教學課程:部署 Azure Kubernetes Service (AKS) 叢集Tutorial: Deploy an Azure Kubernetes Service (AKS) cluster

Kubernetes 會提供容器化應用程式的分散式平台。Kubernetes provides a distributed platform for containerized applications. 透過 AKS,您可以快速地建立生產環境就緒的 Kubernetes 叢集。With AKS, you can quickly create a production ready Kubernetes cluster. 在本教學課程 (3/7 部分) 中,將 Kubernetes 叢集部署在 AKS 中。In this tutorial, part three of seven, a Kubernetes cluster is deployed in AKS. 您會了解如何:You learn how to:

  • 部署可向 Azure 容器登錄進行驗證的 Kubernetes AKS 叢集Deploy a Kubernetes AKS cluster that can authenticate to an Azure container registry
  • 安裝 Kubernetes CLI (kubectl)Install the Kubernetes CLI (kubectl)
  • 設定 kubectl 以連線至您的 AKS 叢集Configure kubectl to connect to your AKS cluster

在其他教學課程中,Azure Vote 應用程式會部署至叢集、進行調整並加以更新。In additional tutorials, the Azure Vote application is deployed to the cluster, scaled, and updated.

開始之前Before you begin

在先前的教學課程中,已建立容器映像並上傳到 Azure Container Registry 執行個體。In previous tutorials, a container image was created and uploaded to an Azure Container Registry instance. 如果您尚未完成這些步驟,而且想要跟著做,請從教學課程 1 – 建立容器映像開始。If you haven't done these steps, and would like to follow along, start at Tutorial 1 – Create container images.

在本教學課程中,您必須執行 Azure CLI 2.0.75 版或更新版本。This tutorial requires that you're running the Azure CLI version 2.0.75 or later. 執行 az --version 以尋找版本。Run az --version to find the version. 如果您需要安裝或升級,請參閱安裝 Azure CLIIf you need to install or upgrade, see Install Azure CLI.

建立 Kubernetes 叢集Create a Kubernetes cluster

AKS 叢集可使用 Kubernetes 角色型存取控制 (RBAC)。AKS clusters can use Kubernetes role-based access controls (RBAC). 這些控制可讓您根據指派給使用者的角色,來定義資源的存取權。These controls let you define access to resources based on roles assigned to users. 如果為使用者指派了多個角色,即會合併權限,而且可將權限的範圍設定為單一命名空間或整個叢集。Permissions are combined if a user is assigned multiple roles, and permissions can be scoped to either a single namespace or across the whole cluster. 根據預設,Azure CLI 會在您建立 AKS 叢集時自動啟用 RBAC。By default, the Azure CLI automatically enables RBAC when you create an AKS cluster.

使用 az aks create 建立 AKS 叢集。Create an AKS cluster using az aks create. 下列範例會在名為 myResourceGroup 的資源群組中建立名為 myAKSCluster 的叢集。The following example creates a cluster named myAKSCluster in the resource group named myResourceGroup. 我們已在先前的教學課程中建立此資源群組。This resource group was created in the previous tutorial. 為了允許 AKS 叢集與其他 Azure 資源互動,系統會自動建立 Azure Active Directory 服務主體,因為您未指定服務主體。To allow an AKS cluster to interact with other Azure resources, an Azure Active Directory service principal is automatically created, since you did not specify one. 在這裡,此服務主體已獲得提取映像的權限,可從先前教學課程中建立的 Azure Container Registry (ACR) 執行個體中提取映像。Here, this service principal is granted the right to pull images from the Azure Container Registry (ACR) instance you created in the previous tutorial.

az aks create \
    --resource-group myResourceGroup \
    --name myAKSCluster \
    --node-count 2 \
    --generate-ssh-keys \
    --attach-acr <acrName>

部署會在數分鐘之後完成,並以 JSON 格式傳回 AKS 部署的相關資訊。After a few minutes, the deployment completes, and returns JSON-formatted information about the AKS deployment.

注意

若要確保叢集能夠可靠地運作,您應該執行至少 2 個 (兩個) 節點。To ensure your cluster to operate reliably, you should run at least 2 (two) nodes.

安裝 Kubernetes CLIInstall the Kubernetes CLI

若要從本機電腦連線至 Kubernetes 叢集,您應使用 kubectl (Kubernetes 命令列用戶端)。To connect to the Kubernetes cluster from your local computer, you use kubectl, the Kubernetes command-line client.

如果您使用 Azure Cloud Shell,則 kubectl 已安裝。If you use the Azure Cloud Shell, kubectl is already installed. 您也可以使用 az aks install-cli 命令將其安裝於本機:You can also install it locally using the az aks install-cli command:

az aks install-cli

使用 kubectl 連線至叢集Connect to cluster using kubectl

若要設定 kubectl 以連線到 Kubernetes 叢集,請使用 az aks get-credentials 命令。To configure kubectl to connect to your Kubernetes cluster, use the az aks get-credentials command. 下列範例會針對 myResourceGroup 中名為 myAKSCluster 的 AKS 叢集取得認證:The following example gets credentials for the AKS cluster named myAKSCluster in the myResourceGroup:

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

若要確認與叢集的連線,請執行 kubectl get nodes 命令:To verify the connection to your cluster, run the kubectl get nodes command:

$ kubectl get nodes

NAME                       STATUS   ROLES   AGE   VERSION
aks-nodepool1-12345678-0   Ready    agent   32m   v1.13.10

後續步驟Next steps

在本教學課程中,Kubernetes 叢集已部署在 AKS 中,且您已設定 kubectl 加以連線。In this tutorial, a Kubernetes cluster was deployed in AKS, and you configured kubectl to connect to it. 您已了解如何︰You learned how to:

  • 部署可向 Azure 容器登錄進行驗證的 Kubernetes AKS 叢集Deploy a Kubernetes AKS cluster that can authenticate to an Azure container registry
  • 安裝 Kubernetes CLI (kubectl)Install the Kubernetes CLI (kubectl)
  • 設定 kubectl 以連線至您的 AKS 叢集Configure kubectl to connect to your AKS cluster

繼續進行下一個教學課程,以了解如何將應用程式部署至叢集。Advance to the next tutorial to learn how to deploy an application to the cluster.