP address:
watch 'kubectl get svc'
Once you see the external IP address, you can browse to it in your browser:
Browse the Kubernetes UI
To see the Kubernetes web interface, you can use:
This command runs a simple authenticated proxy on localhost, which you can use to view the Kubernetes web UI running on http://localhost:8001/ui. For more information, see Using the Kubernetes web UI with Azure Container Service.
Remote sessions inside your containers
Kubernetes allows you to run commands in a remote Docker container running in your cluster.
# Get the name of your nginx pods kubectl get pods
Using your pod name, you can run a remote command on your pod. For example:
kubectl exec <pod name> date
You can also get a fully interactive session using the
kubectl exec <pod name> -it bash
To do more with your Kubernetes cluster, see the following resources: