Creating Alibaba Cloud Kubernetes Service (ACK) Using Azure DevOps and Terraform

In this blog post, we’ll walk through the process of setting up an Alibaba Cloud Kubernetes Service (ACK) using Azure DevOps and Terraform. We’ll cover the essential Terraform configuration files: providers.tf, main.tf, variables.tf, output.tf, and Kubernetes manifests: deployment.yaml and services.yaml. Additionally, we’ll discuss how to integrate Azure DevOps with Alibaba Cloud.

Prerequisites

  • Alibaba Cloud account with necessary permissions to manage ACK.
  • Azure DevOps account.
  • Terraform installed on your local machine.
  • Alibaba Cloud CLI installed and configured on your local machine.

Step 1: Setting Up Terraform Configuration Files

providers.tf

This file specifies the providers required for Terraform to interact with Alibaba Cloud.

provider "alicloud" {
  region = var.alicloud_region
}

variables.tf

Define the variables used in the Terraform configuration.

variable "alicloud_region" {
  description = "The Alibaba Cloud region to deploy resources"
  default     = "cn-hangzhou"
}

variable "cluster_name" {
  description = "The name of the ACK cluster"
  default     = "my-ack-cluster"
}

variable "node_instance_type" {
  description = "ECS instance type for the nodes"
  default     = "ecs.c6.large"
}

variable "node_count" {
  description = "Number of worker nodes"
  default     = 3
}

main.tf

This file contains the main configuration for creating the ACK cluster and node group.

resource "alicloud_cs_kubernetes" "ack_cluster" {
  name     = var.cluster_name
  region_id = var.alicloud_region
  instance_type = var.node_instance_type
  worker_instance_types = [var.node_instance_type]
  worker_number = var.node_count
  vswitch_ids = [alicloud_vswitch.main.id]
  new_nat_gateway = true
  install_cloud_monitor = true
}

resource "alicloud_vswitch" "main" {
  vpc_id = alicloud_vpc.main.id
  cidr_block = "172.16.0.0/24"
  availability_zone = "cn-hangzhou-b"
}

resource "alicloud_vpc" "main" {
  cidr_block = "172.16.0.0/16"
}

output.tf

Output the necessary information after the resources are created.

output "cluster_name" {
  value = alicloud_cs_kubernetes.ack_cluster.name
}

output "cluster_id" {
  value = alicloud_cs_kubernetes.ack_cluster.id
}

output "cluster_endpoint" {
  value = alicloud_cs_kubernetes.ack_cluster.api_server_internet
}

Step 2: Kubernetes Manifests

deployment.yaml

Define the deployment for your application.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-app
        image: my-app-image:latest
        ports:
        - containerPort: 80

services.yaml

Define the service to expose your application.

apiVersion: v1
kind: Service
metadata:
  name: my-app-service
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 80
  selector:
    app: my-app

Step 3: Integrating Azure DevOps with Alibaba Cloud

  • Create an Access Key in Alibaba Cloud:
    • Log in to the Alibaba Cloud Console.
    • Navigate to the RAM (Resource Access Management) Console.
    • Create a new RAM user with programmatic access.
    • Attach the necessary policies to the RAM user (e.g., AliyunCSFullAccess for full access to ACK).
    • Generate an Access Key ID and Secret Access Key for the RAM user.
    • Save the Access Key ID and Secret Access Key securely.
  • Create a Service Connection in Azure DevOps:
    • Navigate to your Azure DevOps project.
    • Go to Project Settings > Service connections.
    • Click on “New service connection” and select “Generic”.
    • Fill in the details:
      • Connection name: A descriptive name for your service connection.
      • Server URL: https://cs.aliyuncs.com (ACK API endpoint).
      • Username: Your Alibaba Cloud Access Key ID.
      • Password/Token: Your Alibaba Cloud Secret Access Key.
    • Verify the connection and save it.

Step 4: Setting Up Azure DevOps Pipeline

  • Create a new pipeline in Azure DevOps.
  • Connect your repository containing the Terraform and Kubernetes configuration files.
  • Add tasks to the pipeline to:
    • Install Terraform.
    • Initialize Terraform.
    • Apply Terraform configuration.
    • Deploy Kubernetes manifests using kubectl.

Here’s an example of a simple Azure DevOps pipeline YAML:

trigger:
- main

pool:
  vmImage: 'ubuntu-latest'

steps:
- task: TerraformInstaller@0
  inputs:
    terraformVersion: '1.0.0'

- script: |
    terraform init
    terraform apply -auto-approve
  displayName: 'Run Terraform'

- task: Kubernetes@1
  inputs:
    connectionType: 'Kubernetes Service Connection'
    kubernetesServiceEndpoint: '<your-k8s-service-connection>'
    namespace: 'default'
    command: 'apply'
    useConfigurationFile: true
    configuration: '$(Pipeline.Workspace)/manifests/deployment.yaml'
    arguments: '-f $(Pipeline.Workspace)/manifests/services.yaml'

Conclusion

By following these steps, you can set up an Alibaba Cloud ACK cluster using Terraform and deploy your application using Azure DevOps. This approach ensures a consistent and repeatable process for managing your Kubernetes infrastructure and deployments.

Feel free to customize the configurations and pipeline according to your specific requirements. Happy deploying! 

If you have any questions or need further assistance, let me know!

Comments

Post a Comment

Comments are always welcome, that will help us to motivate ourselves and improve our services. Thanks!!

Popular posts from this blog

How to update build number in Azure DevOps pipeline?

Azure DevOps Pipelines are an essential part of any software development process . They allow you to build, test, and deploy your application automatically, providing you with a continuous integration and deployment (CI/CD) solution that ensures your code is always up-to-date and ready to be shipped. One crucial element of any build process is the build number. This number uniquely identifies each build, making it easy to track changes and ensure that you're always using the latest version of your software. In this blog post, we'll take a look at the command to update the build number on an Azure DevOps Pipeline. What is the Build Number? The build number is a unique identifier for each build that's created in your pipeline. It's typically a combination of the pipeline name and a unique number that increments with each build. The build number is essential for tracking changes and ensuring that you're always using the latest version of your software. Why Update the B...
Read more

How to get latest build ID from Azure DevOps pipeline?

Azure Pipelines is a cloud-based service that allows you to continuously build, test, and deploy your applications . It provides a wide range of features to support continuous integration and continuous delivery (CI/CD) workflows. One of the essential features of Azure Pipelines is the ability to retrieve the latest build ID programmatically. In this blog post, we will explore how to get the latest build ID from an Azure Pipeline. Firstly, let's understand what a build ID is. A build ID is a unique identifier assigned to each build in Azure Pipelines . It is used to track the status and progress of a particular build. The build ID is generated automatically and is incremented for each new build. It is essential to know the latest build ID to retrieve the artifacts produced by the build or to trigger the next build in the pipeline. Now let's dive into the steps to get the latest build ID from an Azure Pipeline programmatically: Step 1: Create a Personal Access Token (PAT) To ret...
Read more

How to install AWS System Manager (SSM) Agent on windows using PowerShell?

Image
Welcome to itscloudhub!! In the previous post, we were looked how to install AWS SSM Agent on Linux Distribution. In this blog post, we will discuss how to install AWS SSM Agent on Windows machine. https://www.itscloudhub.com/2022/03/how-to-install-aws-system-manager-ssm.html AWS Systems Manager Agent (SSM Agent) is preinstalled, by default, on the following Amazon Machine Images (AMIs): 1. Windows Server 2008-2012 R2 AMIs published in November 2016 or later 2. Windows Server 2016, 2019, and 2022 If your managed instance is a Windows Server 2008-2012 R2 instance created before November 2016, then EC2Config processes Systems Manager requests on your instance. We recommend that you upgrade your existing instances to use the latest version of EC2Config . By using the latest EC2Config installer, you install SSM Agent side-by-side with EC2Config. This side-by-side version of SSM Agent is compatible with your instances created from earlier Windows Server AMIs and allows you to use SSM fe...
Read more