Skip to main content

Az-204 Docker to Container registry to AKS

 1. https://github.com/Azure-Samples/azure-voting-app-redis.git -- pull this code from github

 2.  it has a docker-compose file . So run docker-compose up -d

 3. Create a container registry. 

4. Tag the docker image to the container registry.

docker tag hello-world demoacr5416.azurecr.io/hello-world-demo:v1

hello-world: name of the image

demoacr5416.azurecr.io -- name of the ACR

hello-world-demo:v1 -- what we want to call it inside ACR


5. push  

https://pascalnaber.wordpress.com/2020/01/21/access-keyvault-from-azure-kubernetes-service-aks-with-an-asp-net-core-application-using-a-managed-identity/

VISUAL STUDIO APP TO DOCKER

1. Publish the app to a folder (publish).


FROM mcr.microsoft.com/dotnet/core/aspnet:3.1
WORKDIR /app
EXPOSE 80
EXPOSE 443
COPY ./publish .
ENTRYPOINT ["dotnet""ACRTOAKS.dll"]

copy the publish file into a folder called publish and paste the docker file. Then copy everything inside the docker container.

docker build -t myacrtoaks .

build the publish folder to an image. The . at the end is the location for the docker file. -t is the name of the image we build 

docker run -d -p 8080:80 --name myacrtoaks myacrtoaks //name of the image

where --name is the name of the container



PUSH TO ACR


















Create an ACR and in Access keys enable admin user.

1. Open CMD and az login
2. Login to Acr
az acr login --name=demoacranish.azurecr.io --username=demoacranish --password=xxxx

3. tag the image
docker tag myacrtoaks demoacranish.azurecr.io/demoacrtoaks:v2

4. Push to acr

docker push demoacranish.azurecr.io/demoacrtoaks:v2

5.  List everything
az acr repository list --name=demoacranish -o=table


6. az acr repository show-tags

7. Delete
az acr repository delete --name=demoacranish -t demoacrtoaks:v2

MULTIPROJECT FILE

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.

FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443

FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src
COPY ["AppServiceDemo/AppServiceDemo.csproj", "AppServiceDemo/"]
COPY ["BAL/*.csproj", "BAL/"]
COPY ["DAL/*.csproj", "DAL/"]
RUN dotnet restore "AppServiceDemo/AppServiceDemo.csproj"
COPY . .
WORKDIR "/src/AppServiceDemo"
RUN dotnet build "AppServiceDemo.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "AppServiceDemo.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "AppServiceDemo.dll"]


TO AKS

kubectl is like the azure cli. Used to work with kubernetes.

kubectl version --short  

az account set --subscription name or ID  -- select subscription

az group create --name=demorsaks -l centralus  -- create RG

az acr create --name=acrtoaksdemo -g demorsaks --sku=standard --create ACR

az acr login --name=acrtoaksdemo -- login to ACR

docker tag appservicedemo:v2 acrtoaksdemo.azurecr.io/appservicetoakscemo:v1 -- TAG with acr server name


Connect Kubectl with AKS

where kubernetesdemo is the name of an AKS cluster




Check if kubectl has connected

Kubectl get nodes  --this will return the number of nodes running in aks.


-- Run the yaml file


-- Get the running POD info

Kubectl get service  -- Get the services



Comments

Post a Comment

Popular posts from this blog

App Role assignment to service principal --

 Using Ms Graph Rest API's Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see  Permissions . Permission type Permissions (from least to most privileged) Delegated (work or school account) AppRoleAssignment.ReadWrite.All and Application.Read.All, AppRoleAssignment.ReadWrite.All and Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All Delegated (personal Microsoft account) Not supported. Application AppRoleAssignment.ReadWrite.All and Application.Read.All, AppRoleAssignment.ReadWrite.All and Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All Create 2 app registrations. App role owner will contain the app role that will be assigned to a service principal. The  reader role in approleowner will be added to the approlesubscriber Setup postman to use the Oauth auth flow to get a token for MS Graph. ClientId:   Application (client) ID for approlesubscrib...
Post a Comment
Read more

ASp.net core 3.1 identity

It is just an extension to cookie authentication. We get a UI, Tables, helper classes, two factor authentication etc. Even EF and its database constructs. So instead of writing code for all of this we can just use these in built features. Extending Default Identity Classes Add a class that inherits from    public class AppUser : IdentityUser     {         public string Behavior { get; set; }     } Also change the user type in login partial.cs under shared folder Then add migrations and update db using migrations. We can customize further.  services.AddDefaultIdentity<AppUser>(options =>              {                 options.SignIn.RequireConfirmedAccount = true;                 options.Password.RequireDigit = false;           ...
2 comments
Read more

Get user groups

 string[] scopes = new string[] { "https://graph.microsoft.com/.default" };             string clientId = "";             string tenantId = "";             string secret = "";                        var options = new TokenCredentialOptions             {                 AuthorityHost = AzureAuthorityHosts.AzurePublicCloud             };             // https://learn.microsoft.com/dotnet/api/azure.identity.clientsecretcredential             try             {                 var clientSecretCredential = new ClientSecretCredential(                        ...
Post a Comment
Read more