快速入门:使用 Azure CLI 部署 Azure Kubernetes 服务群集Quickstart: Deploy an Azure Kubernetes Service cluster using the Azure CLI

Azure Kubernetes 服务 (AKS) 是可用于快速部署和管理群集的托管式 Kubernetes 服务。Azure Kubernetes Service (AKS) is a managed Kubernetes service that lets you quickly deploy and manage clusters. 在本快速入门中,请执行以下操作:In this quickstart, you will:

  • 使用 Azure CLI 部署 AKS 群集。Deploy an AKS cluster using the Azure CLI.

  • 在该群集中运行一个包含 Web 前端和 Redis 实例的多容器应用程序。Run a multi-container application with a web front-end and a Redis instance in the cluster.

  • 监视运行应用程序的群集和 Pod 的运行状况。Monitor the health of the cluster and pods that run your application.

    Azure Kubernetes 服务中部署的投票应用

本快速入门假设读者基本了解 Kubernetes 的概念。This quickstart assumes a basic understanding of Kubernetes concepts. 有关详细信息,请参阅 Azure Kubernetes 服务 (AKS) 的 Kubernetes 核心概念For more information, see Kubernetes core concepts for Azure Kubernetes Service (AKS).

如果没有 Azure 试用版订阅,请在开始前创建一个试用版订阅If you don't have an Azure trail subscription, create a trial subscription before you begin.

若要详细了解如何创建 Windows Server 节点池,请参阅创建支持 Windows Server 容器的 AKS 群集To learn more about creating a Windows Server node pool, see Create an AKS cluster that supports Windows Server containers.

先决条件Prerequisites

  • 如果需要,请安装 Azure CLI 来运行 CLI 参考命令。If you prefer, install the Azure CLI to run CLI reference commands.

    • 如果使用的是本地安装,请使用 az login 命令登录到 Azure CLI。If you're using a local installation, sign in to the Azure CLI by using the az login command. 若要完成身份验证过程,请遵循终端中显示的步骤。To finish the authentication process, follow the steps displayed in your terminal. 有关其他登录选项,请参阅登录 Azure CLIFor additional sign-in options, see Sign in with the Azure CLI.

    • 出现提示时,请在首次使用时安装 Azure CLI 扩展。When you're prompted, install Azure CLI extensions on first use. 有关扩展详细信息,请参阅使用 Azure CLI 的扩展For more information about extensions, see Use extensions with the Azure CLI.

    • 运行 az version 以查找安装的版本和依赖库。Run az version to find the version and dependent libraries that are installed. 若要升级到最新版本,请运行 az upgradeTo upgrade to the latest version, run az upgrade.

  • 本文需要 2.0.64 或更高版本的 Azure CLI。This article requires version 2.0.64 or greater of the Azure CLI.

备注

如果你打算在本地运行本快速入门中的命令,请以管理员身份运行命令。Run the commands as administrator if you plan to run the commands in this quickstart locally.

备注

请先运行 az cloud set -n AzureChinaCloud 更改云环境,然后才能在 Azure 中国中使用 Azure CLI。Before you can use Azure CLI in Azure China , please run az cloud set -n AzureChinaCloud first to change the cloud environment. 若要切换回 Azure 公有云,请再次运行 az cloud set -n AzureCloudIf you want to switch back to Azure Public Cloud, run az cloud set -n AzureCloud again.

创建资源组Create a resource group

Azure 资源组是用于部署和管理 Azure 资源的逻辑组。An Azure resource group is a logical group in which Azure resources are deployed and managed. 创建资源组时,系统会提示你指定一个位置。When you create a resource group, you will be prompted to specify a location. 此位置是:This location is:

  • 资源组元数据的存储位置。The storage location of your resource group metadata.
  • 在创建资源期间未指定另一个区域时,资源在 Azure 中的运行位置。Where your resources will run in Azure if you don't specify another region during resource creation.

以下示例在“chinaeast2”位置创建名为“myResourceGroup”的资源组。The following example creates a resource group named myResourceGroup in the chinaeast2 location.

使用 az group create 命令创建资源组。Create a resource group using the az group create command.

az group create --name myResourceGroup --location chinaeast2

成功创建的资源组的输出:Output for successfully created resource group:

{
  "id": "/subscriptions/<guid>/resourceGroups/myResourceGroup",
  "location": "chinaeast2",
  "managedBy": null,
  "name": "myResourceGroup",
  "properties": {
    "provisioningState": "Succeeded"
  },
  "tags": null
}

启用群集监视Enable cluster monitoring

  1. 验证是否已在订阅中注册 Microsoft.OperationsManagementMicrosoft.OperationalInsightsVerify Microsoft.OperationsManagement and Microsoft.OperationalInsights are registered on your subscription. 若要检查注册状态,请使用以下命令:To check the registration status:

    az provider show -n Microsoft.OperationsManagement -o table
    az provider show -n Microsoft.OperationalInsights -o table
    

    如果未注册,请使用以下命令注册 Microsoft.OperationsManagementMicrosoft.OperationalInsightsIf they are not registered, register Microsoft.OperationsManagement and Microsoft.OperationalInsights using:

    az provider register --namespace Microsoft.OperationsManagement
    az provider register --namespace Microsoft.OperationalInsights
    
  2. 使用 --enable-addons monitoring 参数启用 用于容器的 Azure MonitorEnable Azure Monitor for containers using the --enable-addons monitoring parameter.

创建 AKS 群集Create AKS cluster

使用 az aks create 命令创建 AKS 群集。Create an AKS cluster using the az aks create command. 以下示例创建包含一个节点的名为 myAKSCluster 的群集。The following example creates a cluster named myAKSCluster with one node:

az aks create --resource-group myResourceGroup --name myAKSCluster --node-count 1 --enable-addons monitoring --generate-ssh-keys

片刻之后,该命令将会完成,并返回有关群集的 JSON 格式信息。After a few minutes, the command completes and returns JSON-formatted information about the cluster.

备注

创建 AKS 群集时,会自动创建另一个资源组来存储 AKS 资源。When you create an AKS cluster, a second resource group is automatically created to store the AKS resources. 有关详细信息,请参阅为什么使用 AKS 创建两个资源组?For more information, see Why are two resource groups created with AKS?

连接到群集Connect to the cluster

若要管理 Kubernetes 群集,请使用 Kubernetes 命令行客户端 kubectlTo manage a Kubernetes cluster, use the Kubernetes command-line client, kubectl.

  1. 在本地使用 az aks install-cli 命令安装 kubectlInstall kubectl locally using the az aks install-cli command:

    az aks install-cli
    
  2. 使用 az aks get-credentials 命令将 kubectl 配置为连接到你的 Kubernetes 群集。Configure kubectl to connect to your Kubernetes cluster using the az aks get-credentials command. 以下命令:The following command:

    • 下载凭据,并将 Kubernetes CLI 配置为使用这些凭据。Downloads credentials and configures the Kubernetes CLI to use them.
    • 使用 ~/.kube/config,即 Kubernetes 配置文件的默认位置。Uses ~/.kube/config, the default location for the Kubernetes configuration file. 使用 --file 指定 Kubernetes 配置文件的其他位置。Specify a different location for your Kubernetes configuration file using --file.
    az aks get-credentials --resource-group myResourceGroup --name myAKSCluster
    
  3. 使用 kubectl get 命令验证与群集之间的连接。Verify the connection to your cluster using the kubectl get command. 此命令将返回群集节点的列表。This command returns a list of the cluster nodes.

    kubectl get nodes
    

    输出显示在上一步骤中创建的单个节点。Output shows the single node created in the previous steps. 确保节点状态为 ReadyMake sure the node status is Ready:

    NAME                       STATUS   ROLES   AGE     VERSION
    aks-nodepool1-31718369-0   Ready    agent   6m44s   v1.12.8
    

运行应用程序Run the application

Kubernetes 清单文件定义群集的所需状态,例如,要运行哪些容器映像。A Kubernetes manifest file defines a cluster's desired state, such as which container images to run.

在本快速入门中,你将使用清单来创建运行 Azure Vote 应用程序所需的所有对象。In this quickstart, you will use a manifest to create all objects needed to run the Azure Vote application. 此清单包含两个 Kubernetes 部署This manifest includes two Kubernetes deployments:

  • 示例 Azure Vote Python 应用程序。The sample Azure Vote Python applications.
  • 一个 Redis 实例。A Redis instance.

此外,还会创建两个 Kubernetes 服务Two Kubernetes Services are also created:

  • Redis 实例的内部服务。An internal service for the Redis instance.
  • 用于通过 Internet 访问 Azure Vote 应用程序的外部服务。An external service to access the Azure Vote application from the internet.
  1. 创建名为 azure-vote.yaml 的文件。Create a file named azure-vote.yaml.

  2. 复制以下 YAML 定义:Copy in the following YAML definition:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: azure-vote-back
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: azure-vote-back
      template:
        metadata:
          labels:
            app: azure-vote-back
        spec:
          nodeSelector:
            "beta.kubernetes.io/os": linux
          containers:
          - name: azure-vote-back
            image: mcr.microsoft.com/oss/bitnami/redis:6.0.8
            env:
            - name: ALLOW_EMPTY_PASSWORD
              value: "yes"
            resources:
              requests:
                cpu: 100m
                memory: 128Mi
              limits:
                cpu: 250m
                memory: 256Mi
            ports:
            - containerPort: 6379
              name: redis
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: azure-vote-back
    spec:
      ports:
      - port: 6379
      selector:
        app: azure-vote-back
    ---
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: azure-vote-front
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: azure-vote-front
      template:
        metadata:
          labels:
            app: azure-vote-front
        spec:
          nodeSelector:
            "beta.kubernetes.io/os": linux
          containers:
          - name: azure-vote-front
            image: mcr.microsoft.com/azuredocs/azure-vote-front:v1
            resources:
              requests:
                cpu: 100m
                memory: 128Mi
              limits:
                cpu: 250m
                memory: 256Mi
            ports:
            - containerPort: 80
            env:
            - name: REDIS
              value: "azure-vote-back"
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: azure-vote-front
    spec:
      type: LoadBalancer
      ports:
      - port: 80
      selector:
        app: azure-vote-front
    
  3. 使用 kubectl apply 命令部署应用程序,并指定 YAML 清单的名称:Deploy the application using the kubectl apply command and specify the name of your YAML manifest:

    kubectl apply -f azure-vote.yaml
    

    输出显示已成功创建的部署和服务:Output shows the successfully created deployments and services:

    deployment "azure-vote-back" created
    service "azure-vote-back" created
    deployment "azure-vote-front" created
    service "azure-vote-front" created
    

测试应用程序Test the application

应用程序运行时,Kubernetes 服务将向 Internet 公开应用程序前端。When the application runs, a Kubernetes service exposes the application front end to the internet. 此过程可能需要几分钟才能完成。This process can take a few minutes to complete.

使用带有 --watch 参数的 kubectl get service 命令来监视进度。Monitor progress using the kubectl get service command with the --watch argument.

kubectl get service azure-vote-front --watch

azure-vote-front 服务的 EXTERNAL-IP 输出最初显示为 pendingThe EXTERNAL-IP output for the azure-vote-front service will initially show as pending.

NAME               TYPE           CLUSTER-IP   EXTERNAL-IP   PORT(S)        AGE
azure-vote-front   LoadBalancer   10.0.37.27   <pending>     80:30572/TCP   6s

EXTERNAL-IP 地址从 pending 更改为实际公共 IP 地址后,请使用 CTRL-C 来停止 kubectl 监视进程。Once the EXTERNAL-IP address changes from pending to an actual public IP address, use CTRL-C to stop the kubectl watch process. 以下示例输出显示向服务分配了有效的公共 IP 地址:The following example output shows a valid public IP address assigned to the service:

azure-vote-front   LoadBalancer   10.0.37.27   52.179.23.131   80:30572/TCP   2m

若要查看 Azure Vote 应用的实际效果,请打开 Web 浏览器并转到服务的外部 IP 地址。To see the Azure Vote app in action, open a web browser to the external IP address of your service.

Azure Kubernetes 服务中部署的投票应用

在 Azure 门户中查看用于容器的 Azure Monitor 捕获的群集节点和 Pod 运行状况指标。View the cluster nodes' and pods' health metrics captured by Azure Monitor for containers in the Azure portal.

删除群集Delete the cluster

为了避免产生 Azure 费用,请清理不需要的资源。To avoid Azure charges, clean up your unnecessary resources. 可以使用 az group delete 命令删除资源组、容器服务及所有相关资源。Use the az group delete command to remove the resource group, container service, and all related resources.

az group delete --name myResourceGroup --yes --no-wait

备注

删除群集时,AKS 群集使用的 Azure Active Directory 服务主体不会被删除。When you delete the cluster, the Azure Active Directory service principal used by the AKS cluster is not removed. 有关如何删除服务主体的步骤,请参阅 AKS 服务主体的注意事项和删除For steps on how to remove the service principal, see AKS service principal considerations and deletion.

如果你使用了托管标识,则该标识由平台托管,不需要删除。If you used a managed identity, the identity is managed by the platform and does not require removal.

获取代码Get the code

本快速入门使用现有的容器映像创建了 Kubernetes 部署。Pre-existing container images were used in this quickstart to create a Kubernetes deployment. GitHub 上提供了相关的应用程序代码、Dockerfile 和 Kubernetes 清单文件。The related application code, Dockerfile, and Kubernetes manifest file are available on GitHub.

后续步骤Next steps

在本快速入门中,你部署了一个 Kubernetes 群集,然后在其中部署了多容器应用程序。In this quickstart, you deployed a Kubernetes cluster and then deployed a multi-container application to it. 访问 AKS 群集的 Kubernetes Web 仪表板Access the Kubernetes web dashboard for your AKS cluster.

若要详细了解 AKS 并演练部署示例的完整代码,请继续阅读“Kubernetes 群集”教程。To learn more about AKS, and walk through a complete code to deployment example, continue to the Kubernetes cluster tutorial.